This might well be the creepiest #Google page ever: All the purchases a user has ever done. If the user receives a confirmation email for a purchase they made, the user is not notified that Google collected and displays this piece of information in this page. There is no explanation why they are collecting all the purchases in one page, and apparently there is no way to opt out of this or even delete the purchases from the list.
There is a page in the activity settings where the user can delete most data, but the purchases can only be viewed, with a link to the page I shared in the previous toot.
The description makes it look like they are collecting data only from #Google services, but they also look for emails from Amazon and Steam in the user's inbox. That description is deliberately misleading.
I'm usually careful about the permissions and the activity I allow #Google to track (which is pretty much nothing), but this somehow slipped away.
Was I distracted? (Maybe.)
Are the privacy and activity settings on Google a mess? (Yes.)
Is it something they introduced recently, and they harvested the data retroactively? (I have no reasons to say ‘no’.)
Some of the replies to my Google toots are waving the issue aside, saying something like “it’s Google, we all know they harvest their users’ data”.
That’s true, but let’s not forget that Google has said for years that they don’t read their users’ emails, and that they can gather lots of data without parsing other people’s inboxes.
And let me repeat: The fact that users cannot have this information deleted makes the whole thing worse – possibly a GDPR violation.
Most importantly, such replies show a dangerous feeling that has become common when we talk about online privacy, and that’s a lack of interest towards the global community.
If your reaction is “Why are you using Google, lol”, you shift the burden to the single users, knowing well that most people won’t switch to other services, so you surrender to the idea of tech companies violating their users’ privacy without any legal repercussions. And it sounds like “It’s fine as long as I am out of it”.
CNBC wrote an article on the creepy Google “Purchases” page I talked about 4 months ago, pointing out that it’s impossible to do it if you want to keep the receipts in your inbox. I hope that if enough media outlets call them out and ask for explanations, Google would finally allow purchase data to be deleted.
@Averly I can see that chaos can derive from a simple lack of organization, and Google accounts, which is where many products developed by different teams meet, are incredibly complex.
And yet I don't think that this alone can explain that lack of clarity completely, especially because the Google account pages have been reworked quite recently.
@miramarco Ughhhhhh. This is really a motivation to change my general email to something not gmail.
It's not just amazon and steam (to clarify). I've got B&N, Etsy, my uni's bookstore site. So I assume it's anything that says "purchase" in your email.
@miramarco Also this might seem silly. Does yours also only go back a year? I'm wondering if that's to mitigate freakout factor (since there's no reason it can't read all my emails) or what. =/
@lapis Mine goes back to 2013 >_<
@miramarco agh. sorry.
@miramarco even worse, the second bullet point hints that emails are parsed to get that info
They're keyword scraping email. My prescription history is in there:
LORATADINE 10MG TABLETS 2319134 - 6063
Ready for pickup
@miramarco Surely this is a clear violation of the GDPR, considering that this has not been clearly disclosed to users and cannot be erased (presumably without deleting your entire account)?
@dickmandrake I'm no GDPR espert, but I'm inclined to agree with you. I think I will read the whole regulation from the start to end sooner or later, to see how much it has been misinterpreted.
@miramarco I suspect that deleting the confirmation email might(?) remove the item from the list, but the fact that Google is deliberately skimming everyone's emails and consolidating this specific information for unknown purposes is creepy in itself.
@dickmandrake That's also what I think, but it's our right to keep the confirmation email and at the same time have the purchase info deleted on the other side.
The very fact that there is information that leaves the mailbox and goes to another part of Google is a violation of our trust and security – it doesn't matter that it's still Google, as they claim.
@miramarco do you get this upset about your bank statement? it's the same thing.
@miramarco didn't know about this feature. I find it very useful, similar to the flight reservations: it's just a specialized filter of your incoming emails.
It seems that this is only the case if you use your Gmail account for signing up to other services like Amazon. I checked and it has purchases all the way back to 2013. Seems creepy, but not surprising. As mentioned, I'm looking at this as if it were a bank statement of sorts. I kind of don't mind it, I guess, only because this is the sort of thing I expect from Google lately.
Given that you are using Google's service for free and using your account on Google's services to sign up for other services, it should come as no surprise that they are collecting this data. 🤷♂️
@miramarco what about not using gmail in shops?
@miramarco I totally agree, and one thing I'd like to point out is in a way, power. A lot of things at my school are google-dependent. Like, not just groups of students electing to use a google app for a project, like "we're going to use this google thing for our class". If I hadn't had a google account already, I would have had to make one for that class.
It's really hard to _not_ have involvement with google. Blaming single-users is ridiculous, when there is pressure to use it.
@lapis 100% this. The usual suggestion (“just don't have anything to do with Google/Facebook/Amazon/etc.”) misses the fact that people may not have enough privilege (social or financial) to switch to the alternatives, or to convince the people they work or live with to do the same.
@miramarco I think you should compile a module to send to the garante Della privacy
@miramarco ha, "only you can see your purchases", I doubt this very much. I will note that things paid for via PayPal invoice and the like do not show up
@crazypedia I noticed that PayPal thing, and it's kind of weird. I think that the reason PayPal transactions are not included is that they can be used for donations and simple money transfers as well, so they would fall out of Google's interest. But this is just a conjecture.
About that “only you can see your purchases”… On the one hand, we are used to hear lies like that. On the other, big companies' legal departments tend to be very careful about the words being used. So – I dunno *shrug*
@miramarco holy crap!! 😟😖😤🤬
@miramarco why? It's signal for their ad system. I'd guess this information is being made public due to gpdr concerns.
@pnathan It might be as you say, but (1) the purpose for collecting those data is not stated, (2) there is no way to ask Google to delete those data and to stop collecting them, (3) Google say that it's only the user who can see such data (so if it's actually used for advertisement, Google is purposely lying or misleading). I feel like there are some GDPR violations among all of that.
@miramarco The answer why I will not create Google Pay account even feeling comfortable with ApplePay and coming back to Android.
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!