Google Calls Out EFF Over Claims That It Snoops On Students With Chromebooks (hothardware.com) 100
MojoKid writes: The Electronic Frontier Foundation (EFF) caused quite a stir this week when it alleged that Google is using its Chromebook platform, which has made a significant impact in education markets, to snoop on students. The charges were damning, with the EFF claiming that Google was violating its own corporate policies and using students' personally identifiable browsing data/habits to refine its services, in addition to sharing that data with partners. Obviously, Google would take such allegations seriously, and has thus responded to every claim brought forth by the EFF. "While we appreciate the EFF's focus on student data privacy, we are confident that our tools comply with both the law and our promises, including the Student Privacy Pledge..." said Jonathan Rochelle, the Director of Google Apps for Education. With respect to Google Apps for Education Core Services (GAFE), Rochelle asserts that all student data stored is "only used to provide the services themselves" and that student data isn't used for advertising purposes, nor are ads served to students. Rochelle also explains that personally identifiable data of students is removed, and only aggregated data of its millions of users is utilized to help improve its services.
Obviously (Score:2, Informative)
All your data are belong to us.
Google vs. The EFF? (Score:2)
The Big Evil vs. Pomposity, Inc.? Just too good...
In the mean time, while I'm waiting for the corn to finish popping, here's a link detailing how to install Linux on said chromebook http://www.digitaltrends.com/c... [digitaltrends.com]
Re: (Score:1, Troll)
I'm so glad the only apps I have access to are web sites....
SAID NO ONE EVER!
Re: (Score:1)
Re: (Score:2)
Re: (Score:1)
Yuuuuuuuuuup!
The Google doth protest too much.
Re: (Score:2)
There's also the lamentable ease with with anonymized data has been repeatedly de-anonymized.
MAYBE they actually did it this time. Perhaps. I guess. But there have been so many failures, often apparently without malice on the part of the anonymizing agent, that I find it difficult to believe.
Re: (Score:2)
I get that reading is hard, and harder when it's legal stuff but you should give it a try sometime. You have to work for this one, but links are already posted in this thread.
To my IANAL eye the EFF claims could be valid,. Google's response avoids or ignores the allegations and tosses out a few red herrings for people to chew on. I have not tested the EFF's claims but I'm guessing that they have more than speculation backing their complaint. The Google response is carefully worded, leaving lots of maneu
Re: (Score:2)
I get that reading is hard, but they're not actually accused of anything nefarious.
In other words, when a student logs into their educational account, and then uses Google News to create a report on current events, or researches history using Google Books, or has a geography lesson using Google Maps, or watches a science video on YouTube, Google tracks that activity...
That is from the EFF response to the Google defense.
It turns out the accusation is not the accusation it appears to be at first. The accusation is simply that a Chromebook can be used to connect to the internet. That is the whole accusation.
c'mon, man (Score:1)
Re:c'mon, man (Score:5, Insightful)
nobody believes that. if you HAVE it, you have COLLECTED it and the RETENTION of such data fits YOUR purposes.
When I send an email my ISP will will scan the email for viruses and to make sure it is not spam. How is this any different.
Re:c'mon, man (Score:5, Insightful)
My ISP hasn't built their entire business on collecting as much information as possible and selling it to advertisers.
Re: (Score:2)
My ISP hasn't built their entire business on collecting as much information as possible and selling it to advertisers.
any company that has the ability to collect personal data is doing so. phone, TV, PC, or any other smart device that can phone home does phone home. whether they are utilizing it to the extent google does is another question, but every one of them aspires to grab a piece of google's pie.
don't mistake business incompetence for altruism.
Re: (Score:2)
It's the difference between some company keeping a basement ful
Re: (Score:1)
how do you know?
Re: (Score:1)
No , but in all honestly Google - while collecting more data - seems to be doing a better job of being upfront about said collection and policing how it's used than the ISP's I've seen that do so, especially when it comes to nasty stuff like mobile carrier supercookie insertion etc.
Re: (Score:3)
more Google FUD. please link to the evidence that google has sold your personal data, or has lost it in a breach.
google doesn't sell your data. they collect it and use it to serve you ads. it's google that decides which ads to point at you, not the advertiser. and i don't need an auditor to prove that to me since it's common sense. data is google's most (only?) valuable asset. they aren't going to sell it off, and they will darn sure safeguard it for the same reason. they like money. they want to keep getti
Re: (Score:2)
And they DON'T serve ads on school accounts.
Re: (Score:2)
FWIW, I haven't yet seen evidence that Google sells consumer data. I'll admit they might, but their business model revolves around being the keeper of the data and acting as a man in the middle whenever anyone wants to use the data. I.e., they sell access to the individuals, not who the individuals are. Once they sell who the people are they loose their monopoly.
Re:c'mon, man (Score:5, Insightful)
People, at least here on Slashdot at the present moment, don't have an irrational hatred for your ISP.
