Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Google’s new program to track shoppers sparks a federal privacy complaint (washingtonpost.com)
160 points by a_w on July 31, 2017 | hide | past | favorite | 132 comments


Unfortunately, credit card companies/banks/etc have been selling purchasing histories, to pretty much all comers, for years.

It'd be really nice if we could stop that instead of caring about the particular people they sell it to.

IE It's not "better" when they sell it to someone who isn't Google, and I honestly could't give a crap about the complaint, which mostly deals with antitrust.


Visa is working to prevent people from using cash in stores [0]. Currently, they are merely giving merchants an incentive to change, but in the future they may use their immense lobbying power to get preferential legislation enacted.

Once cash is gone:

1. your purchases will be available to any company willing to pay for it, and

2. Visa will get a de facto "tax" on all transactions (through 1-2% merchant fees)

[0] https://www.wsj.com/articles/visa-takes-war-on-cash-to-resta...


NB that handling cash isn't free either. You have to pay someone to count it, secure it, and steal it (you are arguably not intentionally paying people to steal cash, but shrinkage is certainly a cost of doing business in cash).

I've seen estimates that the cost of handling cash is actually higher than the interchange fees that Visa charges. This generally counts things like armored truck services, time spent counting cash (probably multiple times), time spent delivering cash, dealing with registers, etc.


Well, there is a third even better option, don't charge insane fees to finance ridiculous gimmick programs that for the vast majority of people never have >=1 RoI.

Interchange fees for CC are capped at 0.3% and 0.2% for debit in the EU. No 20 cards in every wallet, black pink yellow variations, no "yes VISA but not MasterCard" sillyness. Honestly even the cap of 0.3% is still far too high.


> no "yes VISA but not MasterCard" sillyness.

Is there anywhere that is actually a thing? Very rarely I see a place that won’t take Amex, but no visa or mc?


> I see a place that won’t take Amex, but no visa or mc?

Lots of places won't take AmEx or Discover (some of the highest fees in the business.)

CostCo currently only takes Visa (no MC.) Sam's used to only take Discover. It's rare, but it happens. In this case it's also only for "credit" purchases, "debit" is ok for any card, but the fees are way less for "debit" than "credit".


I've only run into one place in 2 years of having a Discover card that wouldn't take it, seeing Amex not accepted is rather common.


Cash recyclers are now common in most large stores.

I know one stopped receiving ten dollar bills.


the bigger issue is that once cash is gone your purchasing history is available to government and nothing there is protected from prying eyes. plus a cashless society is far easier to control as purchases can be blocked at anytime as a goods or services can be declared illegal.

so while Visa is the threat in the forefront we need to be very wary about any attempt to push towards a cash less society until privacy is guaranteed from even government agencies


Any data hoarding and/or selling of this kind by anyone—credit card companies, loyalty cards, ISPs, Google, Amazon, creepy phone-wifi location spying in stores, anyone and anything like this—is de facto spying for the government. As has been discussed many times, keeping oneself clean of this spying (nearly impossible, but for the sake of argument) isn't enough because others' data leaks yours.

Anyone against government access to this stuff ought to be for strict limits/prohibitions on its collection by any entity. It's toxic and should be eliminated.


There is an entire industry of data aggregators and consumer profilers that has existed for decades, long before the internet landed on the scene. These players have been funneling data and providing search services to the three letter orgs in exchange for freedom from any legal encumbrance. There is no way to stop this from happening. They are the main reason why the US has such weak data protection laws in the first place.


Well, the way to stop it would be to outlaw it. More difficult and niche/low-visibility issues have been fought and won, over time. Not impossible, though not easy, and you'd be up against a maybe-unprecedented number of lobbying dollars.


> "from any legal encumbrance"

Do you have any anecdotes or links where data collectors exchanged favor with ABCs for legal violations?


> a cashless society is far easier to control as purchases can be blocked at anytime as a goods or services can be declared illegal

Certainly easier, but it wouldn't stop trading (IIRC, there are already cases of, e.g., swapping stolen goods for drugs).

Won't stop people trying to get rid of cash though :/


So how do we fix this?

In the days when we had interest rates it was possible to make money on transactions by taking the money one day and paying the invoice on the next day. Overnight the money would earn interest. This would be profit to cover the transaction. So a bank could make money moving cheques around for people, taking two weeks to clear back in the days when everything was manual.

So with electronic payment there is no human inspecting signatures and doing data entry. So why the merchant fees?

In a free market a competitor that just makes money on interest should be winning here.


AFAICT, interest rates are too low (near zero) for banks to make a profit on interest margins alone.

You could have a non-profit do the interchange, like the Interac network in Canada, but that would be difficult to coordinate without consolidating all the banks. (Canada has, like, only half a dozen.)


Actually this is solved in the eurozone with that payment method, name forgotten... It is a fundamental bit of what the Euro is about being able to transfer money without the fees.


>> name forgotten

SEPA?


> why the merchant fees?

