Google’s Stake Through the Hearts of Obnoxious Autoplay Videos

Yesterday, in “Apple’s New Cookie Policy Looks Like a Potential Disaster for Users” — https://lauren.vortex.com/2017/09/14/apples-new-cookie-policy-looks-like-a-potential-disaster-for-users — I lambasted Apple’s plans to unilaterally deeply tamper with basic Web cookie mechanisms (including first-party cookies) in a manner that won’t actually provide significant new privacy to users in the long run, but will likely create major collateral damage to innocent sites across the Internet. 

I also mentioned that in my view Google has taken a much more rational approach — focused on specific content issues without breaking fundamental network paradigms — and in that context I mentioned their plans to tame obnoxious autoplay videos.

We all know about those videos — often ads — that start  blaring from your speakers as soon as you hit a site. Or even worse, videos that lurk silently on background tabs for some period of time and then suddenly blare at you — often with loud obnoxious music. Your head hits the wall behind you. Your coworkers scatter. Your cat violently pops into the air and contemplates horrific methods of revenge.

As it happens, Google has just blogged on this topic, with a rather mundane post title covering some pretty exciting upcoming changes to their Chrome browser.

In “Unified Autoplay” — https://blog.chromium.org/2017/09/unified-autoplay.html — Google describes in broad terms its planned methodologies for automatically avoiding autoplay in situations where users are unlikely to want autoplay active, and also for providing to users the ability to mute videos manually on a per-site basis.

Frankly, I’ve been long lobbying Google for some way to deal with these issues, and I’m very pleased to see that they’ve gone way beyond a basic functionality by implementing a truly comprehensive approach.

For most users, once this stuff hits Chrome you probably won’t need to take any manual actions at all to be satisfied with the results. If you’re interested in the rather fascinating technical details, there are two documents that you might wish to visit.

Over on Chromium Projects, the write-up “Audio/Video – Autoplay” — https://sites.google.com/a/chromium.org/dev/audio-video/autoplay — goes into a great deal of the nitty-gritty, including the timeline for release of these features to various versions of Chrome.

Another document — “Media Engagement Index” — https://docs.google.com/document/d/1_278v_plodvgtXSgnEJ0yjZJLg14Ogf-ekAFNymAJoU/edit?usp=sharing — explains the learning and deployment methodologies for determining when a user is likely to want autoplay for any given video. This appears to have probably been an internal Google doc — that was switched to public visibility at some point — so it’s especially Googley reading.

There are two important stakeholder categories here. One is well-behaved sites who need to display their videos (including ads — after all, ads are what keep most major free sites running). And of course, the other stakeholder is that user who doesn’t want their lap ripped open by the claws of a kitty who was suddenly terrified by an obnoxious and unwanted autoplay video.

The proof will be in actually using these new Chrome features. But it appears that Google has struck a good working balance for a complex equation incorporating both site and user needs. My kudos to the teams.

–Lauren–

Apple’s New Cookie Policy Looks Like a Potential Disaster for Users

UPDATE (September 15, 2017): Google’s Stake Through the Hearts of Obnoxious Autoplay Videos

– – –

Apple wants to play Big Brother. Really Big Brother. Big Brother who knows oh so much more than you do about what you want from your web browsing experience. Apple’s plans for this hostile takeover were actually laid out publicly last June, but the you-know-what is just starting to really hit the fan now.

This is going to eventually sock you in the face if you use Apple’s Safari browser, or even other browsers like Google’s Chrome on iOS 11 devices such as the iPhone (those non-Apple browsers still must use Apple’s WebKit framework on iOS). 

This gets very technical very quickly, so I’m going to try leave the techie part aside for now as much as possible, and lay out in broad strokes the mess that Apple is about to create for its users — and for the broader Internet.

In a nutshell, Apple has created a nightmarish witch’s brew of a system to ostensibly protect users from web cookies. In the process, they’re going to breaking stuff left, right, up, down, and in directions you’d need more than three dimensions to describe.

