Quick Tutorial: Deleting Your Data Using Google’s “My Activity”

Since posting The Google Page That Google Haters Don’t Want You to Know About last week, I’ve received a bunch of messages from readers asking for help using Google’s “My Activity” page to control, inspect, and/or delete their data on Google.

The My Activity portal is quite comprehensive and can be used in many different ways, but to get you started I’ll briefly outline how to use My Activity to delete activity data.

Some words of warning, however. You cannot revoke deletions once they’ve been made, and deleting your data on Google can negatively affect how well those services will perform for you going forward, since you’ll be moving back toward “generic” interactions, rather than customized ones. So do think carefully before performing broad deletions! (I know that I’d be lost without my YouTube watch history, for example …)

OK, let’s get started.

First, go to:

https://google.com/myactivity

If you’re not logged into a Google account, do so now. Once you’re logged in, you can use the standard account switcher (clicking on the picture or letter at the page upper right) to change accounts.

What you should now see is a reverse chronological list of your activity when logged into that Google account, which you can scroll down starting with Today and working backwards.

If you click on the three vertical dots (henceforth, “the dots”) at a Google service type entry (e.g. Search), you can choose to expand the detailed entries for that level for that date, or delete those entries. If you click on the dots on the Today bar itself, you can choose to delete ALL of the activity entries for Today.

The real power of the My Activity interface comes into play when you click in the upper Search/Filter “by date & product” area.

After you’ve done this, you can activate the search bar by clicking in the bar and typing something, or (my personal preference) by unchecking “All products” further down.

Now you can search for activity entries filtered by product type and/or date as you’ve specified. To avoid over-deletion, I strongly recommend not selecting many product types at the same time! (When you click on specific products, the “All products” entry will automatically be unchecked.)

Once you’ve selected at least one specific product type, the Search bar will activate and the “perform this search” magnifying glass icon at the right of the bar will turn dark blue.

You can type queries into the bar to find specific entries, or you can just click on the magnifying glass without a query to list all entries for the selected Google products. If you haven’t changed the “Filter by date” settings at the top to narrow down the dates, the search will cover the default “All time” activity list for those products.

The scrollable page that results from such queries is similar in structure to what you saw for the earlier page that started with Today, and you can interact with it to get more details or delete entries in the same ways.

But look again at the top Search bar now. If you click on the dots at the right of that white Search bar that appears after a query, you’ll see that you now have a “Delete results” option.

You wanted power over your data on Google? Well, you’ve got it. Because if you click “Delete results” it will remove EVERY activity result from that query (or from an empty query entry that lists all results for the specified products). That can mean deleting every activity result from all of the selected products, going back to the relative dawn of time.

My Activity gives you extraordinary power over what sorts of activity data will be collected for your Google accounts, and as we’ve seen the ability to delete data using a variety of parameters and searches. It’s quite a technological work of art.

But again, be careful before invoking these powers. Remember, you can’t undo My Activity deletions. Or to use an old film analogy that many of you might recognize, if you’re going to use powerful incantations like “Klaatu barada nikto” — make damned sure that you pronounce them correctly!

–Lauren–

More Regarding a Terrible Decision by the Internet Archive

Yesterday, in A Terrible Decision by the Internet Archive May Lead to Widespread Blocking, I discussed in detail why the Internet Archive’s decision to ignore Robots Exclusion Standard (RES) directives (in robots.txt files on websites) is terrible for the Internet community and users. I had expected a deluge of hate email in response. But I’ve received no negative reactions at all — rather a range of useful questions and comments — perhaps emphasizing the fact that the importance of the RES is widely recognized.

As I did yesterday, I’ll emphasize again here that the Archive has done a lot of good over many years, that it’s been an extremely valuable resource in more ways than I have time to list right now. Nor am I asserting that the Archive itself has evil motives for its decision. However, I strongly feel that their decision allies them with the dark players of the Net, and gives such scumbags comfort and encouragement.

One polite public message that I received was apparently authored by Internet Archive founder Brewster Kahle (since the message came in via my blog, I have not been able to immediately authenticate it, but the IP address seemed reasonable). He noted that the Archive accepts requests via email to have pages excluded.

This is of course useful, but entirely inadequate.

Most obviously, this technique fails miserably at scale. The whole point of the RES is to provide a publicly inspectable, unified and comprehensively defined method to inform other sites (individually, en masse, or in various combinations) of your site access determinations.

The “send an email note to this address” technique just can’t fly at Internet scale, even if users assume that those emails will ever actually be viewed at any given site. (Remember when “postmaster@” addresses would reliably reach human beings? Yeah, a long, long time ago.)

There’s also been some fascinating discussion regarding the existing legal status of the RES. While it apparently hasn’t been specifically tested in a legal sense here in the USA at least, judges have still been recognizing the importance of RES in various court decisions.