Convenience. Handling cash is risky and expensive. You have to pay someone to count it, take it to the bank, where it has to be counted again, etc. That is time that has a cost. There is risk of loss or theft. That can be insured but there is a cost for that too. If you have to have an armored courier transport it, that has a cost.

Bottom line, the merchant fees are probably not much more than, and in some cases less than the costs of handling cash.


According to this article [0], WeChat and Alipay will surpass Visa and Mastercard in total global transactions per day in the coming year.

If a payment app really takes off in the Western world, wouldn't that be a very big risk for Visa and Mastercard?

[0] https://www.nytimes.com/2017/07/16/business/china-cash-smart...


Only if the payment app ties directly to a bank account, rather than a card. I don't see any movement in that direction in the US, so the card networks would still be getting their cut.


I foresee a Wallmart/Amazon race between banks and online wallets in the future (each trying to become the other first). Paypal nearly got there a while back. They were actually paying more interest on your Paypal balance than banks were paying on your savings, since they didn't need all the infrastructure involved in being a bank. Not sure what happened to kill that.


Maybe this is how bitcoin (or one of the digital currencies) becomes mainstream, because it has to be used for embarrassing purchases, not just illegal ones.


So instead of being sold to select third parties, your transaction history will be broadcast to everyone on Earth and permanently archived. Brilliant!


Maybe cash should be replaced by zcash.


Which is digital and a pain in the ass to manage compared to physical cash.


I wish they'd lobby this harder overseas. I moved to Europe 10 months ago and one of my biggest qualms with seemingly almost every single vendor here is that they only take cash and in the rare cases they also take card, they only take some cards (sometimes Visa, sometimes Maestro, sometimes MasterCard, etc).

I would give up my purchasing history to everyone in the world if it meant I could use a single card to actually pay for 80% of things on a day-to-day basis. Cash sucks.


Europe? You need to be more specific than that. I find it hard to believe what you say and I live in eastern europe (Romania). I don't have any problem paying with cards here. It's an actual european law that asks the merchants to accept credit cards.


Sorry for being vague; just left it "europe" since I've moved around a bit since getting here.

I'm currently in Croatia, where it seems only restaurants and some grocery stores frequently take cards; I paid for an invoice at a local bank (Raiffeisenbank) yesterday that only took cash, which I thought was hilariously ironic.

For what it's worth, my stay in Iceland (3 months) was absolutely fantastic when it came to taking card payments.

On the other hand, the Netherlands (Amsterdam, 3 months) often only took Maestro-only (or sometimes Visa-only) in the cases where vendors even took cards.

Likewise in England (Sheffield, 3 months) many vendors only took cash, and were mightily confused by American cards (especially one requiring pin + signature).

I also had a brief stay in Italy (Naples, 1 week) where I found one restaurant that took any kind of card; everywhere else was cash-only.

This has been my experience. I didn't realize how commonplace card transactions actually were in America until I realized how rare they were in the places I've lived since.

I hate paying with cash because it's several extra mental steps to withdraw $X / maintain $X on hand / track expenditures / count up payments + check change / etc. It's so much easier and faster to use a card, so I hope Visa (or whomever, I don't have a preference as long as it's a card) lobbies for more widespread acceptance worldwide.

If that requires killing off cash, I wouldn't have a problem with that!


> Likewise in England (Sheffield, 3 months) many vendors only took cash, and were mightily confused by American cards (especially one requiring pin + signature).

Do you remember where? I live in Sheffield, and I'm having a hard time thinking of anywhere I would have an issue paying by card.


Had an incredible opportunity to do a road trip through Romania (including way off beaten path) with some elders that escaped during communism. Both my visa and sometimes American express worked in many areas albeit I prefer to use cash when I can and find myself trying to use cash more often every day.


Depending on where you are, you might just need to use another type of card.

Many parts of Europe have payment systems that are independent of VISA and MasterCard, but provide similar (but safer and more convenient) functionality, including the German-speaking countries.


It would be nice if commenters like you added a disclaimer that you work for Google in comments that hand wave away Google's privacy issues.


I've made very clear when i speak for Google and when I don't, and i pretty much never do (except on some licensing issues).

If you want official statements from me, go elsewhere.

If you want HN to be a place of real discussion and debate, it's stupid to try to tie people to their companies. I think very different from my company on quite a lot of issues, and i happily point that at too.

To your point, however, I didn't hand wave away anything. I said the real issue is "people can get this data". Are you really so naive as to believe this isn't being done by every damn company that can get the data? Saying the real issue is that "Google" got this data, is, IMHO, missing the boat. I don't want Facebook to have it eithre! So to me, like I said, i don't give a shit about that part. You are more than welcome to have a different opinion!

I also worked in DC long enough that a random PR release by an organization devoted to lobbying on certain issues just doesn't bug me or make me care. Quite literally. So I said that.

They are more than welcome to file whatever complaints they want, and i hope they get some sort of response.

