The Biggest Spy on the Internet – Part 2

What would you think about one company knowing nearly everything about you?  After today’s article, you will have a fairly complete understanding about just how much of your information is collected by one company – Google.

Let’s start by looking at many popular Google products and services and just what information they collect about their users.

  • Google Account – Not everyone has a Google account, but if you have an Android phone you certainly do have one. If your Chrome web browser shows your name and a picture of your face, you are working inside your Google ID.  Your Google account ties all the other information together into a very personal and specific package about you as an individual.  Includes your full name, street address, location based on IP address, location based on GPS, phone numbers including cell phone, website you may own or operate and their domain names.  Email addresses and more.
  • Google Chrome – Web browser history, websites visited, how long you visited every site, what pages you visited and how long you stayed on each page.  Products you may have looked at.  Topics you researched, articles you read.  Your location based on your public IP address.  If you let Chrome keep them for you, even your passwords to other accounts.
  • Google Search – The exact words (keywords) you used in your search, and which search results you clicked on, what websites you visited from the search results.  How long you stayed on each website your visited, and the pages you selected on those websites.
  • Google+ – Since this is going to die early next year, maybe we don’t care so much, but of course Google collects your connections and tracks the contents of your posts.
  • Gmail – Your email contacts, emails sent and received, the contents of those emails, and the length of email conversations.  Companies you do business with based on emails they send to you.
  • Google Ads – Advertising you click on, subjects of interest, products you looked at, even products you purchased.
  • Google Photos – Facial recognition of people in your photos, the geo-location information of places where you took pictures, and other metadata attached to you photo by your camera.  Want to look at your picture metadata?  Find an image, right click and select properties, then click on the Details tab. My new Google Pixel phone camera includes date and time, and latitude, longitude, and altitude where each picture is taken.
  • Google Voice – This free telephone number service also provides voicemail, including speech to text capability.  They know who called, their phone number, what they said, and how long the call lasted.
  • Google Fit – This Android App knowns your fitness goals and activity level, your location, and some other health related information.
  • Google Maps – Places searched, locations visited, routes taken, transportation methods (Car, air, bus, foot), date, time, and speed (velocity) of travel.
  • Waze – Another mapping app and service recently purchased by Google.  Specializes in crowdsourcing traffic jams, accidents, and speed traps.  Ever wonder how Google Maps and Waze can warn you about traffic jams and accidents?  Pooling the travel locations, times, and speeds of hundreds of Maps and Waze users.
  • Google Location – Want to freak out?  Log into your Google account, go to Google Maps, click on the menu (upper left hand corner) and choose Timeline.  <<Or click the preceding link.<<  When I went to mine, I was able to see everywhere I had traveled in the last four years, including dates and times.  Many locations included hotels I stayed at.  Zoom in on the map to get details.  My trip to San Diego included locations for the airport, my hotel, and a side trip to the USS Midway museum.  A stalker bonanza.
  • Google Calendar – Past, present and future plans and appointments, with people you met, if linked to a Google Contact.
  • Google Drive – Hey, what’s in your wallet?  They know what you saved there.
  • Google Hangouts – The free conference service collects information about contacts and participants, and conference subject matter.
  • Contacts – Names, addresses, phone numbers, and email addresses, and other included notes you made about the people you know.
  • YouTube – Video content you created and uploaded, or watched, and liked or shared.  Who you shared with.  Topics of interest, channels and contributors followed.
  • Google News – News sites you visited, stories you clicked on, stories you read from time on the page information.  Issues you are interested in or care about, subjects you like or seek out.
  • Google Books – Books you searched for or read.
  • Google Shopping – Products you searched for, clicked on, or purchased.
  • Google Analytics – This product for website owners provides a host of demographic information about site visitors, including where they came from (search or referral link), how long they visited, pages they read, where they live (city, state, country).  None of this information is personalized, it is just aggregated information, but we can extrapolate that the particulars and personal data are in Google’s database somewhere.
  • Android smartphones – It doesn’t have to be a Google Pixel.  All Android phones keep track of callers, contacts, text messages, GPS and cell tower triangulated locations, and report that information to Google and the cell phone carrier.  (remember ATT and Sprint from the last post?)  Certainly, you are backing this trove up inn the Google cloud.  Photos automatically copied to Google Photos or Google Drive.  Plus browser history, and whatever information your other smartphone apps are collecting.  (Shopping list?  Fitness app?  Healthcare app?  Skill at Solitaire?)

Now that they have all this information, what can they do with it?  Well, sell it to other marketing companies of course.  But the amount and detail produced allows Google to make some inferences about you that just might be a bit predictive.  In other words, knowing what you’ve done in the past, they can predict what you might be likely to do in the future.  Read our next post for insights on that subject.

More information:

0

About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.
  Related Posts

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.