arrow-left arrow-right brightness-2 chevron-left chevron-right circle-half-full dots-horizontal facebook-box facebook loader magnify menu-down rss-box star twitter-box twitter white-balance-sunny window-close
Google: a walk down privacy lane
29 min read

Google: a walk down privacy lane

Google: a walk down privacy lane

Google has been constantly embroiled in some kind of controversy for almost two decades. Between changing user settings remotely, manipulating search results, censoring their search results, exposing the private information of its users, dealing with constant antitrust investigations, acquiring businesses to further its data collection and analytics, obstructing investigations against them, and a slew of other matters, there's a lot going against them.

But this post isn't about any of that.  It's also not about the things that could have negative privacy implications, such as Google Glass (featuring, the Glassholes) nor is it a bland read through of their privacy policy while making up hypothetical scenarios in which they collect the data they say.

What you'll find here are 13 years worth of scandals, mishaps, and borderline malicious decisions regarding privacy with Google at the center.  


Side note about anonymized data and default choices.

Google often claims that they are completely in the clear collecting the type and amount of data they do because it's anonymized.  Studies have shown that anonymized data isn't actually anonymous.

Along side anonymized data, Google often sets all of their data collection settings to "on" by default.  Why does this matter if you can just turn it off? Studies have shown that 95% of people do not change a single thing from the default settings. This is why companies try so hard to be the default choice whenever and wherever possible. (Not that Google respects your settings anyways, as we'll see later on).


2004

April: Thirty-One Privacy and Civil Liberties Organizations Urge Google to Suspend Gmail

The 31 organizations are voicing their concerns about Google’s plan to scan the text of all incoming messages for the purposes of ad placement, noting that the scanning of confidential email for inserting third party ad content violates the implicit trust of an email service provider. The scanning creates lower expectations of privacy in the email medium and may establish dangerous precedents.

Other concerns include the unlimited period for data retention that Google’s current policies allow, and the potential for unintended secondary uses of the information Gmail will collect and store.

Google launched its new email service, GMail, on April 1st, 2004. Five days later, 31 organizations put forth a letter of concern about Google's data collection and storage practices.

At launch, Google openly scanned emails so they could insert third party advertisements next to your content.  This practice didn't stop until 2017 but Google still shows targeted ads in GMail using all of the data they've collected about you from elsewhere.

Along with the scanning, Google retained all user data that flowed through GMail indefinitely as there was no scope or clarity in their terms.

2008

June: The Evil Side of Google? Exploring Google's User Data Collection

Google's data collection isn't a new phenomenon.  Back in June 2008, it was shown that Google was collecting mass amounts of user data through click tracking, web beacons, forms, cookies, javascript, log files, and through other avenues.  

Source: Moz
This is the size of the compressed data in terabytes (1,024 GB). That puts Google's disclosed data size at over 1 petabyte (1,048,576 GB). GREAT GOOGLEY MOOGLEY! This doesn't even consider AdSense, Gmail, Google Maps, Street View, Google Images, or other private databases. This is considered to be a lot of data now and these are stats from over two years ago before the Web 2.0 Data Rush.

October: Google's Omnibox could be Pandora's box

Chrome entered the field back on September 2, 2008 but it immediately started the game under scrutiny.  Google was sending everything you typed into their address bar back to them, regardless if you pressed the enter key to complete the search.

Provided that users leave Chrome's auto-suggest feature on and have Google as their default search provider, Google will have access to any keystrokes that are typed into the browser's Omnibox, even before a user hits enter.

What's more, Google has every intention of retaining some of that data even after it provides the promised suggestions. A Google representative told CNET News that the company plans to store about 2 percent of that data--and plans to store it  along with the Internet Protocol address of the computer that typed it.

This practice still hasn't changed to this day.

2009

December: Personalized Search for everyone

Previously, we only offered Personalized Search for signed-in users, and only when they had Web History enabled on their Google Accounts. What we're doing today is expanding Personalized Search so that we can provide it to signed-out users as well.

The end of 2009 sees Google moving needed to be logged in to be personally targeted because they've amassed enough data and have figured out how to accurately target non logged in users.

2010

February: Google's Buzz 'Has Serious Privacy Flaws'

But users have discovered that unless privacy settings are changed, Buzz publicly shares details of users' contacts.

When creating a new account, a dialogue box asks you to create a profile and upload a photograph.

Buzz then automatically builds you a buddy list based on names in your Googlemail account.

But it then makes this list public on your profile, by default.