While i tend to disagree strongly with his views, i'm much more in favor of folks like ocdtrekkie filing complaints with whatever specific feelings they have on an issue, because at least i don't believe that's being driven by PR

(I know it may be shocking to learn that,in attempts to get funding, etc, non-profits do large coordinated PR campaigns the same way politicians submit bills they know will never pass so they can go home and talk abut it at a stump speech. Much like everyone else, they must stay relevant to be useful.).


I think the disclaimer would have been appropriate here just for transparency sake. As an employee and likely a shareholder, presumably people will be worried you have an ulterior motive in trying to get people to think of Google in a positive light.

I don't think it's so much about thing people to their companies but more about being transparent so people can form their own opinions. If people just accuse you of hiding that information it details the conversation anyway.

Just my opinion. I also work for Google and am pretty sure they also recommend being transparent when commenting on things related to the company although I admit it's been a while since I read the guidelines.


"I think the disclaimer would have been appropriate here just for transparency sake."

I'm very strongly against disclaimers for my personal opinions on random discussion forums , and will continue not to do so right up until i'm forced to (at which point, i'll probably just stop contributing). When I write or post articles in a public news setting or something, or get paid to write them, i'll be happy to.

When i'm just writing crap on HN, sorry, but no.

"presumably people will be worried you have an ulterior motive in trying to get people to think of Google in a positive light."

Which, again, should and does contribute literally nothing to a real discussion, much in the same way knowing a guy owns a 50 million dollar house does not make their opinions or viewpoints, or arguments, less valid on NIMBYism. Engage on the merits.

"but more about being transparent so people can form their own opinions".

People should not form opinions based on who other people work for, when they aren't speaking for their companies. This is precisely a type of bias we should be seeking to prevent. It adds no value to an intellectual discussion. It just gives a mechanism for smug self satisfaction by saying "hey, i don't have to care if he has a good point, he works for X so i can just pretend it's not a real argument"

"I also work for Google and am pretty sure they also recommend being transparent when commenting on things related to the company although I admit it's been a while since I read the guidelines.'

I'm very very very familiar with the guidelines google issues.


> People should not form opinions based on who other people work for, when they aren't speaking for their companies. This is precisely a type of bias we should be seeking to prevent. It adds no value to an intellectual discussion. It just gives a mechanism for smug self satisfaction by saying "hey, i don't have to care if he has a good point, he works for X so i can just pretend it's not a real argument"

The irony is that by not disclosing the company you work for, you actually make it worse. If you disclose any conflicts of interest, then people will be less likely to accuse you of having an ulterior motive. I suppose it's a philosophical choice of living like how you want the world to be or how it is now and who am I to tell you how to live your life!


It's not as if he didn't disclose. He did so in his profile which is the canonical place on HN to put off-topic information about a poster.

If he put "I work at Google", on every post that touches Google then we might as well go back to having signatures on every post like a web-forum.


Origin comment said they didn't want data to be sold to anyone. I interpreted that to be including Google (and their other comments back it up).

While I agree that because of Google's intimate symbiosis with internet, it's nice to have transparency from employees when they protect Google, I don't think the Original Comment was protecting Google.

They were arguing that instead of being upset that Google can now get your data, in addition to [$OTHERCORP, ...], privacy advocates should be upset that any corp is getting the data.


> They were arguing that instead of being upset that Google can now get your data, in addition to [$OTHERCORP, ...], privacy advocates should be upset that any corp is getting the data.

Indeed when I said defending I didn't mean they were saying Google is right but rather moving the discussion away from having bad PR for Google, which is like defending the name of the company (even if it's justified). I admit that my vocabulary is rather limited so perhaps that is not the right word to use but hopefully you get my point.


Yes I do, and I think it's better to be too cautious when it comes to Google than not cautious enough. They are a giant.


If you want HN to be a place of real discussion and debate, it's stupid to try to tie people to their companies.

When the company is Google (or of a similar scale) -- and that company claims to care about privacy (but sometimes engages in practices that suggest otherwise) -- then clearly that association is quite relevant. (Its not a huge oversight, but really, if you had put a standard disclaimer at the end of your comment it would have come off a lot more nicely).

But calling people "stupid" for pointing out that this association matters (when it obviously does) is just... "Google-y", I guess.


"But calling people "stupid" for pointing out that this association matters (when it obviously does) is just... "Google-y", I guess. "

You have not given any reason the association actually matters here[1], nor engaged the argument on the merits Instead, you did precisely what i said would happen - character assassination for no reason. You also assert i called people stupid, which is also clearly false, I instead expressed that the notion that tying people to their companies would do anything useful is stupid.

[[1] It doesn't. You can engage the arguments on the merits whether it had my name or anyone else's. In fact, you'll see i didn't even express an argument past "it sucks they can sell info", and that i didn't give a shit about the complaint itself because it suggests that it's okay to sell it to certain people, when i feel it's not okay to sell it to anyone. I haven't actually seen anyone cogently disagree with this, and it's 100000000% irrelevant to where i work.