Re: (Score:2)
nobody believes that. if you HAVE it, you have COLLECTED it and the RETENTION of such data fits YOUR purposes.
When I send an email my ISP will will scan the email for viruses and to make sure it is not spam. How is this any different.
Your ISP presumably doesn't collect data from your emails and sell that on, or use it to advertise to your.
Re: (Score:1)
you're confusing data - which they say they don't collect - with metadata, which has the meaning of the data they collect, stored.
It's easy to say you're not collecting data, when you're actually storing the metadata after you process the data.
The end result is the same.
First be Evil (Score:1)
wasn't that Google's motto?
Re: (Score:1)
Who you gonna believe? (Score:2, Insightful)
Google, or your own lying eyes?
Tell you what, the EFF has credibility in the bank with me. Google on the other hand...
Re: (Score:2)
Wrong.
What the FCC proposal actually says gives the FCC the power to require the locking down that the EFF was upset about.
The FCC simply issued a statement after the fact saying "We won't use to to do that, honest.".
Further, the truth of the matter is that the vast majority of commodity hardware is built as a SoC, and the manufacturers involved would sooner lock it all down than lock down only certain parts based on a current interpretation of the rules while leaving other parts open.
Re: (Score:1)
Tell you what, the EFF has credibility in the bank with me. Google on the other hand...
Well fuck me running, I agree with Ratzo on something. Google is an advertizing company, and weasel words and outright lying convincingly are core competencies for them. The EFF has never steered me wrong.
Plus, the weasel words here are pretty obvious: Google admits to collecting students personal information, but tries to hide behind "we only use it in aggregate".
Re: (Score:2)
Not to mention, the people at Google should know in more exquisite detail than just about everybody else (except maybe Facebook and the NSA) exactly how incredibly easy it is to dis-aggregate aggregate data.
Re: (Score:2)
the weasel words here are pretty obvious: Google admits to collecting students personal information, but tries to hide behind "we only use it in aggregate".
What is the minimum size of an aggregate, one might fairly ask.
Re:Who you gonna believe? (Score:5, Insightful)
The EFF has credibility with me as well (less than they used to, for similar reasons as PETA), but how can they possibly know what Google is using the data for internally? They don't have enough information to know anything beyond "it's being synced" - which for a feature called "Chrome Sync" seems pretty obvious. The reason it's being synced is also obvious and the blog post states it plainly - most schools don't buy a chromebook per student, they have a cart that's brought where required, and the sync is so that when the student signs in they have their personalization.
Google has always said "we use aggregate data to make our services better". They say it everywhere. It's how Google works. But they also say "we're not looking at individuals or less-than-anonymized groups of people". And there's no evidence they're doing the latter in addition to the former. I can't figure out on what basis - and with what information - the EFF is making that claim other than "we don't like Google". It sounds like a PR stunt for their new initiative. Really if the EFF *did* know that the data was being used for nefarious purposes, it would mean there was some sort of external leak of user data - which would be much more damaging than the supposed activity they are concerned with.
As a disclaimer, I do work at Google. I do in fact know what Google does with user data. It's pretty much what it says on the tin, and they are extremely serious about it. Nefarious use of user data is one of the few outright firing offenses, and they will find you.
So you don't believe me. That's fine, and I'm not surprised. But why do you believe the EFF, which is the party with the less information, in absence of evidence beyond their say-so? That's firmly conspiracy theory territory. Even if they did have a better track record (hard to say, they're not without mistakes), and didn't have any agendas (not true) they simply can't back up their assertions here with any evidence. You're left with an unverifiable claim from someone who can't know, vs unverifiable claim from someone who does know.
Which is more likely - the EFF made a bullshit accusation with no evidence that they suffer no penalty for and might even help them anyways, or Google making a bald-faced, PR-damaging lie that can be discovered with a simple subpoena?
Re: (Score:1)
Because Google has a history of making bald-faced lies and don't give a goddamn about PR damage, because they don't have to.
Re: (Score:1)
you may work at google, but I doubt you are privvy to all the uses of data that google engages in. what you see is what you are ALLOWED to see. unless you are in the chosen elite, you'll never know what is really going on (this applies to all large corps; there is a duality in them all and the ones who really know what is going on are the suits and ties, NEVER the engineers. they are fed shit and kept in the dark, as usual)
they may tell you a nice little fib that isn't 100% a lie, but that's not the same
Re: (Score:3)
My argument isn't predicated on me being right about how the data's being used, it's solely that the EFF can only be talking out their nether regions when they say that they do know how it's being used. Indeed, if there is some huge conspiracy that's so secret that not even the engineers working on the systems in question know about it, then it's even less likely that the EFF knows, right?
Don't bother replying, I'm not trying to convince you and I know I won't succeed. But other people read these comments.
