back to article Google will delete data collected from 'private' browsing

In hopes of settling a lawsuit challenging its data collection practices, Google has agreed to destroy web browsing data it collected from users browsing in Chrome's private modes – which weren't as private as you might have thought. The lawsuit [PDF], filed in June, 2020, on behalf of plaintiffs Chasom Brown, Maria Nguyen, …

  1. Sora2566 Silver badge

    ...but they don't have to delete the data of Firefox users who might have been using Private Mode?

    1. Snake Silver badge

      Why would they need to? The data collection in question was enabled at the browser side (Chrome) and Firefox isn't Chromium-based at all. If Moziila is guilty of the same tricks as Google then that's a completely different lawsuit.

      But Google. Continuing to track you even if you ask them not to. Colour me surprised! Next thing you know we'll have honest politicians and THEN what will the world come to??!

      1. Sora2566 Silver badge

        The article mentioned they had to delete the data of Safari, Edge and even IE users - but not Firefox users???

        1. Zippy´s Sausage Factory

          Firefox users clearly weren't included in the complaint and would have to file separately. Unless, of course, Firefox includes more robust protection that would have prevented Google collecting the information in the first place - somebody with more knowledge of Firefox's security provisions than I possess would be able to answer that.

  2. Yes Me
    Happy

    Wroogle?

    Google are good at legal wriggling.

    The fact is, all your data belong Google.

  3. jake Silver badge

    AlphaGoo deleting data? Bullshit.

    AlphaGoo has never deleted anything, because keeping data is what they do, and has been what they do for the quarter century of their existence. They aren't going to start deleting stuff now. Anybody who thinks otherwise is a fool. Even if they very publicly go out of their way to "prove" that the data is off their systems ... well, that's what backups are for. And you know they have backups. They may even "prove" they delete the backups. That's what off-site backups are for. And you know they have those, too. In duplicate.

    1. Kevin McMurtrie Silver badge

      Re: AlphaGoo deleting data? Bullshit.

      They delete internal communications to prevent it from later appearing during legal discovery. It's part of employee training.

      1. jake Silver badge

        Re: AlphaGoo deleting data? Bullshit.

        That's not "data", that's proprietary corporate intellectual property that must be permanently destroyed so it doesn't fall into the wrong hands.

    2. Anonymous Coward
      Anonymous Coward

      Re: AlphaGoo deleting data? Bullshit.

      Oh, I believe they do delete the data.

      Think (as a hypothetical example) about this sentence when user12345abcdef (Peter Vermout living at this street in that town having this telephone number) typed on a web form:

      "My friend Jack and I were going last Saturday to the Irish pub by bike"

      Becomes for Google:

      * Check lists of all people named Jack having reported the same location as user12345abcdef on Saturday -> Identify "Jack" as userxyz12345abc; Create and store link between user12345abcdef and userxyz12345abc; add tags "friendship", "drinking buddies"; add or increase probabilities.

      * Check location history to determine name and location of pub. -> Increase probability that building location at coordinates (X, Y) is of type "pub". Increase probability that subtype is "Irish pub".

      * Check location history of nearby people in expected pub location. Cross reference with list of known contacts of user12345abcdef and userxyz12345abc. -> Add tag "mutual friends; user12345abcdef; userxyz12345abc) and assign probability to users x, y and z or update and increase probability if tag exists already.

      * Check location history of user12345abcdef and userxyz12345abc. -> Add or update probability of tag "owned vehicle types; non motorized bike" on both.

      ...

      ...

      * Check location history after leaving pub. Determine differential in bike speed before and after drinking. Update tag "alcohol tolerance", "alcohol consumption profile" and "pub consumption profile".

      * Check location history of x, y, z after leaving pub. If starting and ending at same building, update tag on "likely sexual partners" and "sexual preferences".

      Then if Google is ordered to delete the user browsing data, at best the phrase "My friend Jack and I were going last Saturday to the Irish pub by bike" is deleted. The analysis of that sentence in correlation with all other data, dream on. That is Googles confidential property and you have zero right to know about it according to them or have "their" data deleted.

      When Google acquires medical data for "research purposes", expect the same behaviour. All data they acquired is deleted. All useful bits are added to the victims profile and probabilities and cross links are updated. The contract for sharing and deleting the original data didn't explicitly stipulated that. If governments happy to spill such confidential information with them ever demanded that, Google will find other weasel ways around it.