> IE It's not "better" when they sell it to someone who isn't Google

It obviously is, because these other someones don't have the same amount of information on you. It seems not unlikely to me (and probably others) that your difficulty in appreciating this point is employment related, even if you are arguing in good faith and are not consciously aware of it.

I don't disagree with you that the correct fix is to prohibit the sale of this information in general.


You also assert i called people stupid, which is also clearly false,

Sorry, but saying "it's stupid to do X" really is basically the same as saying... "people who do X are stupid". Or at least "they are, in that context, being stupid".

Either way, you said what you said -- and presumably you meant what you said -- so there's no point in trying to wiggle away from it.


That's not the problem. The problem is that ones opinions regarding the entity responsible for issuing their paycheck are inherently less valuable, and this context is important for others reading.

You might think you are completely objective and unbiased, as do most others, and maybe you are. But, most people are fooling themselves a little. Nobody will admit to themselves, let alone others, that they work for someone evil.

So really, if you want a place of real discussion and debate, it's important to tie people to their companies in cases where they are participating in discussions about these companies.


"he problem is that ones opinions regarding the entity responsible for issuing their paycheck are inherently less valuable"

No, they aren't, and it's horrendously biased to say that.

"So really, if you want a place of real discussion and debate, it's important to tie people to their companies in cases where they are participating in discussions about these companies. " No, it isn't, precisely because your premise is wrong. It's not just wrong, it's startlingly bad to me.

If your default position is "people's opinions are less valuable because they work for X", you really aren't going to do a good job of seeing multiple perspectives.

But given what you've written here, maybe you don't want to?


Eventually you'll find that making an issue of this, is a mistake. I was inclined to favor Google in this case, since TFA was published in the AMZN-CIA Post, but your unsavory contributions to this thread (not your original comment, but rather the clueless hole-digging that followed) have mostly changed my mind.


>I was inclined to favor Google... but your comments have changed my mind

That doesn't even make sense. The op made no argument for or against google in any of this thread, and has only tried to clarify that. Defending yourself against the Google hating bandwagon is clueless hole digging? Did you even read any of the op's comments?


"Unsavoury" does not mean the same as "something I do not agree with".


You'll want to quote the entire statement, since what you've selectively quoted changes the meaning drastically.

People are less objective about an entity who is paying them. There is nothing controversial about this. I'm surprised someone like you would even convince themselves otherwise.


>If you want HN to be a place of real discussion and debate, it's stupid to try to tie people to their companies.

>a random PR release by an organization devoted to lobbying on certain issues just doesn't bug me or make me care.

How ironic that you are trying to diminish this article by calling it a "random PR release" by a "lobbying organization".

Perhaps someone who didn't work at Google might call them a "privacy watchdog" looking out for consumers.

>just doesn't bug me or make me care.

Well, you cared enough to comment.


Eventually you just get the gist for who around here works at Google. ;) cromwellian, who responded to one of my comments here, is also a Googler.

Arguably, DannyBee is correct that the real issue is that credit card companies are allowed to sell this data at all. But perhaps the danger of this practice is especially highlighted by the fact that Google is now one of the buyers.


I put my disclaimer in my profile and I usually make it obvious from my comment I work for Google, but I really tire of putting a disclaimer in each and every message, it gets tedious after a while.

Perhaps HN should implement some kind of badget/sigfile/etc extension for this purpose.

But I'll also note that in my response, I didn't comment on whether or not what Google was going is a good thing, or even going about it in the right way, I merely commented that the information being speculated on is inaccurate and that there was a crypto-conference presentation that gave some details of what Google is doing that contradict what some of the commenters imply.

I actually understand the skepticism and I think it is related to the secrecy of the mechanism and if a peer reviewed paper were published, it might do much more to alleviate fears.


And I also upvoted your comment because I thought it was valuable and noteworthy. :) I really wasn't meaning to be critical to you in my response here.

HN seems kind of hesitant to add additional profile tools beyond the usual. I'm not sure if that's part of it's charm or a detriment. I think having a sig line on every comment might be tedious, and FWIW, I don't think it should be obligatory to attach your employer to every comment on every post on HN. There's a lot that's simply not remotely relevant.


Should HN have an employer field next to user names, like the domain field next to the article name? It may have helped with the recent Docker issue.


I don't think there's a lot of benefit to this. People would still debate whether or not they needed to disclose. Some people believe that if their posts are their personal views, they don't need to disclose. People might be more likely to use throwaway accounts for personal opinions or posts on unrelated topics. Since HN doesn't mandate any of this be provided (or accurate), it becomes useless. I usually don't disclose my employer on my profile... but I don't work at a startup or major tech company and no companies discussed here have any sort of relationship with mine.

I think people should disclose they work for a company they are defending the position of online. But I don't see a way to force that issue in an environment that permits anon accounts.


I dunno, either people are there companies or they aren't.

I am not my company, and a lot of people elsewhere aren't either. I don't think who we work for is really relevant at all unless they are trying to make offical statements.

