Google’s Motto ‘Do The Right Thing’ is for Them and Not Us — Especially with Chrome 69

For years I’ve been a staunch supporter and trusted Google, loved their services like Google Suite, Gmail, Google Voice, and others, all while admiring their machine learning and artificial intelligence research. One thing I specifically trusted was Google’s Don’t Be Evil motto which was baked in to their Code of Conduct for the company.

Then, back in May, I became troubled when they removed Don’t Be Evil and replaced it with Do The Right Thing. At the time I joked with a friend of mine asking him, “Is ‘do the right thing’ for us, or for Google?”

It appears the motto change was focused on Google.

The biggest shift away from that “Don’t Be Evil” motto that Google has ever done just happened. Though this thread started on Hacker News a few weeks ago, a cryptographer and professor at Johns Hopkins University whose blog I follow, Matthew Green, wrote a post entitled, Why I’m Done with Chrome. In it he said:

A few weeks ago Google shipped an update to Chrome that fundamentally changes the sign-in experience. From now on, every time you log into a Google property (for example, Gmail), Chrome will automatically sign the browser into your Google account for you. It’ll do this without asking, or even explicitly notifying you.

Green also sees this move as having serious implications for privacy and trust. Do you think!?! My trust-level in Google has plummeted. So much so that I have now shifted 100% back to Mozilla’s Firefox browser and away from Chrome. I will no longer use Chrome until they change the way they infiltrate my privacy.

SO WHAT EXACTLY DID GOOGLE DO?

Google’s recent update to Chrome (browser version 69) has done something unprecedented in their history:

a) Once you login to Chrome as a user, Google can (and does) track EVERYTHING you do in the browser. Every site you view, every login. The change? If you login to any Google service in the Chrome browser, Google will log you in to that browser to give them access to everything you’re doing within Chrome.

b) As a user you can no longer delete ALL the cookies in your browser. Google’s cookies remain no matter what you do. (Hat tip to Christoph Tavan for discovering this breach)

c) Google is increasingly using “dark pattern” user interfaces in their services to hide or obfuscate what something does when you check, uncheck or choose an option. In ExtremeTech’s article Chrome 69 Is a Full-Fledged Assault on User Privacy, they describe how Google’s dark pattern user interfaces obscure their intent to get you to enable them to do the right thing for Google:

These changes are all part of what’s known as a dark pattern. If a pattern is defined as a regularity in the world (designed or naturally occurring) that repeats in a predictable manner, a dark pattern is an attempt to trick users by designing interface options that look like the options users expect to see.

I, for one, don’t want to research, study or figure out how a company I trust might be trying to trick me in to do something that is in THEIR best interest…and not mine. I’d rather pay for offerings and am growing tired of “being the product“.

FOR MORE

• GOOGLE NEWS COVERAGE: FIND IT HERE (yes, I’m aware of the irony)
• THE VERGE: Google criticized for Chrome change that logs users in without telling them The latest version of the browser, Chrome 69, is pushing users into sharing more data, say critics
• WIRED: A Seemingly Small Change to Chrome Stirs Big Controversy
• THREAT-POST: Google’s Forced Sign-in to Chrome Raises Privacy Red Flags
• INQUIRER: Chrome 69 secretly logs you in to Chrome Sync when you visit a Google site
• SECURITY RESEARCHER S. BÁLINT: Chrome is a Google Service that happens to include a Browser Engine