  4. DS999 Silver badge
    Facepalm

    So after they've used the data profitably

    And it is becoming more outdated every day and thus much less valuable, they will delete it.

    That's like if I stole your bottle of wine, and after I'd drunk the wine inside I said I'd return the empty bottle. That makes us even, right?

    1. ChoHag Silver badge

      Re: So after they've used the data profitably

      They're not giving back the bottle, they're agreeing under duress that maybe it had wine in it once. They've even proud of paying out nothing.

    2. MachDiamond Silver badge

      Re: So after they've used the data profitably

      "And it is becoming more outdated every day and thus much less valuable, they will delete it."

      The data going stale at all or how fast can vary quite a lot. Some basic information is going to be good forever and previous addresses are also permanent. A current address will go stale, but buying data from various sources (dark web from hacked DB's) can ping/reset the validity of a current address. Marital status can change, but any progeny won't. Sexual preference(s), religion, politics and all sorts of stuff that might change is often more steady and still valid forever as a snapshot in time. I like reading stories that have detective stuff in them and the sort of look you can get into somebody based on some innocuous data is fairly amazing. Big Data is much like totalitarian regimes in the amount of data they like to keep on everybody. It can be worth good money if a company is willing to pay for the "Insights" package along with the full suite of details on somebody they are looking to hire or investigating for fraud.

  5. Dinanziame Silver badge

    Still misleading

    No matter what Google tracks and does not track, nothing prevents third-party websites or your ISP from tracking you when you are in incognito mode; and there's nothing Google can do about that. Incognito has never been about tracking; the only use it to hide your surfing habits from your wife.

    1. Anonymous Coward
      Anonymous Coward

      Re: Still misleading

      Ahhh, you visit www.bigandbouncy.com too!

      1. wallaby

        Re: Still misleading

        "Ahhh, you visit www.bigandbouncy.com too!"

        its my website - keep up the visits

    2. Jellied Eel Silver badge

      Re: Still misleading

      No matter what Google tracks and does not track, nothing prevents third-party websites or your ISP from tracking you when you are in incognito mode; and there's nothing Google can do about that.

      Sure there is. Preventing ISP tracking is a bit harder, especially given the legal requirement for ISPs to retain communications data. That one can be kinda fixed by governments by legislating to throw ISP execs in jail for a minimum of 5-10yrs, if that data is shared outside of the LEA that's allowed to collect it. So in the UK, after tightening up rules on lawful intercepts, for bulk/automatic data collection that's pretty much just GCHQ. And they have better things to do than lol about our pron habits. Plus ISPs generally don't want to track you anyway because it's a PITA to do, and without DPI it doesn't really tell you much other than the basic TCP/IP header info. Sure, if the ISP runs DNS, they could maybe log DNS requests but a lot of ISPs outsource that to.. guess who? From my experience though, the only 'tracking' I've ever wanted or needed to do is collecting src/dst IP addresses for routing & peering analysis. Which is also where legislation can get FUN!, ie a few times I've needed to dig deeper in to packets to troubleshoot weird problems, which is generally legal given I'd got the users consent, and any data was deleted once I'd figured out what the heck was going on.

      But AlphaGoo has many more options-

      "must delete and/or remediate billions of data records that reflect class members' private browsing activities"; block third-party cookies in Incognito mode for the next five years (separately, Google is phasing out third-party cookies this year);

      Hmm.. let me think for a second. How about blocking all cookies, and actually implement a real privacy mode? But then AlphaGoo's already in the process of changing Chrome to block anyone's cookies than it's own, as the report says. Funny how that works, AlphaGoo shutting out it's competitors..

      1. MachDiamond Silver badge

        Re: Still misleading

        "they have better things to do than lol about our pron habits"

        Come on, you are talking about government. They want to know everything about your viewing preferences. At least they want to know if you are also in politics and they need some dirt to throw at you in the next round of elections. Just the basics in a file is handy if you ever do get into politics. With storage so cheap, they can confront you with a fat folder of facts if they ever need to. I am reminded of Neo being interrogated by Smith. The folder on the table was rather thin compared to what can be developed on somebody today for a measly $14.95 or less with a subscription.

        1. Jellied Eel Silver badge

          Re: Still misleading

          Come on, you are talking about government. They want to know everything about your viewing preferences. At least they want to know if you are also in politics and they need some dirt to throw at you in the next round of elections. Just the basics in a file is handy if you ever do get into politics.