Either engage on the merits or don't. "Ignore this guy, he works for X" is not a useful line of argumentation.

The only thing putting company names next to things would create, IMHO, is an echo chamber.

(This is very different than journalists being paid to write specific articles or funded to do specific research, or even people paid quite specifically to astroturf)

If we believe it's some magical generalized conflict of interest, why stop at company names.

In any article about NIMBYism, should we require people post whjether they rent/own/own a home > 2 million/whatever. etc

IMHO it's completely irrelevant to the merits of their argument. The merits don't change one way or the other. It seems the only usefulness would be able to filter/confirm biases. At that point, why bother having a discussion.


One highlight point to me, is that as an employee posting on an identifiable account, you have two options: Convey the same view as your employer, or remain silent lest you risk being fired. (No matter how much a company claims this isn't the case, it pretty much is, particularly revolving around talk about that employer specifically.) I doubt there exists a public post where a Googler says they think Google should be broken up Ma Bell style, or where they state that Google's attitude on privacy is broken and wrong; anyone who said such would no longer be a Googler. And of course, since you're surrounded 8+ hours a day by people who generally find your employer and it's practices agreeable, you've got a natural bias anyways.

Therefore, the participation of employees adds a lean in their favor, and disclosure, if it doesn't neutralize it, at least flags it so people are aware.

Mind you, knowing you're a Googler, I did upvote your original comment, because I thought it was accurate and had value. And I do see the concern about people being dismissive of others based on their employers, particularly in comments not directly related to the topic being discussed. (Imagine trying to comment here with "Uber, Inc." after your name.)


"Convey the same view as your employer, or remain silent lest you risk being fired. (No matter how much a company claims this isn't the case, it pretty much is, particularly revolving around talk about that employer specifically.) I doubt there exists a public post where a Googler says they think Google should be broken up Ma Bell style, or where they state that Google's attitude on privacy is broken and wrong"

You are wrong on both points, FWIW :) But it's definitely true at other companies.

" And I do see the concern about people being dismissive of others based on their employers, particularly in comments not directly related to the topic being discussed."

Given another person just literally said to me "the opinion is less valuable because you work for X", i'm much more worried about this attitude than i am the one where people are biased towards their companies.

Most people in tech are not true believers. Most probably like their companies. But that doesn't mean they agree with what their companies do all the time. Especially in a company the size of, say, Google, it's pretty, IMHO, silly to think that among 150k of those people, there is no dissent, or not even a lot of dissent, all the time.


Yeah, first and foremost, it bothers me that this data can be sold at all in a user-identifiable way. (Presumably for Google to be able to link it to accounts, name and address are included in the data.)

Perhaps this offers the opportunity for a product, in the short term: Is anyone offering credit cards which promise not to sell your purchase history? I'd be game for that.


It's actually not given to Google in a user identifiable way. I am not privy to the details, but an overview was presented at a crypto conference: https://www.youtube.com/watch?v=ee7oRsDnNNc&t=10m1s

It looks to me like a form of homomorphic encryption where both the aggregate consumer transactions (people bought X at merchant M), and the aggregate Google ad information (people saw ad for X at merchant M) are encrypted and the set intersection is computed on the ciphertext revealing only the aggregate number of purchases, not the individuals.

Now granted, there could be a security hole in this scheme as with any crypto-protocol, so it does need peer review, but the design, as stated in that YouTube presentation, is not to reveal to Google personal purchasing information, nor reveal to merchants, personal profile information. No personal financial data or purchasing information is supposedly transmitted.

The problem with this kind of technology is that it is really difficult to explain to the public, and easily demagogued.


Assuming the encryption works as advertised, these schemes still allow more de-anonymization than you'd think. If you can compute very specific set intersections you can then get the set size low enough to reveal personal information with 100% certainty. (The set of people that bought X at M and Y at N and saw ad A at P and ad B at Q on a particular day might contain one person)

I do not know of any work in homomorphic encryption that claims to provide privacy guarantees in the face of side-channels from other sources (in this case, the side-channels could be phone location information for brick-and-mortar purchases, or web browsing activity timestamps for online purchases). It's not surprising that such work is hard to find, since merely computing correct query results breaks most reasonably privacy guarantees.

Also, the field of homomorphic encryption encourages people to use horrible cipher-modes like code-book, so guilt-by-association makes me highly suspicious of stuff in that space: https://en.m.wikipedia.org/wiki/Block_cipher_mode_of_operati...

The closest thing I know of that is workable is differential privacy, which (in laymans terms) introduces enough noise to make sure that overly-specific queries return random (but representative) garbage. Apple says they use differential privacy to train models on data that's stored on iPhones without actually giving themselves access to that data. Cool stuff.


My question is... how is that supposed to work? How do they turn "person A's credit card account" and "person A's Google account" into something comparable. To say "X customers saw the ad and then purchased it", you've gotta be able to be able to confirm that the same person is on both sides of the dataset, which is a pretty hard problem even without it allegedly not sharing the info on one side with Google.

