cross-posted from: https://infosec.pub/post/9936059

I would like to collect the scenarios in which people are forced to enter Google’s #walledGarden (that is, to establish and/or maintain an account).

If someone needs a Google service to access something essential like healthcare or education, that’s what I want to hear about. To inspire a list of things that are “essential” I had a look at human rights law to derive this list:

  • right to life
  • healthcare
  • freedom of expression
  • freedom of assembly and of association
  • right to education
  • right to engage in work and access to placement services
  • fair and just working conditions
  • social security and social assistance
  • consumer protection
  • right to vote
  • right to petition
  • right of access to (government) documents
  • right to a nationality (passport acquisition)
  • right of equal access to public service in his country

Below is what I have encountered personally, which serves as an example of the kind of experiences I want to hear about:

  • Google’s Playstore is a gate-keeper to most Android apps in the world and this includes relatively essential apps, such as:
    • emergency apps (e.g. that dial 112 in Europe or 911 in the US)
    • banking apps
    • apps for public services (e.g. public parking)
    • others?
  • (education) Google docs is used by students in public schools, by force to some extent. Thus gdocs sometimes cannot be escaped in pursuit of education. When groups of students collaborate, sometimes the study groups impose use of gdocs. Some secondary school teachers impose the use of Google accounts for classroom projects.
  • (education) A public university’s wi-fi network involved a captive portal and the only way to gain access was to supply credentials for a Google or Facebook account.

I’ve noticed that when creating an account for a public service I often have the option to supply credentials for Google or Facebook to bypass the verification process. In all cases of this kind of registration shortcut being used for public service, there was an alternative Google-free way to open the account. But in the private sector, I’ve seen this style of registration that absolutely required a proxy login via some shitty walled garden (like the university wi-fi). So I wonder if there are any situations where a government (anywhere in the world) requires a Google account in order to get service.

  • flora_explora@beehaw.org
    link
    fedilink
    arrow-up
    2
    ·
    9 months ago

    Oh ok, that clarifies it for me. I guess it would still be helpful to distinguish between Google really trapping someone inside their walled garden and them just exerting a strong incentive to stay inside the walled garden. I mean, you can have a custom rom on your phone etc. But still most people won’t choose this because it would mean technical literacy that hardly anyone has as well as giving up the comfortability and features of the walled garden.

    I wrote gamam because I wasn’t sure what the abbreviation was and a quick search gave me gamam ;)

    The example you gave at the end sounds horrible. Pretty obvious how walled gardens work in this one…

    • coffeeClean@infosec.pubOP
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      9 months ago

      I mean, you can have a custom rom on your phone etc.

      The OS is not the issue. It’s that apps are exclusively distributed in the Playstore which requires a Google account to reach. People running homebrew stuff tend to use Aurora, but that app still needs Google creds to use Google’s API. The anonymous option supported by Aurora violates Google’s ToS, so it’s not a legal option that anyone could point to as an official escape from the walled garden.

      I personally will not use Aurora, even anonymously, because use of the app in most cases signals to the server that they were successful in getting the app to someone and connecting. It rewards them nonetheless.

      • flora_explora@beehaw.org
        link
        fedilink
        arrow-up
        2
        ·
        9 months ago

        Interesting point and you’re certainly right about Aurora. I also use startpage.com as my default search engine and there it is basically the same. While I don’t give Google my data, I still rely on it nonetheless…

        • coffeeClean@infosec.pubOP
          link
          fedilink
          arrow-up
          1
          ·
          9 months ago

          Startpage is certainly more favorable than Google. But it’s worth mentioning that Startpage is a Google syndicate so Google still profits from the use of Startpage. There are a number of searx instances out there that provide Google results by scraping Google instead of paying for API access. That’s a way to get Google results without feeding Google.