The Day I Started Worrying and Deleted Google
Published on Sep 13, 2020.
I have had my first Google account since around 2003 when Google introduced GMail and still required you to be invited by an existing user. There had of course been many alternative email services around, and they usually offered some tier that one didn’t have to pay money for. But none could compete with Google’s offering of near-infinite storage and clean web interface, when most other services had ad-cluttered pages, forced their footer into sent emails and were constantly at risk of refusing to receive new mails due to the few mega-bytes of space being full yet again. That’s why Google introduced their new service with the slogan of “never having to delete another email”.
Ironically, Google soon after got into the headlines because its terms of service implied that even deleted mails would never really disappear from their servers. Google quickly clarified that this was purely because of how their systems were set up and retained their backups. However, not wanting to let go of any shred of their users’ data still is a characteristic of their business model. For a company that makes a lot of money as a gatekeeper to this data, this attitude should be hardly surprising. I think it is fair to say that Google’s customers are in fact those that pay to have ads delivered to specific user demographics and Google’s services have the function to keep the latter attentive, accessible and transparent.
I appreciated my GMail account for being rather reliable and low-maintenance. And Google kept on adding more services, from calendar to file storage. However, for me personally, this central role that the now Google account is supposed to take within Google’s increasingly entangled ecosystem is what alienates me most.
My emails are already a very sensitive and telling part of my personal data: they expose whom I have contact with, what I order and from where, and when and how often I read my mails. It requires some level of trust to keep with them on anyone’s computer but mine – but as mentioned above, Google is into storing all details for as long as possible. Now add a calendar. Add storage and editing capabilities for documents. Add picture upload. Add video viewing history. And your every route tracked when using navigation services. This, combined with the meta-information of when these are accessed, from where and with whom they are shared, creates a thickly-woven picture of one’s identity, personality and behavior1. And that doesn’t even get to the more invasive offerings such as “Google Assistant”.
Of course, one doesn’t have to use these services, and I (mostly) chose not to. But sometimes, there are no alternatives: while I created my GMail account voluntarily, I was pretty much forced into a Google-account when setting up my first non-Nokia smartphone. The typical operating system on modern devices such as tablets or smartphones is simply not designed to give the user the final word on what data is stored, where it is stored and whether or not it may leave the device. Despite some progress in the form of more fine-grained privacy settings, it is still common that these devices are entirely useless without at least a user account and continuous online check-ins2. And of course the defaults transfer data freely, usually including WiFi passwords and login credentials in backups.
I am not even fundamentally opposed to such features in general. While I consider myself very privacy-conscious, I do believe that everyone should have the freedom to exchange access to their data for access to services – as long as this happens transparently, leaves control with the user and deletes all data when the user opts out again3. Technically, this is difficult to realize, so this process requires trust. And when I don’t even see any options to opt out, then I find it very difficult to trust any of the other options offered. Especially when I paid a significant amount for the device I hold in my hands and get increasingly frustrated with because I do not get to use it on my own terms.
Under these circumstances, how is one to trust a device that follows one everywhere, connects to every single account under the sun and is equipped with pretty much every sensor available in consumer technology?
I know I am not the only one wondering this. The conversationalist framed our relation to our phone as an abusive relationship, and I regularly overhear friends and colleagues mistrusting their devices and going as far as withholding (Google) searches to not have their spontaneous search reflected in their feeds, ads and future search results. But this is a potentially very dangerous slope we are on: if we are already self-censoring when we are considering mundane things like products we might buy, how does it affect our social and democratic discourse? And what alternatives do we have as our access to information and discourse is largely guarded by a few de-facto monopolies4?
Step by step towards a self-determined digital life
These questions leave me no peace and are a central reason why I decided to increasingly dismiss Google’s offerings. The most difficult and yet most important is the choice of mobile phone: there are a only very few brands that do at least allow or even provide a Google-free operating system5. When last making this choice, I did not want the former option that would require unofficial hacks, despite some of these being rather mature all things considered. Luckily, there was and is again a better option for the latter in the shape of the Fairphone 2 and now Fairphone 3. I own the former since its first release in 2015/16 and am very fond of it. It runs Fairphone OpenOS which is based on the free and open parts of Android 76. I run selected apps via direct download or through the F-Droid store7.
For all of the commonly-used Google services, I found replacements that often have one key feature seldom found in Google services: full offline support. This means that I, for example, download maps in OSMAnd (instead for Google Maps) and can access this anywhere, anytime without any internet connection. Since this usually covers the whole country I am interested in, I don’t have to be particularly selective beforehand. And whether I want to save on battery when out in the woods or want to look up an address while having no connection when traveling, OSMAnd is there for me. The same is true for my dictionary, music collection, podcasts, and notes. If you are looking for alternatives, switching.software and privacytools.io are very good sources.
That doesn’t mean that I have to manually synchronize anything. Syncthing runs on my desktop, phone and a Raspberry Pi at home and keeps data and music up-to-date whenever I am home. The Raspberry Pi also hosts my calendar and contacts and allows me to stream music to my stereo system via Bluetooth or WiFi (instead for whatever that Google thing is called). My browser of choice is Firefox (instead for Google Chrome) and the search engine I usually start with is DuckDuckGo.
As mail host, there are an abundance of services that I trust more than I trust or want to support Google. I both use my own domain and have accounts in techcollectives such as riseup.net, fripost.org and hcoop.net.
And today I logged into my Google account for the last time and deleted it.
Which, I have to admit, was a very pleasant user experience and went smoothly. Especially when compared to the hoops that Amazon makes one jump through deleting one’s account.
Epilog
With all this in place, Google is far from being out of my life though: most of my friends store my contact details with Google, ring me from their Google phones, or receive my mails in their GMail accounts. But it doesn’t stop there: most websites embed Google-services such as Google Analytics or Google Ads which track me throughout my web journeys8. Even government online services use and require Google code to run on my machine when they use reCAPTCHA to ’make sure I am human’.
And that is just what is still obvious to see. Google also operates infrastructure that is much less visible but still yields data to them. For example, the university I work at has the students’ mail accounts hosted on Google’s servers. You could not tell this from their mail addresses, however.
So while I perceive the step to remove my direct ties with Google and to replace them with free and open software as a significant one to regain self-determined use of my devices, it does not remove Google from my digital life entirely. Google is here to stay and we as a society better find ways to deal with it and other IT monopolists without surrendering ourselves and our freedom.
Important disclaimer: Whether removing Google from your digital life improves or negatively affects your privacy, security and access to services depends entirely on your individual use case and your choices of what to replace Google with. You should choose alternatives with care and after researching possible implications to your privacy and security. Always consider your threat model if you are facing particular high personal risks.
Comments? Leave them as reply to the corresponding post on Mastodon.
Footnotes:
One could use different accounts to separate these, which I have done at times. But I never believed that Google would not be easily able to connect these though similar access patterns and other commonalities.
Microsoft must be mentioned here for managing to make this anti-feature a thing even on regular computers since at least Windows 10. As does Apple on OSX where the hardware is even more strongly coupled to one’s user account.
Preferably, this deal would also be not as heavily to the advantage of the service provider as it is currently common practice.
To name the biggest offenders: Google, Amazon, Apple, Facebook, Microsoft.
Neither Apple nor Microsoft qualify in this context as both, in different ways, impose restrictions on the users and eagerly collect their data.
It even received two major updates, first being released with Android 5.
These choices bear their own privacy and security implications. Note the disclaimer at the end of this article.
Browser add-ons such as EFF’s Privacy Badger, uBlock Origin, Cookie AutoDelete and NoScript can make a huge differences here though. Check them out if you don’t know them yet!