I guess this complaint from this article is asking the FTC to get more information on this process, or get Google to explain how it works, or something.

Upvote for the explanation.


You can use geography, I assume this is meant to measure ROAS.

I've worked on a similar problem, and some very large retailers we worked with wanted to measure ROAS. They turned off all adspend in a certain large metropolitan area, while we turned on in that area. Measuring the sales lift/drop, gave an idea of the platform's effectiveness.

Any other demographic data point could also be used, not just geo. You don't necessarily need to link people directly.


I don't know in this case, but there are several identifiers that both parties might have (phone number, email address, billing address, name). In the industry, you can sometimes get "anonymized" data that is keyed by a hash of these identifiers, then you can hash your own identifiers and join to deanonymize. This isn't how it works in this case, but I know other companies do this.


Homomorphic encryption to do set intersection. With sufficiently large sets, you don't need to do any sort of collection at the individual level.


>> IE It's not "better" when they sell it to someone who isn't Google

It's better in the sense that those companies can probably do much less with purchase histories than Google as they have less total information on me (whereas Google has email, web history, photos, etc. if I allow them).


> Unfortunately, credit card companies/banks/etc have been selling purchasing histories, to pretty much all comers, for years.

Do you have evidence of this?



> Google called its advertising approach "common"

Tragedy of the commons. At this point in time, any and all forms of data collection have become common. When I visit a website, I expect them to collect everything about me - my IP, my mouse movements, what I clicked, how long I took to click it. Just a matter of time, that they start tracking audio and visual cues as well. It's unthinkable today but we will get there. It will enter slowly in the form of alexa and google home. then a browser plugin. Then a browser integration. Then a web api. And to cap it all, everyone will claim how it's made their life better.


I wonder if you're using the term as a poetic device, but as far as I know that's not what Tragedy of the Commons means.

Commons are properties without private owners. The tragedy is that because no one individual owns it, the people that use it use it without care to its maintenance believing that it is not their responsibility.


This is still sort of the same thing. The blame can't be pinned on one single entity because it is so common.


    start tracking audio and visual cues as well
Do you mean microphone and camera, or something else?

(If you do mean mic/camera, sites can't access those without prompting the browser to show a permissions dialog and you clicking "ok".)


How fortunate, then, that browsers never have security bugs.


>And to cap it all, everyone will claim how it's made their life better.

You don't think it actually _will_ make some people's lives better? Do you think those people are being tricked into thinking their life is being improved? Or do you just think the downsides just outweigh those improvements?


Try as I might, I just can't be bothered to care if someone wants to know what I've been buying so they can show me advertisements relevant to my interests.

But I'm weird, I don't think advertising is inherently evil or annoying.


To be honest, I don't either. But the data is still there. You don't know if in ten years Google is going to start losing money and is forced (by its shareholders) to find alternative means of monetization.

You can't really say Google is perfectly secure and will never ever ever be hacked and leak your data either. Maybe it will never happen, maybe it will.

Therefore I believe I should have the right to say "hey, I don't want this private corporation to have my credit info".


Or potentially worse, if they're compromised/hacked in some way and that data simply enters the wild ecosystem.


I still can't see why I should care if some stranger has my purchase history.

I suppose some people might feel weird letting strangers or anyone know what they buy, but that's an argument for the ability to opt-out, not for filing a complaint with an agency or starting a lawsuit.


There's plenty of people who get up to things that would result in severe professional damage if it became public knowledge - I know a handful of teachers who are into BDSM in their private lives who are eternally terrified of their employers or a journalist catching wind. "Some stranger" isn't necessarily the issue, it's someone who has the ability to harm you that's the issue.


I find that to be an awkward form of argument because any category that is sufficiently taboo is going to split the audience into two camps-- a small group who empathize with the practitioners and a larger group who don't. (Otherwise it wouldn't be a taboo.)

The problem at hand is that Google and others are scooping up everyone's data. A change in the way these companies decide to use that data can have an effect on everyone's lives, but without anything like a Congressional Budget Office or public debate to gauge whether the benefits of those changes outweigh the costs for the people who are affected.


Or look at the short term Mozilla CEO that was ousted over a public outcry regarding similar private matters.

Edit: Hrmf, never mind. Egg on my face.


Publicly-disclosed (by legal mandate) financial sponsorship of a public advocacy campaign on a public policy matter is about as far as you can be from a “private matter”.


Hrmf, did i get my CEOs confused. Could have sworn there was some BDSM stuff involved as well. Or was that some other FOSS project?


> Could have sworn there was some BDSM stuff involved as well.

Well, not with Eich. I don't think there was another short-term Mozilla CEO ousted among public controversy.

ISTR participation in Gor fandom being brought up alongside sexual harassment/abuse claims for a prominent community figure (maybe Jacob Applebaum? I thought it was him, but I don't see that element mentioned in any of the articles on him, so it may have been someone else) but I don't remember that or consensual BDSM related activity being the central concern in any ouster.

EDIT: As a sibling comment suggest, the Gor issue was with Larry Garfield.


The only well-known techie BDSM stuff I know of was not a CEO - it was Larry Garfield of the Drupal community.


I'm certainly not as clever as most thieves but if you had a database of people's purchases I imagine there's some low hanging fruit if you run a query looking for people purchasing lots of valuables, with no security related purchases, and a consistent pattern of taking a vacation out of state every year.


It really depends on what's in your purchase history, where you live what, job you have, that kind of thing. I certainly wouldn't want to coming out I enjoyed a drink every now and then in Saudi Arabia, and I might want to hide my propensity to smoke cannabis from my boss. Finally there's just the notion that I might not want to be relentlessly marketed to by increasingly sophisticated algorithms, because sometimes it works and people end up buying things they wouldn't otherwise. As these techniques get better I'm sure that will continue to be a problem which only grows, and the data harvested today isn't going anywhere.


Do you want it to be sold to your insurance company? We see that you're a regular coffee drinker which is correlated with increased risk of heart problems -- here's a rate increase.


In general, why should someone's higher risk lifestyle be subsidized by other insurance customers?


This was the insight behind the founding of GEICO, originally the Government Employees Insurance Company. The Goodwins recognized that government employees are more risk averse than the average bear. By writing policies to civil servants only, they could profitably charge lower premiums.

Geico began offering policies to the general public in 1974, so this is historical trivia now.


>Geico began offering policies to the general public in 1974, so this is historical trivia now.

I do recall that they offered a rather significant military discount when I was a soldier. I have wonder if that discount was backed by actuarial data. I would rather expect members of the military to be higher risk than civilians or civil servants.


Risk tolerance is funny in that it’s not always uniform.

The region where I live is heavy in the defense industry. There are lots and lots of veterans here. Federal Acquisition Regulations give preference to veteran-owned small businesses and also to service-disabled veteran-owned small businesses. Despite that, in a town with lots of defense and lots of veterans, there aren’t a whole lot of VOSBs.

A few years ago, the dad of a schoolmate of my son’s retired as an Army Lieutenant Colonel. Even though he as a Ranger performed parachute jumps with weapon in hand into hostile territory, he had lived in post housing all his adult life and had never had a mortgage before. The civilian world and business customs were all foreign to him despite his having interacted closely with the contracting industry for years.

We get used to what we’re exposed to. After being told for years and years to jump out of perfectly good aircraft to go blow up this-or-that target, it becomes not quite so scary. Drop the typical cake eating civilian in that world, and he’s likely wetting his pants. Drop G.I. Joe in the new world of corporate finance, contract vehicles, teaming agreements, and business development, and it can be unsettling too.


My understanding is that the reason is because that's how insurance works.


Kinda. Insurance is about a pooling of risks, that does not mean that every risk level must be in the same pool. Houses that are built in flood-prone areas are forced to be in different insurance pools with higher rates than other houses because the risk profiles are different.


You know what I meant. OP only mentioned undifferentiated "someones."


Undifferentiated? They are specifically labeled as "higher risk".


Just curious, is there proof insurance companies can or do buy purchase histories? And if so, see other reply about universal healthcare.

Also, not to nitpick, but coffee is not linked to increased risk of heart problems, that's a myth.


Maybe we'll get universal healthcare at some point and people will stop rolling out this tired argument.


Okay, how would you like your purchase histories to be used to determine your wealth and companies charge you more for goods and services because they know you can afford to.

"I'm sorry sir, our system says your wealth rating is 600, our discounts only apply to people with 400 or lower."


We already see this with how airlines alter the pricing depending on when the ticket is bought and whatsnot (because if it is bought for a middle of the week trip etc, it is likely to be a business trip).


But the key difference is that applies to everyone who wishes to make that purchase, not just particular people.


This sounds amazing to me :)


You can’t change just one thing. VA For Everyone will increase arguments of “Well I’m on the hook for your healthcare, so I should have a say in whether or not you …”


I live in Canada. Still applies. Just replace health insurance with life insurance, car insurance, or home insurance.


Indeed. Already seeing car insurance being based on age and gender. Because apparently young male drivers are more careless and aggressive in their driving style...


Inherently evil and annoying? No, but in practice it's annoying and online at least, potentially problematic on other levels as well such as security and performance. Telemarketing isn't inherently evil and annoying either, but it's become a playground for scammers with robocalls and constantly shifting spoofed numbers. That, maybe, should tell you something about the nature of the medium, or at least the nature of the medium when it's being exploited by a broad population.


I think telemarketing is annoying, it's also intrusive and requires effort on my part. Passive advertisement on the internet does not.

Note I am not saying there are not annoying advertisements, but that's an issue of implementation, not the concept of targeted advertising. If anything, Google would know I will never click on an annoying ad if they "invaded my privacy" more than they do now.


Something like this should be opt-in for people like you. By default our private spending information should not be shared with 3rd parties.


> [...] so they can show me advertisements relevant to my interests.