In 2006, Google was sued (“Field vs. Google” — Nevada) for copyright infringement for spidering and caching a website. The court found for Google, noting that the site included a robots.txt file that permitted such access by Google.

The case of Century 21 vs. Zoocasa (2011 — British Columbia) is also illuminating. In this case, the judge found against Zoocasa, noting that they had disregarded robots.txt directives that prohibited their copying content from the Century 21 site.

So it appears that even today, ignoring RES robots.txt files could mean skating on very thin ice from a legal standpoint.

The best course all around would be for the Internet Archive to reverse their decision, and pledge to honor RES directives, as honorable players in the Internet ecosystem are expected to do. It would be a painful shame if the wonderful legacy of the Internet Archive were to be so seriously tarnished going forward by a single (but very serious) bad judgment call.

–Lauren–

A Terrible Decision by the Internet Archive May Lead to Widespread Blocking

UPDATE (23 April 2017):  More Regarding a Terrible Decision by the Internet Archive

– – –

We can stipulate at the outset that the venerable Internet Archive and its associated systems like Wayback Machine have done a lot of good for many years — for example by providing chronological archives of websites who have chosen to participate in their efforts. But now, it appears that the Internet Archive has joined the dark side of the Internet, by announcing that they will no longer honor the access control requests of any websites.

For any given site, the decision to participate or not with the web scanning systems at the Internet Archive (or associated with any other “spidering” system) is indicated by use of the well established and very broadly affirmed “Robots Exclusion Standard” (RES) — a methodology that uses files named “robots.txt” to inform visiting scanning systems which parts of a given website should or should not be subject to spidering and/or archiving by automated scanners.

RES operates on the honor system. It requests that spidering systems follow its directives, which may be simple or detailed, depending on the situation — with those detailed directives defined comprehensively in the standard itself.

While RES generally has no force of law, it has enormous legal implications. The existence of RES — that is, a recognized means for public sites to indicate access preferences — has been important for many years to help hold off efforts in various quarters to charge search engines and/or other classes of users for access that is free to everyone else. The straightforward argument that sites already have a way — via the RES — to indicate their access preferences has held a lot of rabid lawyers at bay.

And there are lots of completely legitimate reasons for sites to use RES to control spidering access, especially for (but by no means restricted to) sites with limited resources. These include technical issues (such as load considerations relating to resource-intensive databases and a range of other related situations), legal issues such as court orders, and a long list of other technical and policy concerns that most of us rarely think about, but that can be of existential importance to many sites.

Since adherence to the RES has usually been considered to be voluntary, an argument can be made (and we can pretty safely assume that the Archive’s reasoning falls into this category one way or another) that since “bad” players might choose to ignore the standard, this puts “good” players who abide by the standard at a disadvantage.

But this is a traditional, bogus argument that we hear whenever previously ethical entities feel the urge to start behaving unethically: “Hell, if the bad guys are breaking the law with impunity, why can’t we as well? After all, our motives are much better than theirs!”

Therein are the storied paths of “good intentions” that lead to hell, when the floodgates of such twisted illogic open wide, as a flood of other players decide that they must emulate the Internet Archive’s dismal reasoning to remain competitive.

There’s much more.

While RES is typically viewed as not having legal force today, that could be changed, perhaps with relative ease in many circumstances. There are no obvious First Amendment considerations in play, so it would seem quite feasible to roll “Adherence to properly published RES directives” into existing cybercrime-related site access authorization definitions.

Nor are individual sites entirely helpless against the Internet Archive’s apparent embracing of the dark side in this regard.

Unless the Archive intends to try go completely into a “ghost” mode, their spidering agents will still be detectable at the http/https protocol levels, and could be blocked (most easily in their entirety) with relatively simple web server configuration directives. If the Archive attempted to cloak their agent names, individual sites could block the Archive by referencing the Archive’s known source IP addresses instead.

It doesn’t take a lot of imagination to see how all of this could quickly turn into an escalating nightmare of “Whac-A-Mole” and expanding blocks, many of which would likely negatively impact unrelated sites as collateral damage.

Even before the Internet Archive’s decision, this class of access and archiving issues had been smoldering for quite some time. Perhaps the Internet Archive’s pouring of rocket fuel onto those embers may ultimately lead to a legally enforced Robots Exclusion Standard — with both the positive and negative ramifications that would then be involved. There are likely to be other associated legal battles as well.

But in the shorter term at least, the Internet Archive’s decision is likely to leave a lot of innocent sites and innocent users quite badly burned.

–Lauren–

The Google Page That Google Haters Don’t Want You to Know About

UPDATE (24 April 2017):  Quick Tutorial: Deleting Your Data Using Google’s “My Activity”

– – –

There’s a page at Google that dedicated Google Haters don’t like to talk about. In fact, they’d prefer that you didn’t even know that it exists, because it seriously undermines the foundation of their hateful anti-Google fantasies.

A core principle of Google hatred is the set of false memes concerning Google and user data collection. This is frequently encapsulated in a fanciful “You are the product!” slogan, despite the fact that (unlike the dominant ISPs and many other large firms) Google never sells user data to third parties.

But the haters hate the idea that data is collected at all, despite the fact that such data is crucial for Google services to function at the quality levels that we have come to expect from Google.

I was thinking about this again today when I started hearing from users reacting to Google’s announcement of multiple user support for Google Home, who were expressing concerns about collection of more individualized voice data (without which — I would note — you couldn’t differentiate between different users).

We can stipulate that Google collects a lot of data to make all of this stuff work. But here’s the kicker that the haters don’t want you to think about — Google also gives you enormous control over that data, to a staggering degree that most Google users don’t fully realize.

The Golden Ticket gateway to this goodness is at:

google.com/myactivity

There’s a lot to explore there — be sure to click on both the three vertical dots near the upper top and on the three horizontal bars near the upper left to see the full range of options available.

This page is a portal to an incredible resource. Not only does it give you the opportunity to see in detail the data that Google has associated with you across the universe of Google products, but also the ability to delete that data (selectively or in its totality), and to determine how much of your data will be collected going forward for the various Google services.

On top of that, there are links over to other data related systems that you can control, such as Takeout for downloading your data from Google, comprehensive ad preferences settings (which you can use to adjust or even fully disable ad personalization), and an array of other goodies, all supported by excellent help pages — a lot of thought and work went into this.

I’m a pragmatist by nature. I worry about organizations that don’t give us control over the data they collect about us — like the government, like those giant ISPs and lots of other firms. And typically, these kinds of entities collect this data even though they don’t actually need it to provide the kinds of services that we want. All too often, they just do it because they can.

On the other hand, I have no problems with Google collecting the kinds of data that provide their advanced services, so long as I can choose when that data is collected, and I can inspect and delete it on demand.

The google.com/myactivity portal provides those abilities and a lot more.

This does imply taking some responsibility for managing your own data. Google gives you the tools to do so — you have nobody but yourself to blame if you refuse to avail yourself of those excellent tools.

Or to put it another way, if you want to use and benefit from 21st century technological magic, you really do need to be willing to learn at least a little bit about how to use the shiny wand that the wizard handed over to you.

Abracadabra!

–Lauren–

Prosecute Burger King for Their Illegal Google Home Attacks in Their Ads

Someone — or more likely a bunch of someones — at Burger King and their advertising agency need to be arrested, tried, and spend some time in shackles and prison cells. They’ve likely been violating state and federal cybercrime laws with their obnoxious ad campaign purposely designed to trigger Google Home devices without the permission of those devices’ owners.

Not only has Burger King admitted that this was their purpose, they’ve been gloating about changing their ads to avoid blocks that Google reportedly put in place to try protect Google Home device owners from being subjected to Burger King’s criminal intrusions.

For example, the federal CFAA (Computer Fraud and Abuse Act) broadly prohibits anyone from accessing a computer without authorization. There’s no doubt that Google Home and its associated Google-based systems are computers, and I know that I didn’t give Burger King permission to access and use my Google Home or my associated Google account. Nor did millions of other users. And it’s obvious that Google didn’t give that permission either. Yet the morons at Burger King and their affiliated advertising asses — in their search for social “buzz” regarding their nauseating fast food products — felt no compunction about literally hijacking the Google Home systems of potentially millions of people, interrupting other activities, and ideally (that is, ideally from their sick standpoint) interfering with people’s home environments on a massive scale.

This isn’t a case of a stray “Hey Google” triggering the devices. This was a targeted, specific attack on users, which Burger King then modified to bypass changes that Google apparently put in place when word of those ads circulated earlier.

Burger King has instantly become the “poster child” for mass, criminal abuse of these devices.  And with their lack of consideration for the sanctity of people’s homes, we might assume that they’re already making jokes about trying to find ways to bill burgers to your credit card without your permission as well. For other dark forces watching these events, this idea could be far more than a joke.

While there are some humorous aspects to this situation — like the anti-Burger King changes made on Wikipedia in response to news of these upcoming ads — the overall situation really isn’t funny at all.

In fact, it was a direct and voluntary violation of law. It was accessing and using computers without permission. Whether or not anyone associated with this illicit stunt actually gets prosecuted is a different matter, but I urge the appropriate authorities to seriously explore this possibility, both for the action itself and relating to the precedent it created for future attacks.

And of course, don’t buy anything from those jerks at Burger King. Ever.

–Lauren–