Buzz launched on February 9th, 2010 and, par for the course, started under fire from critics regarding the privacy surrounding the new service.  Google decided, by default, to pilfer the address book of your GMail account and make that list public.  

May: Google Street View Cams Collected Private Content From WiFi Networks

Google's roaming Street View cameras have been doing more than snap pics of your neighborhood; they've also been collecting packets of information sent over private WiFi networks, the company acknowledged Friday.

Google acknowledged their Street View cards were collection data from WiFi networks.  It was initially played off as an inadvertent mistake and that they didn't collect any personal information.  News came out later that it was more than just IDs and Mac addresses.

The data included emails, user names, passwords, images and documents.

Google has always claimed that the collection was inadvertent, following the mistaken inclusion of code, written by an unnamed Google engineer, in its Streetview software.

It later emerged that a senior manager was aware that data was being collected by Streetview cars.

Google was ordered to delete the data and stop future collection back in 2013 when they settled the case with 38 states. This spectre is still lingering around as recently as last year (2019).  Weirdly, this new settlement has clauses about Google required to delete data was already supposed to have deleted back in 2013.

September: GCreep: Google Engineer Stalked Teens, Spied on Chats

It's unclear how widespread Barksdale's abuses were, but in at least four cases, Barksdale spied on minors' Google accounts without their consent, according to a source close to the incidents. In an incident this spring involving a 15-year-old boy who he'd befriended, Barksdale tapped into call logs from Google Voice, Google's Internet phone service, after the boy refused to tell him the name of his new girlfriend, according to our source. After accessing the kid's account to retrieve her name and phone number, Barksdale then taunted the boy and threatened to call her.
In other cases involving teens of both sexes, Barksdale exhibited a similar pattern of aggressively violating others' privacy, according to our source. He accessed contact lists and chat transcripts, and in one case quoted from an IM that he'd looked up behind the person's back. (He later apologized to one for retrieving the information without her knowledge.)

This isn't about Google specifically but about how Google was, and still is, collecting data on minors, largely without explicit parental consent.  An engineer at Google was able to access voice logs, real names, phone numbers, contact lists, chat transcripts, and instant messages of multiple minors around the age of 15.  

2011

September: Google+'s Real-Name Policy: Identity vs. Anonymity

The requirement has helped keep the quality of the discourse on Google+ high. It's also permitted Google to begin tying users' true names to their interests as reflected in their use of Google services, providing it with a treasure trove of consumer data potentially worth billions.

It's significantly easier to collect and merge data and target you in various ways if you're forced to give up your real name.

2012

January: Updating our privacy policies and terms of service

First, our privacy policies. Despite trimming our policies in 2010, we still have more than 70 (yes, you read right … 70) privacy documents covering all of our different products. This approach is somewhat complicated. It’s also at odds with our efforts to integrate our different products more closely so that we can create a beautifully simple, intuitive user experience across Google.

So we’re rolling out a new main privacy policy that covers the majority of our products and explains what information we collect, and how we use it, in a much more readable way. While we’ve had to keep a handful of separate privacy notices for legal and other reasons, we’re consolidating more than 60 into our main Privacy Policy.

The start of 2012 had Google throwing out their service specific privacy policies and creating a single, all encompassing one.  Google claims this was necessary because the individual policies were "complicated" and would be more readable in a single place.  

What this really does is allow Google to paint broad strokes that span all of their services.  This is problematic because it allows them to hide what exactly they're collecting from what service and gives them more freedom to harvest information.

February: Google's iPhone Tracking

Google Inc. and other advertising companies have been bypassing the privacy settings of millions of people using Apple Inc.'s Web browser on their iPhones and computers—tracking the Web-browsing habits of people who intended for that kind of monitoring to be blocked.

Nothing subtle about this one.  Google just straight up bypassed the settings. They disabled this after getting caught, though.

Google disabled its code after being contacted by The Wall Street Journal.

August: Building the search engine of the future, one baby step at a time

Sometimes the best answer to your question isn’t available on the public web—it may be contained somewhere else, such as in your email.  We think you shouldn’t have to be your own mini-search engine to find the most useful information—it should just work.  A search is a search, and we want our results to be truly universal.   So we’re developing a way to find this information for you that’s useful and unobtrusive, and we’d love your feedback.  Starting today, we’re opening up a limited trial where you can sign up to get information from your Gmail right from the search box.

