By John Gruber
1Password — Secure every sign-in for every app on every device.
Russell Brandom, reporting for The Verge:
The version of Allo rolling out today will store all non-incognito messages by default — a clear change from Google’s earlier statements that the app would only store messages transiently and in non-identifiable form. The records will now persist until the user actively deletes them, giving Google default access to a full history of conversations in the app. Users can also avoid the logging by using Allo’s Incognito Mode, which is still fully end-to-end encrypted and unchanged from the initial announcement.
It would have been more surprising if Google had actually followed through on their promise for Allo message retention. And I still say “Incognito” is the wrong word. They should call it “Private”. Incognito carries a “What do you have to hide?” connotation. (I know Chrome uses the same word for private tabs, but I’d argue the same thing there — they should be called “private tabs”, like Safari does.)
Google wants to read and index your chats. It’s that simple.
According to Google, the change was made to improve the Allo assistant’s smart reply feature, which generates suggested responses to a given conversation. Like most machine learning systems, the smart replies work better with more data. As the Allo team tested those replies, they decided the performance boost from permanently stored messages was worth giving up privacy benefits of transient storage.
That’s a fair tradeoff, but it also shows very clearly who is in control at Google when it comes to features/advertising potential vs. user privacy debates. When has such a decision at Google ever erred on the side of privacy?
★ Wednesday, 21 September 2016