I disagree that we need to find mismanagement first.
Never mind that Google is 100% opaque from outside and is not subject to inspections by its users.
Even if Google had an open door policy inviting and empowering any and all citizen auditors, I would still disagree that Google gets the benefit of doubt by default, and only after something blows up can we begin asserting our interests.
I think we can assert our interests any time, for any reason, and for no reason at all, with arbitrary aggessiveness, limited only by our own practical considerations.
Instead of waiting for things to go wrong, we can protect our interests before there is even a chance of things going wrong.
Can.
Will we? Each person has to consider their situation pragmatically, but if they considered everything and decided to assert themselves, we would be idiots to insist Google gets the first dibs, they have the initiative, and so how dare we want to limit Google in any way without first PROVING harm. Horse. Shit.
I take the same view toward any monopolies in general. We should not bother proving harm. We should break all monopolies as a matter of principle, even if they are “harmless.”
And Google shound be given as close to zero information as possible. As a matter of principle.
An ounce of prevention is worth a pound of cure.
BranBucket@lemmy.world 4 months ago
If you don’t collect the data in the first place, there’s nothing to mismanage.
Rather than users having to prove that Google is mismanaging OUR data, Google should prove it has a need to collect, aggregate, and sell access to that data beyond surveillance capitalism.
The default option should be that only fully anonymized data that is essential to device functions should be collected, and this should be validated through an independent audit. Everything else should be opt-in.
planish@sh.itjust.works 4 months ago
But they aren’t even showing collection of data in the article. For the data to be collected, it needs to leave the phone, not just be touched by Play Services.
Play Services does collect data it shouldn’t collect, by sending it back to Google. But the difference between “I am collecting your data” and “I wrote software you are running” is important and needs defending, because obscuring it is one way that independent developers are prevented from publishing and marketing actually-privacy-preserving software. If I am deemed to have “collected” your personal data every time you type it into a text editor I wrote, I can no longer distinguish my local-only encrypted text editor from Google’s one that stores all your data unencrypted on their cloud. We both have to say we “collect” your data, and nobody non-technical can tell the difference.
BranBucket@lemmy.world 4 months ago
Right. And my argument is that this shouldn’t happen without users opting in.
I don’t disagree. Not am I arguing the content of the article. I just disagree with your notion that we have to prove negligence or malfeasance to deserve privacy.
Your original post placed the burden on users to prove that Google mismanages the data they collect. That’s not how this should work. I should own that data, just as I own the text I write with a text editor. I shouldn’t have to prove that Google is mismanaging it in order to keep that data private. I shouldn’t need any other reason than “it’s my data and I don’t want to share it beyond what is necessary for this technology to operate.”
planish@sh.itjust.works 4 months ago
I don’t think the burden should be on users, but I do think some of the burden should be on the press. If the press just assumes Google is up to no good and never does the investigative reporting needed to show it, we will miss out on having very politically useful evidence.