Google began a trial for having emails from your GMail account show up in web searches. Of course, this was only displayed to you but it shows Googles commitment around scouring your email accounts.  Fast forward a couple years and Google implemented the ability to see your emails by typing "my inbox" into Google Search.

2014

March: Google Under Fire for Data-Mining Student Email Messages

As part of a potentially explosive lawsuit making its way through federal court, the giant online-services provider Google has acknowledged scanning the contents of millions of email messages sent and received by student users of the company’s Apps for Education tool suite for schools.

There's a few people out there that claim Google doesn't collect data on enterprise or educator users.  I'm not sure where this notion comes from but Google collects data on any and all users who use their platform.  In this case, Google admitted to scanning the contents of millions of email messages by students.

April: Google’s sneaky new privacy change affects 85% of iPhone users—but most of them won’t have noticed

Around the same time, the official Gmail blog put up a 205-word post explaining the latest update to the Gmail app for Apple devices that run on iOS 7.

That’s great! But wait, what’s this:

The Gmail app also now supports sign-in across Google iOS apps, including Maps, Drive, YouTube and Chrome. Sign in to one, and you’ll be signed in to all (this also works for signing out). So you won’t have to type in that 27-character password or retrieve your 2-step verification code every time you navigate to another Google app. You may need to re-login after you update the app, but then you’ll be all set.
[...]By unifying its services on the web, Google strengthened its grip on its users data. But it began to lose its hold, again, as smartphones took off. When not using their phones to talk, smartphone users spend 86% of the time in apps, and just 14% in the web browser. So someone might, for instance, be signed in to check Gmail, but be effectively anonymous to Google when watching videos on YouTube.

Keeping you signed in on all apps fills this gap in Google’s knowledge. But just as importantly, it makes a big difference to how the company measures whether ads—the lion’s share of its business—are working.

Like many of Google's other decisions, this was made to intentionally grab the data that was being left on the table.  I believe QZ explains the reasoning behind this nicely.

April: Privacy concerns? What Google now says it can do with your data

“The new policy means that if a user shares information with one arm of Google, they’re sharing it with the whole shebang,” he adds via e-mail. The revisions underline this point by stating: “This analysis occurs as the content is sent, received, and when it is stored.”

Indeed, the revisions to the terms of service spotlight the degree to which Google considers anything you upload to any of its various services (YouTube, Google plus, etc.) to be fair game:

“When you upload, submit, store, send or receive content to or through our services, you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works (such as those resulting from translations, adaptations or other changes we make so that your content works better with our services), communicate, publish, publicly perform, publicly display and distribute such content,” Google says.

Just like Google "simplified" their privacy policies by merging 60+ into 1, they believed it was time to come out and simplify further by merging all of your data across all of their services into a single profile.

2015

February: Google's new CAPTCHA security login raises 'legitimate privacy concerns'

Google says its risk assessment software uses behavioral cues, such as where users click, how long they linger over a checkbox, and their typing cadence, to work out whether they are human or not.

But according to research from AdTruth, seen by Business Insider, Google’s No CAPTCHA reCAPTCHA appears to be collecting personally identifiable additional data beyond mere behavioral cues about their users, too.
According to Perona, Botguard first takes a look at whether you already have a Google cookie on the machine. The No CAPTCHA reCAPTCHA then drops its own cookie from Google into your browser. It then takes a pixel-by-pixel fingerprint of the user’s browser window at that time, pulling information such as:

Screen size and resolution, date, language, browser plug-ins, and all Javascript objects
IP address
CSS information from the page you are on
A count of mouse and touch events
In addition, Google’s new CAPTCHA will also make use of any cookies that have been set by other Google properties — like Gmail, Search, Analytics, and so on — in the last six months. The belief is that humans use Google's services in certain "human" ways, whereas bots do not, and those patterns can be detected.

All of this personally identifiable information gets encrypted and sent back to Google.

This is what was collected five years ago and it would be a reasonable assumption that this is still the same, if not worse today.  We should be advocating for websites and services to use alternatives to reCatpcha, such as hCaptcha, whenever possible.  

June: Google eavesdropping tool installed on computers without permission

It was designed to support Chrome’s new “OK, Google” hotword detection – which makes the computer respond when you talk to it – but was installed, and, some users have claimed, it is activated on computers without their permission.
[...]Google responded to complaints via its developer boards. It said: “While we do download the hotword module on startup, we do not activate it unless you opt in to hotwording.”

However, reports from developers indicate otherwise.

After having identified Chromium as the culprit, developer Ofer Zelig said in a blog post: “While I was working I thought ‘I’m noticing that an LED goes on and off, on the corner of my eyesight [webcam]’. And after a few times when it just seemed weird, I sat to watch for it and saw it happening. Every few seconds or so.”

This was essentially wiretapping any room with a computer that has Chrome or Chromium installed. Google ended up removing the feature from Chromium, but not Chrome, shortly after being caught and dealing with public outcry.

December: Google is tracking students as it sells more products to schools, privacy advocates warn

But Google is also tracking what those students are doing on its services and using some of that information to sell targeted ads, according to a complaint filed with federal officials by a leading privacy advocacy group.

And because of the arrangement between Google and many public schools, parents often can’t keep the company from collecting their children’s data, privacy experts say.

“In some of the schools we’ve talked to parents about, there’s literally no ability to say, ‘no,’” said Nate Cardozo, a staff attorney at the Electronic Frontier Foundation.

Google, whose parent company is called Alphabet, pushed back against the criticism, saying its education apps comply with the law. But it acknowledged it collects data about some student activities to improve its products.

Another year, another accusation about collecting student data. And with this accusation, Google admits that they collected the data.  In the majority of cases, parents do not have the ability to opt out of this due to how intertwined Google is with school curriculums.

2016

November: How Google Knows When Your Bills Are Due

Q. This week my smartphone received an alert from Google listing the balances due on my credit cards. My response was “never” do it again, but I have to wonder about my personal financial/identity security. How did they get this information? Is it legal?
A. Many credit card and utility companies send payment reminders by email that include details like the name on the account, the payment amount and the due date. What is probably happening here is that Google is automatically scanning your Gmail messages for notices about package deliveries, flight times, restaurant invitations, and yes — bill reminders — and using the information in smartphone alerts for its Google Now/Google Assistant software.

Short and simple.  Google knows this because it scans your accounts for notices and receipts.

October: Google Has Quietly Dropped Ban on Personally Identifiable Web Tracking

But this summer, Google quietly erased that last privacy line in the sand – literally crossing out the lines in its privacy policy that promised to keep the two pots of data separate by default. In its place, Google substituted new language that says browsing habits “may be” combined with what the company learns from the use Gmail and other tools.

The change is enabled by default for new Google accounts. Existing users were prompted to opt-in to the change this summer.
The practical result of the change is that the DoubleClick ads that follow people around on the web may now be customized to them based on your name and other information Google knows about you. It also means that Google could now, if it wished to, build a complete portrait of a user by name, based on everything they write in email, every website they visit and the searches they conduct.

Another simple change.  Data that was kept separate is no longer required to be kept separate and further adds to the construction of your profile.

2017

October: Google admits its new smart speaker was eavesdropping on users

Android Police tech blogger and founder Artem Russakovskii was the first to discover a bug in the software used by those devices. After using the gadget, he went to his Google activity account page and noticed it was populated with audio clips recorded in his home.

The Google Home Mini saved recordings at times when the wake word "OK Google" wasn't used. (A wake word typically triggers smart devices like Google Home and the Amazon Echo to start listening to your verbal commands).
"My Google Home Mini was inadvertently spying on me 24/7 due to a hardware flaw," he wrote on the site.

Google claims this was due to a bug in the hardware and sent a software update to correct it. It's tough to give Google the benefit of the doubt in these situations after years upon years of things like this happening with their products.

October: Google ignores country domain and delivers search results on detected location

Google is doing away with using the country code element of its domain name to decide which version of its search results to serve users, and will instead serve the user results based on detected location.
This means that regardless of whether a user searches from google.com, google.co.uk, or google.com.au, for instance, the search giant will only return one set of results based on where the search engine believes the user is located.

Google decides to override user input to give results based on the location it collects at the time of the search.

November: Google collects Android users’ locations even when location services are disabled

Since the beginning of 2017, Android phones have been collecting the addresses of nearby cellular towers—even when location services are disabled—and sending that data back to Google. The result is that Google, the unit of Alphabet behind Android, has access to data about individuals’ locations and their movements that go far beyond a reasonable consumer expectation of privacy.
The location-sharing practice does not appear to be limited to any particular type of Android phone or tablet; Google was apparently collecting cell tower data from all modern Android devices before being contacted by Quartz. A source familiar with the matter said the cell tower addresses were being sent to Google after a change in early 2017 to the Firebase Cloud Messaging service, which is owned by Google and runs on Android phones by default.

