Just when you think you have heard enough of current bothersome revelations on Google’s questionable location tracking practices, a new study is popping up from Vanderbilt University reveals that the search engine giant is gathering a lot more user data than initially believed.
The Vanderbilt study which was commissioned by the trade group Digital Content Next, throws more light on how Google can link your browsing sessions in incognito mode on Chrome browser back to you, without your knowledge or consent. The study probes even deeper, investigating how data gathering works in various other Google services and apps, including YouTube and Photos, and the findings are bothersome, to say the least.
Starting with incognito browsing mode, the researchers explain: “While such data is collected with user-anonymous identifiers, Google has the ability to connect this collected information with a user’s personal credentials stored in their Google Account.”
“Thatâ€™s not well understood by consumers,” Douglas Schmidt, the author of the study, told AdAge. “But if you read the fine print on â€˜incognitoâ€™ mode it brings up a whole lot of disclaimers.”
“A person fires up a private browser session in Chrome. On websites that run ads from Googleâ€™s online ad marketplace, anonymized cookies are dropped on the browsers associated with the user. If the same person leaves private browsing mode and logs into a Google service like Gmail or YouTube, the act of signing into Google makes it possible to connect the earlier web activity to the now identified user. (Unless, that is, the cookies expired or were manually deleted by the user.)”
The worrisome discoveries continue, as the study shows that both Android and Chrome continue sending personal data to Google, even without any user interaction. While conducting the research for the study, the scientists left a stationary Android device with Chrome active in the background and found that the popular web browser “communicated location information to Google 340 times during a 24-hour period, or at an average of 14 data communications per hour.” In fact, the researchers found, location information constituted “35 percent of all the data samples sent to Google.”
What’s more shocking, is that even iOS users who avoid the use of any Google products and visit only non-Google pages (which, let’s be fair here, is not a large number of users) get their data collected:
“While using an iOS device, if a user decides to forgo the use of any Google product (i.e. no Android, no Chrome, no Google applications), and visits only non-Google webpages, the number of times data is communicated to Google servers still remains surprisingly high. This communication is driven purely by advertiser/publisher services. The number of times such Google services are called from an iOS device is similar to an Android device. In this experiment, the total magnitude of data communicated to Google servers from an iOS device is found to be approximately half of that from the Android device.”
As can be expected, Google has taken issue with the study and its findings. Google spokeswoman, who spoke with AdAge, said the tech giant doesn’t “join signed-out activity with your Google account information. We do not associate incognito browsing with accounts you may log into after you’ve exited your Incognito session. And our ads systems have no special knowledge of when Chrome is in incognito mode, or any other browser in a similar mode (ex: Safari Private Browsing, Firefox Private Browsing). We simply set and read cookies as allowed by the browser.”
“This report is commissioned by a professional DC lobbyist group, and written by a witness for Oracle in their ongoing copyright litigation with Google. So, it’s no surprise that it contains wildly misleading information,” the spokeswoman said in a statement.