We know our digital devices are logging our every move, yet we still trust in Apple, Facebook and Android. What if we "unGoogled" ourselves and took back control of our data? Two startups hope we will do just that.
Last week, Google apologized after users' smartphone videos were mistakenly sent to complete strangers. During a five-day period in November, the privacy breach allowed tens of thousands of people to download footage from the Cloud that didn't belong to them.
While Google insists it takes great care to protect our data, while giving users more control over the information collected about them, the tech giant still watches our every move, even when it says it's not. A recent investigation by The Associated Press found that many Google services on Android and Apple devices stored users' location data even when they had switched off the option in their privacy settings.
This is on top of Google logging every search you make and YouTube video you watch. The tech giant also buys data from non-Google apps and then merges the statistics with other data it holds on you. All this to build the most comprehensive profile of users' behavior which is then sold to advertisers at great profit.
Read more: Intel, ARM chip flaws: What you need to know
"If you have an Android phone, and that's 74% of global smartphone users, you send 12 megabytes (MB) of personal data per day to Google while the iPhone sends about 6MB," warned Gaël Duval, the creator of a privacy-first smartphone operating system (OS) known as /e/.
Time to get 'unGoogled'
With the support of thousands of backers from a Kickstarter campaign, the Frenchman set up a non-profit to build what he calls a "fully unGoogled mobile ecosystem" that puts privacy and security at the heart of everything it does. The software, — along with its secure storage, email, calendar, search, and app store — doesn't send any data to Google so the tech giant isn't aware that a user exists if they have a smartphone with the software on.
While /e/ focused on the OS that the phone runs on, another startup, the San-Francisco-based Purism crowdfunded $2.6 million (€2.4 million) to build its own privacy-first smartphone. Librem 5 started shipping at the end of last year and looks similar to any Android phone. This device, which runs the firm's own PureOS operating system, also promises not to gather users' data for profit, or lock them into one vendor, like Apple.
Read more: Has Google's data collection gone too far?
"Our applications don't capture and share data with marketing firms and our browser defaults to a search engine that also respects user privacy," Kyle Rankin, Purism's chief security officer, told DW.
Both /e/ and PureOS make it much more difficult for hackers or intelligence agencies to create a backdoor [secret access] to a user's phone, meaning data is also better protected from espionage or cyberattacks. The open-source software, however, can be easily evaluated by other app developers to prove that it is not extracting personal data.
Large range of apps
Both OS systems have a wide range of proprietary apps, which help protect users from insecure third-party alternatives in the Google Play store. /e/ also gives users the ability to download Android apps and gives each one a "privacy score" based on how well they protect users' data.
A survey of US smartphone users shows they didn't think Google would be so sneaky
Purism's Librem 5 costs $749 but there is a 6-month waiting list while production is ramped up. A Made in the USA version is also available for $1999. /e/ comes pre-loaded on several Samsung Galaxy models but the phones are currently only shipped within Europe. Alternatively, tech-savvy users can download /e/ and install it directly onto their smartphone. Duval says it works on almost 90 Android models.
Taking on the giant Google-Apple duopoly is no mean feat. Such is the lure of smartphone technology that many users still prefer to turn a blind eye to the data harvesting carried out by tech giants. A survey conducted last year by Digital Content Next asked what measures users think Google undertakes to improve ad targeting and revealed a real lack of awareness among US consumers.
Around two-thirds of those surveyed didn't realize that the tech giant buys data from third-party apps and then links them to data they already hold on their users. More than half, meanwhile, failed to realize their Google accounts — including Gmail, Google Docs and Calendar — were all being linked to their web and app searches.
Users are 'powerless'
"Even those who are informed about privacy issues feel powerless to do anything about it," Purism's Rankin told DW. "So, what power does an individual have against multi-billion-dollar industries who hire the world's best engineers to capture every last bit of their data?"
Attitudes are, however, changing fast, thanks to numerous data breaches, and as consumers grow suspicious when the ads they are served are increasingly linked to their online behavior. A separate study earlier this year by Deloitte showed that 84% of US consumers think new laws should be enacted to restrict data harvesting and boost online privacy. More than nine-tenths of those surveyed demanded the chance to delete their personal data, while more than 80% thought users should profit from their own data.
Both /e/'s Duval and Rankin are betting their privacy-first products can gain traction before far-reaching legislation forces the hands of Google, Facebook and Apple. But they face resistance from the large sections of the business community that generate big profits from big data.
US consumers want a change in the law and/or a chance to profit from their own data
Rankin told DW that the tech and advertising sectors are "fighting legislation that would put actual limits on their ability to capture and sell people's data by default." He gave the example of where Purism had lobbied for the US state of California's Consumer Privacy Act to only allow user data to be captured if they had explicitly opted in. Big business, however, successfully lobbied to remove that provision before the bill became law.
Rankin warned that tech giants were now "redefining the word "privacy" in their own marketing." While they may claim to protect it, what they really want is to protect privacy from their competitors, he added. "They add security measures to their software and services so only they can capture, view and sell all of your data and others can't."
For Duval, /e/OS is "an act of resistance and digital sovereignty," that is long overdue. "People are growing increasingly uncomfortable with the tech giants deciding every aspect of our digital life. It encourages a kind of privatized totalitarianism and is a threat to democracy."