It’s really an amazing story on how Google became a verb. Yet, Yahoo! was the first popular Web Search tool. There were other, less known ones dating back to 1982 (WHOis). But it was really in 1994 that Yahoo! became the Search Engine of choice. Google didn’t become available until 1998. How Google became a verb is not the story I am going to tell. Rather, I want you to focus on protecting your data.
Google and Yahoo! both make money by selling your data. This means everything you search for using their tools is made into a commodity that they then make available for a price. Just like the trackers, the data is used to build upon a file they keep on you which grows and grows into a large binder of material.
Let’s look at a snapshot of data caught by the search engine. The top is the most recent data:
I don’t think you connect to the internet with the thought that someone will sell everything you search on. But, just like the trackers (which, by the way, Google has a lot of too), the search engines themselves are tracking what you search on; and what you click on to open.
You’ll notice that in my screenshot, I have a host name of duckduckgo.com. This is the largest search engine provider that emphasizes protecting searchers’ privacy. DuckDuckGo is known for not tracking your activity or your browsing history. They are also ad free. They do not track IP addresses, so they don’t keep track from session to session what you searched on previously.
What’s the downside?
Google uses a lot of your prior data to predict what you’re really looking for, and then shows you that information. The search results look amazingly on point for what you need. But this near Artificial Intelligence comes at a price… and that price is what they do with the data. You should not be okay with giving them your data! A search engine focused on privacy requires the user to be more thoughtful about what they are searching for in order to get back the intended results.
To use an alternative search provider, it takes changing configurations on your own devices. And Configuration takes a bit of knowhow and work. The Operating System and Browser makers have been paid to make Google the default search engine and so if you do nothing, that’s what you have. To change this, you must be an active participant in your security and navigate your way through setting features to manually override the default, to select a different Search Engine provider.
If I’m not doing anything wrong, why do I care?
A common myth is that if you’re not doing anything illegal, why should you care that your browsing history is captured. The reason, like trackers, is that the data isn’t just contained within Google or Yahoo!. Rather, the data is sold to whoever will buy it. This data is used to market to you. It’s used by nefarious actors to use against you.
What do I mean?
Cambridge Analytica is a good example of YOUR data being used to arm Russian Intelligence with information to undermine democracy.
That’s a torrid story that’s not ending soon. Let’s localize to something more relatable. If you’ve ever searched for something; and then found that your email box gets littered with senders having subjects related to what you searched for, you already know the answer. They are trying to phish you; to get you to open an email containing html and tracker tags so they know you opened it; or worse, provoke you to press on a link in the email that opens a website that may contain code that is designed to either trick you into providing them Personal Identifying Information or to infect your computer.
Malware and Ransomware are your computers biggest enemy and you, the user, are the most likely weakness to unwittingly open a door for invasion. Email is the oldest communication, not designed around security, and so the easiest method to breach your computers best defenses.
I am not really a computer user, and these issues look more computer based, so why do I care?
Smartphones are computers. And text messages are packaged with malicious hyperlinks. Here’s a simple, common, example. You’ve ordered a product from an online store. The pages you visited doing your research to buy that product had 30 to 90 trackers (on each page). That data is for sale. Hackers assume you purchased, so now send you a text message about your package. It could look like it’s from USPS, UPS, or Fed-ex. The message makes up an excuse so you have to hit a link to fix things (e.g., must have a signature and you need to reschedule). You press on the hyperlink, and it takes you to a page that looks just like the carrier’s site (they stole the logo and colors to make it look realistic). Now it asks you for Personal Identifying Information. It starts with name, address, maybe phone, and then starts asking for payment information too.
It’s not just the stuff they ask for that they’ve captured. They’ve captured everything they can about your computer, the browser you’re using, the IP address (which equates to your physical address if you don’t use VPN). This information is used to attack you, or to sell to other hackers.
What action should I take?
Stop using Google as your primary search engine provider. Change the defaults on your browsers to a search provider like duckduckgo. If a particular search doesn’t yield the results you need, then use Google for just that search only by navigating to their site by typing in www.google.com as the URL. When you’re on Google, use extreme caution. Avoid all search result links that say “ad”.
With duckduckgo, there will be no ads, so you need not worry about hackers paying for their links to be presented first.
This video by Josh Summers of All Things Secured is a balanced explanation of Search Quality vs. Privacy: