Google, Microsoft, Meta All Tracking You Even When You Opt Out

pixel_popping

Is there still anyone competent that "doubt" so? As long as data transit through their infrastructure, in security, we must always assume that it's recorded (and later-on, eventually used), it has nothing to do with "settings".

superkuh

Luckily almost all modern corporate tracking is done through javascript execution + cookies. The days of parsing actual webserver logs are over for the most part. After all, it's only the browsers that execute javascript code and provide profitable personal information about the human behind the browser that matter. People with JS off are not providing sellable information and therefore classified and treated as if they were bots. Turning off JS by default and temp-whitelisting only mitigates most of this tracking.

rolph

they have no fear of the current financial incentives, there has to a punitive quantity involved, and the mentality of any regulators has to catch up with present day. fines that amount to a daily expenditure account, do nothing. fines have to have potential to do real damage to, or destroy noncompliants, if there is going to be any deterrent. contempt, is obvious, the chance of jail should exist in actuality, rather than a vague possibility.

Havoc

That’s what made big tech big - one giant tracking operation. Trawler style - dolphins be damned

dec0dedab0de

I mean duh, but also this seems like a fairly weak gotcha. Cookies != Tracking, they can track you just fine without cookies, and they can use cookies without tracking you.

tlibert

Hi, I'm Dr Tim Libert, founder of webXray who did this audit. Happy to answer questions from YC'ers. [Note, stepping away for some mental health exercise, stressful day!] I also want to push back on Google telling the press our California Privacy Audit is "is based on a fundamental misunderstanding of how [Google's] products work". I'm the former head of Cookie Compliance at Google and I have the federal court filings that show their statements are not simply true, and Google knows it isn't true. For the record, here are direct quotes from a federal court filing made by Google's "Data Protection Officer and Senior Director of Privacy", who stated that "If called to testify as a witness, [they] could and would testify competently to such facts under oath." Here are those facts: * "Due to Dr. Libert’s academic background focusing on cookies, he became one of the primary members of the team assisting with Google’s cookie compliance and governance efforts..." * "Dr. Libert quickly assumed responsibility for aiding our in-house regulatory lawyers in addressing governmental investigations into cookies..." * "Dr. Libert often worked under the guidance of in-house counsel to develop technical solutions to issues raised by privacy regulators..." * "Dr. Libert was also responsible for the development of internal policies on cookies and web storage. He drafted Google’s internal cookie guidelines in 2021 and early 2022, which applies to all cookies or cookies-like objects, and outlines processes on managing cookies, storing cookies, logging data associated with cookies, server protocols, policies on data collection, and data linkage..." * "By developing the policy and conducting the audit, Dr. Libert gained insight into every Google-owned cookie deployed across Google’s web properties..." * "Dr. Libert also proposed changes to how Google interprets specific definitions across its products’ various privacy policies. This included work on policies relating to analytics and advertising services used by third-party apps and websites..." -- TLDR: Google can say what they want about me in public, but when they are under oath in a federal court of law, this is what they really say.

therealmarv

And in modern times: everybody, including big companies trust the AI APIs from Google, Microsoft, OpenAI, Anthropic etc. etc. sure... the contracts saying often there is no saving or learning from the AI API usage. But it's at the end like a "trust me bro" promise. There is a saying on the internet: The generation that refused cookies is now giving AI permission to read their emails, scan their local files, and manage their bank accounts. It seems many have given up...

codemog

Jail time for execs. Only way things change.

725686

I'm shocked!.... not

ramijames

Why wouldn't they? There seems to be no real consequences for these huge corporations, and all of the potential profit incentives.

ChrisArchitect

Source: https://globalprivacyaudit.org/2026/california

david_d8912

Now it'll be interesting to see if the AI companies do the same

WhyNotHugo

In other news, thieves steal things, and liars keep telling lies.

measurablefunc

Wait until you folks learn about the quantum panopticon. It sounds fake but governments everywhere are recording as much encrypted data as possible in hopes of decrypting it in the future w/ quantum computers: https://link.springer.com/article/10.1007/s11023-025-09723-2

mistrial9

great works! hope this gets more attention soon. Unfortunately I do not care for the graphic at the top of article (that casual readers will be impressed by) since it conflates spiritual imagery with spying.. People with little education in either easily conflate the two.. People who are hostile to spiritual topics can quickly amplify the vilification of it.. so, please consider not using that kind of symbol in media campaigns and public outreach. thx

jmward01

I always opt out if given the option and if not given the option I click x and close the site. However, unfortunately, I have assumed that they are already tracking me when the pop-up hits. This kinda confirms that is true. We have 'get tough on X, Y, Z' things that don't impact me at all. You can dial 911 if someone assaults you in the US, but I don't know of a single resource to get law enforcement involved when I am digitally assaulted. I think that is a big part of the problem here. Nobody is actually taking the call to enforce this stuff.

robotswantdata

Max Schrems has entered the chat.

shevy-java

These greedy corporations spy on us. Our data is valueable to them. When someone spies on you, it means they do not trust you. That means we should not trust them either. It's not just merely these giant corporations though. I think the whole business model is broken, if they need to spy on people in order to milk out more profit. One big glaring weakness is ... the browser. I think we need to find a solution here. Chrome is a problem. Chromium can not offset this problem; Google still makes most decisions. (You can adapt, but it is a constants wear-and-tear race to do so, Google has more resources.) I used to think that Ladybird could provide an alternative; then I was banned from the project site, allegedly for "trolling" and "insulting". I disagree with that but there is no real regulation to protest. This unfortunately exemplifies a problem how the modern www became too restrictive in general and alternatives stumble on their own "morality", before they even produced a real competitor here. (I still think there should be competitors to Google, so it is good that Ladybird exists; I am just no longer attached in any way as to whether they succeed or not, due to the ban.) What we need is a real global movement. Everywhere. The whole www model has to change. It should not be controllable by private entities or state agencies - those who watch the age verification process already know what's coming next. Got your ID ready to access information yet, bud?

Lapsa

mind reading tech is here

kittikitti

I don't think monetary fines are going to protect the rights of the people. The justice system must arrest the CEO's and put them into prison. I would like to know if there are less drastic measures, but there needs to be consequences such that these corporations won't try this again.