          This is always the danger with security systems like this. When the UK cracked down on who could access bulk intercept data and changes to lawful intercept, it prevented a lot of government bodies from doing things like initiating surveillance campaigns to see if people were sending kids to the wrong school etc. I think one council, from memory Brighton (where else?) wanted to test dog poop for DNA so they could fine the dog's owner. Pretty sure we don't have a national dog DNA database though, or the resources & budget to test dog poop samples.

          So access to bulk data is pretty much restricted to LEAs like the Police and Security Services, and even they have to jump through hoops to justify accessing the data. For now, at least. But politics being politics, neither the police nor security services are supposed to access or surveil MPs, even though they're at the most risk of compromise, or can do the most damage if compromised.

          The folder on the table was rather thin compared to what can be developed on somebody today for a measly $14.95 or less with a subscription.

          Yep. Which is why I think 'Big Tech' needs to be reigned in. They're the real danger. Plus anyone who's been through enhanced vetting would have lol'd at the size of Neo's file. So, this is your life <thud>, tell us about... Then again, maybe they've also seen Blade Runner and 3/4 of the file are sheets of kevlar.

  6. Anonymous Coward
    Anonymous Coward

    Didn't April fools finish at midday?

    How does Google differentiate between data collected from private browsing and other collected data? What is to stop someone just deleting that flag? No one would ever know.

    1. Derezed

      “How does Google differentiate between data collected from private browsing and other collected data”

      IF Website == Porn

      Vprivate = T

      ELSE

      Vprivate = F

      ENDIF

  7. clyde666

    what? where?

    Does this only apply to, affect, people in the United States?

    1. Pascal Monett Silver badge

      Re: what? where?

      Of course. You don't think that Google (or any other massive conglomerate) is going to see a lawsuit in one country and think "oh, we'd better apply the consequences to the rest of the world as well before they wake up", now do you ?

      If the rest of the world wants the same thing, they can sue in their own countries. One by one. Only if a dozen important countries (market-wise, obviously) start the same procedure at roughly the same time would any multi-billion dollar company trot out a statement where it will apply consequences globally, but that is only to diminish the number of lawsuits it'll have to pay for to get the same result.

      It's always a question of return on investment. Multi-billionaire business basics 101 : investing in lawsuits works until the number of lawsuits outrun the amount of money that can be made in that way.

      1. MachDiamond Silver badge

        Re: what? where?

        "Only if a dozen important countries (market-wise, obviously) start the same procedure at roughly the same time would any multi-billion dollar company trot out a statement where it will apply consequences globally, but that is only to diminish the number of lawsuits it'll have to pay for to get the same result."

        It only means the data will be collected, collated and sold from small island nations where a special tax has been paid to make sure such business practices are kept perfectly legal.

  8. Neil Barnes Silver badge

    Waiting for the headline to come:

    Google downsizes 30,000 employees from the data analysis department.

    Just to make all we refuseniks feel guilty!

  9. Anonymous Coward
    Anonymous Coward

    Bastards

    Utter, venal bastards.

  10. Tim 49

    5.8 million pages

    "During the discovery period from September 2020 through March 2022, Google produced more than 5.8 million pages of documents"

    5.8 million pages!!

    Instead of using their resources to help huminity, they choose to do this instead.

  11. Dan 55 Silver badge
    Trollface

    Just as well they're bringing in Privacy Sandbox in a few months to stop this kind of thing ever happening again...

    1. Hubert Cumberdale Silver badge

      Much easier way to stop Google collecting data from your browser: don't use a Google-based browser (hint: that doesn't leave you very many options).

  12. heyrick Silver badge

    one of which excludes those using Incognito mode while logged into their Google Account

    The shitty thing is that until very recently (when the EU told them to stop sharing data amongst the various apps), if you were signed into your Google account on your phone (for the app store and updates and such), it automatically signed you in in Chrome, and the only way to sign out (in Chrome) was to sign out (on your phone).

    Bastards. I'm glad the EU slapped that shit down.

    Thank <random deity> I mostly use Firefox...

    1. MachDiamond Silver badge

      Re: one of which excludes those using Incognito mode while logged into their Google Account

      "f you were signed into your Google account on your phone"

      Ahh, I think I spotted the main issue, A Google account.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like