Even devices that had been reset to factory default settings and apps, with location services disabled, were observed by Quartz sending nearby cell-tower addresses to Google. Devices with a cellular data or WiFi connection appear to send the data to Google each time they come within range of a new cell tower. When Android devices are connected to a WiFi network, they will send the tower addresses to Google even if they don’t have SIM cards installed.

Google collected highly accurate location data for 11 months on any modern Android device, regardless if it had service or not.  As we'll see later, this is not a one off occurrence.

2018

April: Chrome Is Scanning Files on Your Computer, and People Are Freaking Out

In practice, Chome on Windows looks through your computer in search of malware that targets the Chrome browser itself using ESET’s antivirus engine. If it finds some suspected malware, it sends metadata of the file where the malware is stored, and some system information, to Google. Then, it asks you to for permission to remove the suspected malicious file. (You can opt-out of sending information to Google by deselecting the “Report details to Google” checkbox.)

A lot of privacy transgressions happen through Chrome and this is another one to be piled on top. Google tries to justify this data collection by saying "it's not as bad as it could be" but this excuse is just that, an excuse.

As the head of Google Chrome security Justin Schuh explained on Twitter, the tool’s “sole purpose is to detect and remove unwanted software manipulating Chrome.” Moreover, he added, the tool only runs weekly, it only has normal user privileges (meaning it can’t go too deep into the system), is “sandboxed” (meaning its code is isolated from other programs), and users have to explicitly click on that box screenshotted above to remove the files and “cleanup.”

June: The secretive Google subsidiary with access to Ancestry's DNA database

Ancestry, which controls a database of more than 5 million DNA samples, is one of the companies marketing its genetic storehouse. The Utah-based company has no formal policy on what partnerships it will or will not pursue, but company officials say they'd never risk a collaboration that could be viewed as exploitative. "We only want to do research totally on the up and up," says Eric Heath, chief privacy officer for Ancestry.
But when customers sign-up to have their data shared with research partners of Ancestry, 23andMe and other companies, they are taking a leap of faith. Ancestry's main research partner is a Google subsidiary named Calico, which researches therapies aimed at extending the human lifespan. Unlike public institutions, California-based Calico discloses little about its DNA work, and many view it as a vanity project for Silicon Valley billionaires seeking breakthroughs to extend their own lives.

Google having access to this type of data is huge.  DNA isn't something that can be hidden or changed and allowing Google (and all of Alphabet's other companies) to maintain this data with little disclosure and oversight is alarming.

July: Tech’s ‘Dirty Secret’: The App Developers Sifting Through Your Gmail

But the internet giant continues to let hundreds of outside software developers scan the inboxes of millions of Gmail users who signed up for email-based services offering shopping price comparisons, automated travel-itinerary planners or other tools. Google does little to police those developers, who train their computers—and, in some cases, employees—to read their users’ emails, a Wall Street Journal examination has found.

One of those companies is Return Path Inc., which collects data for marketers by scanning the inboxes of more than two million people who have signed up for one of the free apps in Return Path’s partner network using a Gmail, Microsoft Corp. or Yahoo email address. Computers normally do the scanning, analyzing about 100 million emails a day. At one point about two years ago, Return Path employees read about 8,000 unredacted emails to help train the company’s software, people familiar with the episode say.

In another case, employees of Edison Software, another Gmail developer that makes a mobile app for reading and organizing email, personally reviewed the emails of hundreds of users to build a new feature, says Mikael Berner, the company’s CEO.

It's not always just Google who has access to your private, personal information and it's not always automated systems either.  Real people are reading and viewing your private information.  Like we saw from the Google engineer back in 2010, employee access to user data can lead to disaster.

August: AP Exclusive: Google tracks your movements, like it or not

Google wants to know where you go so badly that it records your movements even when you explicitly tell it not to.

An Associated Press investigation found that many Google services on Android devices and iPhones store your location data even if you’ve used a privacy setting that says it will prevent Google from doing so.

Another short and simple one.  Google wants your location data and ignores your desired settings to get it.