That's the benefit to you. The other is that the business model supports the Google services you use.

The perfunctory question is: what are the costs to you and everyone else?

The question that piques my interest: why do you assume there aren't costs, or that the costs are negligible? Why does your belief that an institution isn't evil or annoying mean you only do the first half of a cost/benefit analysis?


Because all evidence I've seen is either sensationalized and based on emotion: "Oh no! My privacy!"

Or...I haven't seen any evidence there is a noticeable cost to me as a person?


It's kind of ironic that a news paper owned by Amazon's CEO is publishing articles about Google violating customers privacy

Not that it's not a valid complaint, just interesting


Credit card companies and retailers have sold anonymized purchasing data for years to help companies analyze online ad clicks to offline spend.

Auto companies have used Polk vehicle registration data and data aggregators to match a vehicle purchase to the user's online ad clicks. They compare how showing ads for certain models influences your car purchase (ex. Honda CRV) from your initial search (best family sedan) and demographic info (FB data indicates you are an avid runner, 2 kids, 1 dog, etc..). Retailers employ a similar model for basket size.

There are partners like Oracle Data Cloud, Nielsen Catalina Solutions, Neustar and LiveRamp (ex. IdentityLink http://identity.liveramp.com) that provide similar data for O2O measurement.


I actually also filed a complaint with the FTC about this program. Nobody wrote an article about me though. :( (In fairness, this appears to be an actual legal case, not just a 'complaint'.) I was particularly perturbed that Google made it clear they had access to my credit and debit card data even if I do not grant them permission to have it.

My guess is somehow I have given the credit card companies permission to sell it, but it feels like my entire purchase history attached to my personally-identifiable info enough to tie it to a Google account really shouldn't be legal to sell.

As a note, filing privacy complaints with the Federal Trade Commission is surprisingly intuitive, and I highly recommend people familiarize themselves with the system and use it liberally.


Has the FTC contacted you to follow up on your complaint? Just curious what process is like.


Not as of yet. (Filed on May 23rd, got a generic "we received it" email on that date.) It is possible that filing a complaint is akin to screaming into the void, but it made me feel better that I filed it. Presumably if a lot of people file complaints on the same topic, they might notice.


I see ads on facebook related to purchases I make with a specific credit card. I have no indication which party is supplying this info to whom and how they made the connection to my facebook account.



WaPo has the same power: they know what customers buy. They're owned by Bezos which owns Amazon. How are they different ? Why would Google's data be more prone to hacking than Amazon's ? This article is pretty hypocritical.


Bezos owns the Washington Post, but as far as I know there's no connection to Amazon or integration with Amazon. He owns it as an individual.

Publishers in general have very little visibility into user behavior, since they rely on third-party tracking tools and third-party ad engines.


For about 8 months (Dec 2015 to the end of July 2016) I got daily emails from Amazon with free articles from the Washington Post. Information on this is sparse, so I don't know why it started or stopped.

Prime members also get a free six-month trial period, followed by a discount on a subscription -- $3.99 / month [0], as opposed to the standard $10 / 4 weeks (or $99/year) [1].

[0] https://www.amazon.com/dp/B072MHQFJ1 [1] https://subscribe.washingtonpost.com/


One philosophical question I have been wondering recently is whether this problem could not be addressed by removing "real life" identity from the equation.

I don't think personalized ads would be nearly as obnoxious if I knew that the ad matches my browsing history but has nothing to do what name shows up on my passport.

Most of what people seem to take issue with is their personal identity in addition to the tracking.

The tracking for the purposes of relevant ads would be identical from the perspective of the advertiser (efficient/profitable) but much more private for the user.


> To do this, Google said it had obtained access to the credit and debit card records of 70 percent of U.S. consumers.

After reading the initial article in May, I called American Express and they swore up and own they don't sell my purchased data. I don't see how you get above 70% without data from American Express.

So who's lying?


American Express has a pretty small market share (7.5%)

https://wallethub.com/edu/market-share-by-credit-card-networ...


Am I reading it wrong? The chart makes it look like Amex has 23%.


I'm referring to the cards in circulation number. The original claim was about a percentage of consumers, not a percentage of transactions so to me that is the more relevant number.

Either way, 100% - 23% = 77% which is > than 70% so the point stands. Visa + Mastercard alone are over 70% using the purchase volume numbers


Yeah, when Google said "over 70%", I basically just figured "Okay, so they have Mastercard and Visa." Amex and Discover are both tiny comparatively.


Which means that 70% is possible without AmEx?

I'd also wonder about how the numbers are computed - you can get incomplete records on a high percentage of consumers without the AmEx data as (people with AmEx) and (people with other card(s)) aren't disjoint sets.


Amazon Express is, in my experience, by far the most customer-friendly major credit card in the US. There's a reason that I use it whenever possible, and it's the same reason that most places don't accept it.


Good, but it would be better if they ask what kind of data is sold to any party


Privacy centric Cryptocurrencies is the solution rearing it's head. Zcash. Btc.




Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: