Google

Google announced big changes to its most legally fraught set of user settings: your location data. Google’s misleading Location History descriptions in Google Maps have earned it several lawsuits in the US and worldwide. A quick count involves individual lawsuits in California, Arizona, Washington, a joint lawsuit in Texas, Indiana, and the District of Columbia, and another joint lawsuit across 40 additional US states. Internationally, Google has also been sued in Australia over its location settings. The point is that any change to Google’s location settings must have some motive behind it, so bear with us while we try to decode everything.

Google’s big new location data change is a new, duplicate data store that will live exclusively on your device. Google’s new blog post says data for the long-running Google Maps Timeline feature will now “be saved right on your device—giving you even more control over your data.” That’s right, one of the world’s biggest Internet data companies advocates for local storage of your location data.

The company continues, “If you’re getting a new phone or are worried about losing your existing one, you can always choose to back up your data to the cloud so it doesn’t get lost. We’ll automatically encrypt your backed-up data so no one can read it, including Google.” Users will apparently have lots of control over this new locally stored data, with Google saying, “Soon, you’ll be able to see all your recent activity on Maps… in one central place, and easily delete your searches, directions, visits, and shares with just a few taps. The ability to delete place-related activity from Maps starts rolling out on Android and iOS in the coming weeks.”

Some companies pitch the “on-device storage” of data as a security feature. The idea is that on-device data isn’t in the cloud, and instead is encrypted on your device, and therefore is more secure since you must have physical access to the device to get the data. This is usually how biometrics are stored, for instance. That’s not happening here, though. Google’s post says, “The Timeline feature in Maps helps you remember places you’ve been and is powered by a setting called Location History.” Location History is all the location data collected by Google, and the Google Maps Timeline is only a subset of that data. So, with on-device storage, Google Maps Timeline will now be a second copy of a subset of your location data. Cloud-based Location History will still exist and still be collected. Instead of the additional security of encrypted on-device storage, this is less secure since your data will now be in two places, or maybe multiple places, if you have multiple devices.

Google was sued in nearly every US state because of its misleading communication about where your location data is stored and what the controls do. Before all the lawsuits, Google had a checkbox for “Location History” that you could turn on and off, but at the time, “Location History” didn’t mean “all the stored location history across your Google account.” Back then, “Location History” was the name of a specific page in Google Maps, and turning off the Location History checkbox just hid the Location History interface—it didn’t reduce Google’s location data collection and storage. Today, that has changed, and in the wake of all those lawsuits, Google says Location History actually controls the storage and collection of location data across your entire account.

Promoting controls for the “Google Maps Timeline” feels like Google is pulling the same old “Location History” trick. Data controls for the Maps Timeline don’t control the data for your entire account, but instead only control data for this specific interface in Google Maps. Google says you’ll get “the ability to delete place-related activity from Maps,” but that’s from Maps only. Let’s not fall for Google’s app-specific settings trick again: You don’t want the ability to delete location data “from Maps”; you want the ability to delete location data from “your entire account.”

My interpretation of the strategy is that Google’s going to make two different copies of your location data, a cloud-based one that it has access to (Location History) and a locally stored one that it does not have access to (Google Maps Timeline), and it’s going to dangle a bunch of controls in front of users that control the local data store only. A pop-up (shown above) briefly shown in one of the blog post videos seems to confirm this, with the “Delete Maps Activity?” pop-up saying it won’t delete data from Location History or Web & App Activity. I guess the hope is that interested users will be distracted by the upfront controls for the unimportant, private, local data store and then forget about the more hidden controls for the cloud-based one that Google has access to.

Any justification for why the company is creating more complicated and confusing location controls is absent from Google’s blog post. What is the benefit of having an extra copy of locally stored location data? Why would you want two different copies of location data to manage? The only new feature you’re getting is the ability to delete data from the new local data store, but you wouldn’t need those controls if the data store didn’t exist in the first place. Why would users want to delete data from their local location history but not the cloud? A local copy of location data only makes sense if Google stops collecting and storing location data in the cloud; I can promise you that it’s not doing that.