August: Google Data Collection (PDF)

d. Both Android and Chrome send data to Google even in the absence of any user interaction. Our experiments show that a dormant, stationary Android phone (with Chrome active in the background) communicated location information to Google 340 times during a 24-hour period, or at an average of 14 data communications per hour. In fact, location information constituted 35% of all the data samples sent to Google. In contrast, a similar experiment showed that on an iOS Apple device with Safari (where neither Android nor Chrome were used), Google could not collect any appreciable data (location or otherwise) in the absence of a user interaction with the device.

e. After a user starts interacting with an Android phone (e.g. moves around, visits webpages, uses apps), passive communications to Google server domains increase significantly, even in cases where the user did not use any prominent Google applications (i.e. no Google Search, no YouTube, no Gmail, and no Google Maps). This increase is driven largely by data activity from Google’s publisher and advertiser products (e.g. Google Analytics, DoubleClick, AdWords)11. Such data constituted 46% of all requests

An incredible amount of data being sent back to Google.  14 data communications per hour without even touching the device and shooting up significantly after interacting with it.  

This entire paper is an eye opening read regarding Google's data harvesting. It's easy to read and pictures make up a good portion of the length.

August: Google and Mastercard Cut a Secret Ad Deal to Track Retail Sales

But most of the two billion Mastercard holders aren’t aware of this behind-the-scenes tracking. That’s because the companies never told the public about the arrangement.

Alphabet Inc.’s Google and Mastercard Inc. brokered a business partnership during about four years of negotiations, according to four people with knowledge of the deal, three of whom worked on it directly. The alliance gave Google an unprecedented asset for measuring retail spending, part of the search giant’s strategy to fortify its primary business against onslaughts from Amazon.com Inc. and others.
Last year, when Google announced the service, called "Store Sales Measurement," the company just said it had access to "approximately 70 percent" of U.S. credit and debit cards through partners, without naming them.

A secret deal that affects 70% of US debit/credit card holders which gives Google access to an enormous trove of real world financial data that is tied directly to you.  It's a major step in consolidating peoples digital profiles with their real world lives.

September: Google quietly started logging people into Chrome without their consent, and a security expert says it's terrible for privacy

But a security expert says Google quietly changed its requirements so that when a user logs in to a Google service such as Gmail, Chrome will automatically sign into their account.

Google tucked the new login requirements into the latest Chrome update without notifying users, Matthew Green, a cryptography expert who teaches at Johns Hopkins University, said in a blog post on Sunday.

This is similar to when Google updated their iOS GMail app to auto log into other services. Nothing more than a disingenuous maneuver to obtain more data. Having your account signed into Chrome allows Google to collect more, and more accurate, data that they either weren't previously getting or was less precise.

September: Chrome 69 will keep Google Cookies when you tell it to delete all cookies

Google decided it was okay to exempt their cookies when attempting to "clear all browsing history".  Cookies are a simple and effective way to track users across the web.  You'll want to check out the link as there are numerous photos and explanations about this.

November: Google 'betrays patient trust' with DeepMind Health move

Google has been accused of breaking promises to patients, after the company announced it would be moving a healthcare-focused subsidiary, DeepMind Health, into the main arm of the organisation.

The restructure, critics argue, breaks a pledge DeepMind made when it started working with the NHS that “data will never be connected to Google accounts or services”. The change has also resulted in the dismantling of an independent review board, created to oversee the company’s work with the healthcare sector, with Google arguing that the board was too focused on Britain to provide effective oversight for a newly global body

Google making another move by merging millions of patients health records into Alphabet.  What this means is that suddenly Google and company can link your medical records with all of the other data they have about you.

2019

February: Google says the built-in microphone it never told Nest users about was 'never supposed to be a secret'

In early February, Google announced that its home security and alarm system Nest Secure would be getting an update — users could now enable its virtual assistant technology, Google Assistant.

The problem: Nest users didn't know a microphone even existed on their security device to begin with.

The existence of a microphone on the Nest Guard (which is the alarm, keypad, and motion sensor component in the Nest Secure offering) was never disclosed in any of the product material for the device.
"The on-device microphone was never intended to be a secret and should have been listed in the tech specs. That was an error on our part," the spokesperson said.

Google shipped a device with an entirely undisclosed microphone that could be enabled with an OTA update.  Nowhere in the feature lists or tech specs did Google say there was a microphone.  After being caught, they said nothing more than "oh yeah it's there, our bad".

March: Google Exec Finally Admits to Congress That They're Tracking Us Even with 'Location' Turned Off

Hawley pointed out on Tuesday that a user’s location is sent to Google hundreds of times a day, even when the phone is not in use. In fact, Hawley said, a user’s location is tracked “every four minutes, or 14 times an hour, roughly 340 times during a 24-hour period,” even when the phone is not in use.
DeVries confessed that “location information is absolutely core to making a mobile phone work the way that you want it to work.” He said that Google has an “optional service” called Location History that is opt-in and “can collect location over time when people turn that on.”
“But Google collects geolocation data even if Location History is turned off, correct?” Hawley pressed.
“Yes, senator, it can in order to operate other services—”
Hawley interrupted: “Let’s just get that on the record. Google collects geolocation history and information even if Location History is turned off.” He asked DeVries if he thought the average teenager was aware that Google tracks his location by scanning area Wi-Fi networks.
DeVries defended the practice, saying the data is used to provide “value” to the user, citing the need for Google Maps to determine where a user is.
Sen. Lindsey Graham (R-S.C.) then jumped into the fray. “The phone is off,” off he reminded DeVries.

This entire exchange, to Congress mind you, shows exactly how Google feels about your privacy regarding your location data.  

April: Tracking Phones, Google Is a Dragnet for the Police

The police told the suspect, Jorge Molina, they had data tracking his phone to the site where a man was shot nine months earlier. They had made the discovery after obtaining a search warrant that required Google to provide information on all devices it recorded near the killing, potentially capturing the whereabouts of anyone in the area.

Investigators also had other circumstantial evidence, including security video of someone firing a gun from a white Honda Civic, the same model that Mr. Molina owned, though they could not see the license plate or attacker.

But after he spent nearly a week in jail, the case against Mr. Molina fell apart as investigators learned new information and released him. Last month, the police arrested another man: his mother’s ex-boyfriend, who had sometimes used Mr. Molina’s car.

Police arrest and jail the wrong man for merely being in the wrong place at the wrong time thanks to Google's data collection.

May: Security News This Week: Oh Great, Google Tracks What You Buy Online With Gmail

Google has been on a big ol’ privacy PR push lately, including a fancy New York Times op-ed from CEO Sundar Pichai extolling the importance of protecting your data. Which is a great sentiment that doesn’t quite jibe with the revelation this week that Google also raids your Gmail account for signs of transactions, and collects them all on a separate webpage for your account. You can find yours here.

It includes Amazon purchases, subscriptions, tickets, really anything for which you got an emailed receipt. Google says it doesn’t use the information to serve ads, and that the page exists “to help you easily view and keep track of your purchases, bookings and subscriptions in one place.” Honestly, it’s no surprise that Google’s machines can read your email. But it’s hard to understand on what planet the company thought maintaining a hidden away page that catalogs your retail activity would read as anything but creepy and invasive.

There’s no easy way to delete that history, other than deleting receipts from your email or ticking through them one at a time on your Purchase page. To get at least a little control back over how Google tracks you, head to this preferences page and click “Do not use private results.” Because naturally, Google chose to make the use of private results the default instead of opt-in.

Google is getting your purchases data left, right, and center.  Scanning your email receipts online purchases and using their MasterCard deal for offline ones.

July: Google admits workers listen to private audio recordings from Google Home smart speakers

Google employees listen to customers’ audio recordings on Google Home smart speakers, the technology giant has admitted.

Language experts are employed to analyse “snippets” of recordings made by users, which Google claims helps improve its voice recognition technology.

Google admits they allow employees to listen to recordings.  Not much else needs to be said.

August: Google Assistant can now read and reply to messages from WhatsApp, Google Voice, others

Previously, if you told Google Assistant "read my messages," it only read SMS texts and skipped over plenty of incoming communication from other apps such as WhatsApp, Telegram, Slack, Discord, GroupMe, and so on. According to our tipster, this has changed in the past couple of days, and Assistant will not only read text from these apps aloud but it also lets you answer them.
I think this screenshot says enough about how private this feature is

September: Google Is Fined $170 Million for Violating Children’s Privacy on YouTube

Google agreed on Wednesday to pay a record $170 million fine and make changes to protect children’s privacy on YouTube, as regulators said the video site had knowingly and illegally harvested personal information from children and used it to profit by targeting them with ads.

Google doesn't discriminate in its data collection and aren't afraid of paying these paltry fines from collecting data from minors.

September: Google accused of secretly feeding personal data to advertisers

Mr Ryan found that Google had labelled him with an identifying tracker that it fed to third-party companies that logged on to a hidden web page. The page showed no content but had a unique address that linked it to Mr Ryan’s browsing activity.  

Using the tracker from Google, which is based on the user’s location and time of browsing, companies could match their profiles of Mr Ryan and his web-browsing behaviour with profiles from other companies, to target him with ads.

