How you can find out everything Google knows about you


When you use Google, you are making a deal. You get to use services like Gmail, Drive, search, YouTube, and Google Maps for free.

1104-ed4jr4.jpg

In exchange, you agree to share information about yourself that Google can share with advertisers so their ads are more effective. For instance, airlines want to target people who love to travel. Children’s clothing makers want to target parents.

Google uses a lot of methods to learn about you. There’s the stuff you tell Google outright when you sign up for its Gmail or to use your Android phone. This includes your name, phone number, location, and so on.

But Google also watches you as you scamper around the internet, deducing your interests from your internet searches — what do you search for? click on? — from your use of Google’s other services and from other websites you visit.

By visiting a hard-to-find page called “Web & App Activity,” you can see what Google is watching.

Then by visiting a site called “Ads Settings,” you can see what Google thinks it knows about you, and you can change what it’s telling advertisers about you.

It’s not easy to find your “Web & App Activity” page. You must be logged in to Google to see it. Once logged in, go to “https://history.google.com/history/” and click on “all time.”

google1.jpg

 

This brings up a long list of all the web pages you searched. You can delete them, but it isn’t easy. Google lets you delete only one day at a time. That will take forever to cover years’ worth of data, but you can try it anyway. Click on today, then click the delete button at the top.

 

today.jpg

 

You’ll have to deal with a warning from Google telling you that you don’t really want to delete this information. The truth is, Google doesn’t want you to delete this information. You may or may not want to, but don’t worry if you do. You won’t break the internet or your Google account if you hit the delete button.

 

Now, click on the little menu button on the top left of the screen

nowclick.jpg

 

Here’s where you’ll find links to the voice, device, location, and YouTube records Google keeps on you. You can go to those pages and delete stuff, too. But you’ll have to delete everything one day at a time and deal with Google’s warnings on why you don’t want to do that.

If you click on “location history” in the menu, it takes you to a page with a map, which represents your “timeline” of where and when you traveled, with Google Maps or other location services. Now click on the settings button on the lower-right corner.

 

location1.jpg

 

From here you can delete all of your location data, if you choose. But if you really want to see all the data Google has collected on you, click on “download a copy of all your data.” You can also get to this download page from your “account settings” page. Click on “select all.” Scroll down and select “next.”

 

Select your file type. We recommend the default, .zip, since Windows and Macs can typically open those files without problems, and select your delivery method. You might want to save it to Drive if you have the space. Google warns that archives that are emailed may take hours or days to compile. You’ll have to be patient. It still took two hours when using Drive. Google will email you when it’s done.

Google sent me two ENORMOUS 2G files on what it is tracking on me. Inside were folders of stuff, including computer scripts on me and my data. But most of it was photos. Every photo I ever uploaded since 2013, full size. Here’s a photo of my puppy that it sent, and an example of the JSON scripts and the list of files it sent.

While you are waiting, you can explore what advertisers are told about you. While you are logged in, go to any Google service and click on your account icon. Then click on “my account.”

 

myaccount12.jpg

 

This takes you to your account-settings page. On the left, the “activity controls” lets you explore all the daily information Google keeps on you. “Control your content” lets you download all of your data. But this time, click on “ads settings,” then scroll down and click on “manage ad settings.”

 

ad.jpg

This is what Google thinks I’m into. Some stuff is accurate: bikes, fitness, books, food & drink, mobile phones. Some is not: East Asian Music? Banking? Cleaning Agents? Rap & Hip-Hop? I think that’s Google’s way of guessing my gender (cleaning/hair), my ethnic background (Asian) and my age (Hip-Hop) because I deleted my gender and age information two years ago, the last time I checked on what Google was monitoring.

 

go1.jpg

 

Scroll down and click on “control signed-out ads” and you can turn off “interest-based ads” at least for this browser, meaning Google won’t share stuff about you to advertisers. Google will warn you against it. Or you can switch to the DuckDuckGo search engine, which promises not to track you at all.

12.jpg

 

The end of the password era.


We snicker when we read that the most common, hackable passwords are “password” or “123456.” Who would possibly think that using “password” as your password is a good idea? You feel good and secure knowing that your 7-20 character passwords have plenty of numbers, symbols, and uppercase letters. Plus, you always get a “very strong” password strength rating when you create a new one. You’re online identity is locked down, Fort Knox style.

And then you read about Mat Honan. He’s a senior writer at Wired who, despite having “robust” alphanumeric passwords of seven, 10, and 19 characters long for his Apple, Twitter, and Gmail accounts, had them all hacked and lost years of stored documents and photos because they were linked together. Ever since being hacked, Honan has been looking into online security and what he discovered about our password-centric web is terrifying, to say the least.

No matter how complex, no matter how unique, your passwords can no longer protect you.

Look around. Leaks and dumps—hackers breaking into computer systems and releasing lists of usernames and passwords on the open web—are now regular occurrences. The way we daisy-chain accounts, with our email address doubling as a universal username, creates a single point of failure that can be exploited with devastating results. Thanks to an explosion of personal information being stored in the cloud, tricking customer service agents into resetting passwords has never been easier. All a hacker has to do is use personal information that’s publicly available on one service to gain entry into another.

Of course, it’s easy to make online security more secure but nobody can remember an insanely long, random password and nobody wants to encounter difficulties recovering your password when you forget it. That’s one of the (many) problems with password-based online security: these systems need to be convenient enough so that people keep using them. You might not be addicted to Facebook, for example, if logging into the site were onerous and recovering your password were a chore. Honan goes into great detail in his piece about how the password-based system is failing us (you can read it here).

He points to biometric approaches to security (like fingerprint readers and iris scanners) but shows how those could easily be compromised. He praises Google for moving in the right direction with its two-factor authentication system where a password is sent to your phone if someone tries to log into your Google account from another computer. But, again, that can be compromised by hacking into your cell phone account. So how does he suggest we move forward?

The only way forward is real identity verification: to allow our movements and metrics to be tracked in all sorts of ways and to have those movements and metrics tied to our actual identity. We are not going to retreat from the cloud—to bring our photos and email back onto our hard drives. We live there now. So we need a system that makes use of what the cloud already knows: who we are and who we talk to, where we go and what we do there, what we own and what we look like, what we say and how we sound, and maybe even what we think.

That shift will involve significant investment and inconvenience, and it will likely make privacy advocates deeply wary. It sounds creepy. But the alternative is chaos and theft and yet more pleas from “friends” in London who have just been mugged. Times have changed. We’ve entrusted everything we have to a fundamentally broken system. The first step is to acknowledge that fact. The second is to fix it.

With so much of our lives protected by easily hackable passwords, I’d say yes, it’s time we figure out a better way, even if that means navigating the Internet of the future is a little more complicated.

Source: Smart planet