Re: (Score:3)
The EFF's point is that the data shouldn't be collected because even if Google is being responsible with it today, tomorrow they might change their policies or sell the data to someone else who then abuses it. We have seen this happen in the past with companies that go bankrupt and then sell off their databases to cover the CEO's golden parachute.
Re:Tinfoil hats. (Score:4, Funny)
I love that every response so far on slashdot is by a conspiracy theorist.
That, sir, is stereotyping!
Some of us are just nuts...
Re: (Score:2)
Conspiracy theorists? They're all pissing in the same pot, you know.
Sounds Familiar (Score:3, Informative)
Re: (Score:2)
Mindless idiots will love Google anyway.
Or hate them anyway, even if they cure cancer and end world hunger.
Re: (Score:2)
Re: (Score:2)
Re:Sounds Familiar (Score:5, Informative)
Contrast this with, say, Microsoft who still won't say what data Windows 10 is collecting. Or Apple, who commandeered people's iPhones to report location and SSIDs back to them (to accomplish what Google did by paying people to drive company cars around), and still haven't admitted it, brushing it off as an oversight instead of prep for their own mapping program. I'm not sure why Google keeps getting brought up as the quintessential example of a bad guy in these privacy issues, when they've been pretty open about what they do and admit when they make mistakes. Other companies are far worse. The way the EU handled the Google case vs. the Apple case basically tells companies: if you accidentally break the law, it is better to obfuscate and deny it, than the be honest and admit it.
Re: (Score:2)
Just for balance (Score:5, Informative)
Since the awful TFA didn't include a link to Google's post defending itself from EFF's accusations even though it quoted from that source, here's the link to it:
http://googleforeducation.blogspot.com/2015/12/the-facts-about-student-data-privacy-in.html
Also here a link to the Student Privacy Pledge that EFF has accused Google of violating:
http://studentprivacypledge.org/
The Student Privacy Pledge will hold school service providers accountable to:
Not sell student information
Not behaviorally target advertising
Use data for authorized education purposes only
Not change privacy policies without notice and choice
Enforce strict limits on data retention
Support parental access to, and correction of errors in, their children’s information
Provide comprehensive security standards
Be transparent about collection and use of data.
Here are links to the co-authors of the Student Privacy Pledge stating their objections to the EFF's complaint:
https://fpf.org/2015/12/01/future-of-privacy-forum-statement-regarding-electronic-frontier-foundation-student-privacy-complaint/
In response to the allegations made today that Google has violated commitments of the Student Privacy Pledge (SPP), FPF Executive Director Jules Polonetsky issued the following statement:
“We have reviewed the EFF complaint but do not believe it has merit.
http://blog.siia.net/index.php/2015/12/some-misunderstandings-of-the-student-privacy-pledge/
The Electronic Frontier Foundation has filed a complaint with the Federal Trade Commission against Google for violation of the K-12 School Service Provider Pledge to Safeguard Student Privacy. The FTC will assess the complaint on its merits and make a judgment one way or the other. But, it is important to point out that the complaint contains some important misunderstandings about the student privacy pledge.
Re: (Score:2)
The Electronic Frontier Foundation has filed a complaint with the Federal Trade Commission against Google for violation of the K-12 School Service Provider Pledge to Safeguard Student Privacy.
The EFF and Google -- both nominally good faith actors with regards to privacy -- are in conflict, and they're taking their issue up with ... the government?
Define a student... (Score:1)
If ads are not served to students, how do I tell google that I'm a student?
Learn something new every day.
Re: (Score:2)
Be part of a verified educational institution that is given unlimited-storage Google Apps for Education (identical to Google Apps for Business - go look at the prices) for free.
The signup for my schools consisted of proving we were a registered school in the UK, and that our domain belonged to us, and some guy checked that our domain was the official school website.
Now I have an admin interface that lets me create unlimited accounts or unlimited size to assign to registered students, while tracking their ev
First party links? (Score:2)
Can we actually get original links to the EFF and Google blog posts not some third party regurgitator?
Re: (Score:2)
Cool thanks. Seems you made your post just as I was making mine.
After PRISM whats left to consider? (Score:2)
No other marketing communication brand can see the very secure network.
I am shocked that there is gambling in this casino (Score:1)
(Google hands bribe to regulators)
Shocked I tell you!
rebuild identity (Score:1)
The more de-identified data aggregated the easier to rebuild identity.
Data mining is all about finding a needle in a haystack,
extracting coherency from apparent chaos.
Re: (Score:2)
Trust (Score:2)
title grammar (Score:2)
"Ambiguous pronouns lack a clear antecedent, while vague pronouns lack an antecedent altogether. Remember that antecedent refers to the noun or pronoun that a pronoun refers to (ante meaning âoebeforeâ in Latin). In the following sentence, the pronoun is bolded: Fred visited Bob after *his* graduation.
Not just being a nazi. I had to read the title 3 times to understand it.
GGG (Score:2)
Good Guy Google, knows most students hadn't heard about the claims. Draws more attention to them.