Mr Ryan found six separate pages pushing out his identifier after a single hour of looking at websites on Google’s Chrome browser. The identifier contained the phrase “google_push” and was sent to at least eight adtech companies

Cookies aren't the only way to follow you around the web.  Google has methods to track users in ways people wouldn't have guessed - and this is one of them.

November: Google to Buy Fitbit for $2.1 Billion

The acquisition is likely to face regulatory scrutiny from agencies already investigating Google for antitrust concerns, because Fitbit collects sensitive information from users through the device. In an effort to head off that potentially thorny point, Google said it would not use health data gleaned from Fitbit devices in its core advertising business.

If you read most of these articles, Google always points out that it won't use any data for their ad business.  The problem is Google is can, and does, use it for, literally, everything else.  

Fitbit has an immense amount of location and health data along with personal information that was suddenly turned over to Google during the buyout.  Just one more thing to add to the massive profile Google has on you.

November: Project Nightingale: Google accesses trove of US patient data

Google can access health records, names and addresses without telling patients, according to the Wall Street Journal, which first reported the news.

Google said it was "standard practice".

Among the data the tech giant reportedly has access to under the deal are lab results, diagnoses, records of hospitalisation and dates of birth.

Neither doctors nor patients need to be told that Google can see this information.

Remember how we just learned in 2018 that DeepMind was merging into Google's core business structure?  It seems wasn't enough and Google went straight to the source by forming a partnership with Ascension to access health records.  The cherry on top is that all of this happened without notifying patients or doctors.

November: Alleged bank robber accuses police of illegally using Google location data to catch him

These warrants, which target a geographic area instead of an individual, compel technology companies to turn over location data from any user interacting with its technology in a specified time.

“Individuals may be caught up in this search by merely using an Android phone, conducting an Internet search using Google, running a Google application such as Google Maps or YouTube, or even receiving an automatic weather update from an Android service,” Chatrie’s attorney, Michael Price, wrote in an October motion.

Geofence warrants, he said, “ensnare anyone who uses Google services at specific times … sweeping up innocent individuals in an unconstitutional dragnet search.” Court documents noted that within the vicinity of the credit union was a major highway, a Ruby Tuesday restaurant, a Hampton Inn hotel, a storage facility, two apartment complexes and a church.

If you're in the wrong place at the wrong time, Google will hand over everything they know about you in a heartbeat - which is a lot.

2020

February: Lawsuit Claims Google Collects Minors’ Locations, Browsing History

The lawsuit alleges that Google has used the service to collect data of children using the service, including their physical locations, websites they visit, terms used in Google’s search engine and videos watched on YouTube. Also alleged, is that Google has collected personal contact lists, voice recordings, saved passwords and other behavioral data. The lawsuit also alleges that until April 2014, Google also mined students’ email accounts and extracted that data for advertising purposes. In all of these cases, the lawsuit alleges, Google has not properly disclosed to users that it’s collecting this data.

Another year, another lawsuit against Google for collecting data on minors.

March: Google tracked his bike ride past a burglarized home. That made him a suspect.

The lawyer, Caleb Kenyon, dug around and learned that the notice had been prompted by a “geofence warrant,” a police surveillance tool that casts a virtual dragnet over crime scenes, sweeping up Google location data — drawn from users’ GPS, Bluetooth, Wi-Fi and cellular connections — from everyone nearby.
Still confused ─ and very worried ─ McCoy examined his phone. An avid biker, he used an exercise-tracking app, RunKeeper, to record his rides. The app relied on his phone’s location services, which fed his movements to Google. He looked up his route on the day of the March 29, 2019, burglary and saw that he had passed the victim’s house three times within an hour, part of his frequent loops through his neighborhood, he said.

A large amount of popular applications, that aren't Google, call back to their servers for various reasons. Unfortunately in this case, the app that called back was one that specifically tracked precise location and mapped it out.


Remember, this is only the privacy side of things.  We didn't touch on anything else, like the examples in the opening paragraphs, and this timeline surely missed a mishap or two.

For those looking for alternatives, here's a short list that covers some of their more popular services and products.

Email: Posteo, Tutanota, or Mailbox (see this post about email)
Search Engine: StartPage, DuckDuckGo
Browser: Firefox, Iridium
Storage: Sync, Tresorit (see this post about storage)

Don't forget to use ad/tracker block extensions when browsing to help minimize as much collection as possible.  Currently, the best ad/tracker block is uBlock Origin.  

uBlock for Firefox based browsers (ex: Firefox, Waterfox)
uBlock for Chrome based browsers (ex: Iridium, Brave)