Most of us (except for European Union bureaucrats) are long since past abject and unreasoning fear of web cookies. While they can be abused, they’re also critical for routine operations at most sites, including such basic functions as persistent logins and a long list of other crucial functions. 

Up until now, it has been generally the case that “first-party” cookies — cookies sent by the same site that you’re browsing — are generally considered to be safe. “Third-party” cookies — coming from other sites — may be completely safe as well (delivering images, enabling cross-site logins, and much more), though they can also have a more checkered reputation when used for tracking purposes (so various controls on third-party cookies have become relatively common).

But now Apple, in a move that clearly seems to be based more on their public relations needs then on genuine concerns about user privacy, will apparently also be taking default control of first-party cookies as well, in a manner that could unleash vast collateral damage across the Internet.

Advertising groups are livid, fearing that the new system will decimate even user opt-in ad personalization systems, and end up favoring ads via sites like Facebook and Google where users tend to stay logged in perpetually.

And indeed, an examination of Apple’s specs for their new cookie control system — even after multiple readings — is enough to give you a headache for the ages. Since we hopefully can agree that consistent rules regarding cookie management are important to making modern websites work, then we should also be able to agree that a plan to throw a unilateral monkey wrench into that paradigm is a recipe for user confusion across the board.

Apple’s plan is basically to use an enormously complicated (and basically opaque) system to “mystically divine” whether particular cookies are good or evil, irrespective of how they were served to the user, and then apply Apple’s own rules about how those cookies may be used and how long they may persist, based on (for example) whether you’ve visited a site in the last 24 hours for one classification, or in the last 30 days for another. (Why 24 hours? Why 30 days? ‘Cause Apple says so.)

I don’t have any love for abusive Web ads or secretive tracking — but we also must understand that ads are what pay for most of the Web sites that we expect to use for free. Apple’s approach is incredibly heavy-handed and primed for all manner of creepy undesirable breakages and other negative side-effects affecting honest sites. 

Contrast this with Google’s much more sensible plan to by default block some particular classes of ads in Chrome (obnoxious autoplay videos for example), rather than tampering with the underlying cookie mechanisms on which the foundational structure of most websites now depend.

In the end of course, the real bad players that Apple claims are its focus will figure out ways to work around Apple’s system, leaving the good websites to deal with broken cookies and confused, upset users.

Back to its earliest Steve Jobs days, Apple has always been a control freak. “Our hardware! Our OS! You’ll pay through the nose — and you’ll convince yourself that you like it!”

As far as I can discern right now, Apple’s new cookie control scheme is much less about user privacy than it is about Apple trying to take control over basic Internet functionalities — everyone else be damned.

–Lauren–

The Google Account “Please Help Me!” Flood

Since I again started discussing how to protect Google Accounts — e.g. very recently in “Protecting Your Google Account from Personal Catastrophes” — https://lauren.vortex.com/2017/09/07/protecting-your-google-account-from-personal-catastrophes — I’ve been flooded with queries by Google users with confusion over Google Account issues of all sorts.

Most of them have indeed never heard of Takeout or Inactive Account Manager and many are confused about account recovery numbers and addresses, 2-factor setups, usage, and much more.

I even got a note from a Googler thanking me for that article, noting that he had never even heard of Inactive Account Manager himself!

At last count, I have over 140 specific queries (and rapidly rising) on these topics from just the last few days that I’m trying to triage. I can handle most of these through explanations myself — I always try to help where I can — but frankly it’s extremely time consuming — and doesn’t help to keep the lights on around here.

And it’s just so very wrong that I’m doing this, rather than Google having a staffer filling this kind of role to take care of these Google users — these people in desperate need of such assistance.

I know the excuses and I know the scaling concerns but it’s shameful nonetheless. If I can do this much myself from the outside, surely Google has the resources to get somebody to do as much from the inside, who is actually getting paid for their efforts at public outreach and assisting these dedicated Google users?

I’m sure it’s not a matter of money for Google. They just need to truly care about their users who depend on Google just like the rest of us, but who are being rapidly left behind under the status quo.

C’mon Google! You can do this!

–Lauren–

Protecting Your Google Account from Personal Catastrophes

UPDATE (September 12, 2017): The Google Account “Please Help Me!” Flood

– – –

In response to many queries, I’ve written quite a bit about issues that can sometimes go wrong with Google Accounts, and how to proactively help to avoid these situations, e.g.:

“The Saga of a Locked-Out Google User” – https://lauren.vortex.com/2017/09/05/the-saga-of-a-locked-out-google-user

“I’ve been locked out of my Google account! What can I do? How can I prevent this in the future? HELP!” – https://lauren.vortex.com/archive/001159.html

“Do I really need to bother with Google’s 2-Step Verification system? I don’t need more hassle and my passwords are pretty good.” – https://plus.google.com/+LaurenWeinstein/posts/avKcX7QmASi

Yet while Google Account problems can sometimes occur despite users’ best efforts, proper use of the tools and systems that Google already provides can go a long way toward avoiding these unfortunate events — with use of recovery addresses/mobile phone numbers, and 2-factor authentication tools among the most important. Unfortunately, many users don’t bother to pay attention to these until *after* they’re having problems.

There are other extremely useful Google tools for protecting your Google Account as well, and like so many good things Google, the firm (for reasons difficult for many observers to fathom) doesn’t always do a particularly good job of publicizing these — demonstrated by the fact that so many even long-time Google users don’t even know that these exist until I mention them. Let’s cover a few of these.

A biggie is Google Takeout, at:

https://google.com/takeout

This is an incredible resource, providing the capability for you to download virtually all of your data stored at Google — selectively or en masse — across the wide range of Google services. This is a world-class tool — if only every other firm offered something like this. You can download your data to take it elsewhere, or just on general principles if you prefer. It’s up to you. The next time that some Google Hater starts ranting the lie that Google somehow locks up your data, you’ll know how to respond to them.  

One limitation to Takeout is that you must use it while you still have access to your Google Account. If you’re locked out or otherwise unable to use the account, you can’t access Takeout to reach your data.

So what happens to your data if you’re in an accident, or become ill, or worse? Nobody likes to think about these sorts of possibilities, but they’re very real.

Google’s “Inactive Account Manager” is the tool that lets you proactively plan for such situations:

https://support.google.com/accounts/answer/3036546

This tool lets you designate a Trusted Contact who will have access to the parts of your Google data that you specify, if your Google Account becomes inactive for a period of time that you indicate. With so much of our lives online now, this is an extremely important tool that you’ve likely never heard of before. 

But remember, like with Takeout, you must set it up *before* the need to actually use it arises.

Related to Inactive Account Manager, there is another Google Accounts associated link that none of us ever wants to visit, though realistically many of us may eventually need to.

A Google form to “Submit a request regarding a deceased user’s account” exists at:

https://support.google.com/accounts/troubleshooter/6357590 

Its purpose is self-explanatory, and as it notes, proactive use of Inactive Account Manager can avoid needing this form in many situations — but Google has provided this form as a means to communicate with them directly in these circumstances when necessary.

Google has obviously given a lot of thought to these issues, and their teams have put a lot of work into implementations and deployments of associated services and tools. 

My primary criticisms in this context are that despite these excellent efforts, too many honest users still fall through the cracks and become trapped in account lockout situations through no faults of their own — and often with no perceived practical recourse — and that Google often does a poor job of publicizing the high quality tools that they have already created to deal with a range of user account issues.

Google’s technology is always excellent. Their public communications, outreach, and user support — especially for non-techie users — can be significantly less so.

One thing is certain. Google and its immensely talented Googlers have the capacity to significantly improve in these latter three areas, given the will to do so and an appropriate allocation of resources to these ends.

I have faith that Google will ultimately accomplish this, in the interests of Google itself, for their vast numbers of users, and toward the betterment of the community at large.

–Lauren–