This article doesn't seem to be supported by the provided facts.
In all cases except one, the feature seems to be working as intended:
> "After I sat for 15 minutes in the parking lots of two clinics south of San Francisco, Google deleted each from my location history within 24 hours. It did the same for my colleague’s two visits to clinics in Florida."
And in the one case where the author claims it hasn't been deleted, the screenshot [1] isn't showing Planned Parenthood as part of the timeline at all. It's simply showing it as a map location like other nearby locations not on the path (like "Himalayan Cuisine") -- and even labels it as "Recently viewed", which is why it might be prioritizing showing it when it might not otherwise. Not because it was in the timeline, but because it was recently viewed.
The only other criticism is:
> Often, Google kept my location on its timeline but only labeled it as the name of a neighborhood rather than a specific clinic. One time, it labeled my visit to a Planned Parenthood clinic as the coffee shop next door, and kept the record.
But what is Google supposed to do? It thinks you went to the coffee shop because location data isn't perfect. Sometimes it labels something adjacent and sometimes it doesn't label anything at all.
The feature seems to be working as intended, and if you want more privacy then just turn your timeline history off.
It's a great reminder, though, that relying on Google to be able to discern a sensitive situation isn't adequate. Even if Google was perfect, they can't read minds.
Best practice still has to remain to turn off your phone, or at least put it in airplane mode, before you leave the house if you need more privacy.
I believe even in airplane mode it’s been shown that your phone will still send general location data back to your carrier once back online but I don’t recall specifics
How would it collect any location data in airplane mode: WiFi, Bluetooth, GPS, and related, should all be turned off. NFC too I presume. I doubt readings from vibration (step counting), barometer, compass, if your device takes such readings, are going to be useful enough on their own to provide a good location fix.
Maybe if you take a photo of something recognisable they could log your location at that point if the photo is automatically tagged when you connect later. Though even if that is the case, I expect the OP wasn't taking pictures of any landmarks during a journey to/from the abortion clinic.
I believe the premise is that airplane mode disconnects the OS from the modem, but it doesn't necessarily turn the modem itself off. It's still hitting cell towers and phoning back to Qualcomm. If Qualcomm has this information, three letter agencies have this information.
Accelerometer and gyroscope are enough to do a pretty decent mapping of indoor locations without GPS and the like. Its all differential, so the longer it goes without a point of reference the lower the confidence is, but its possible.
Is it really a valid test to just drive there and sit in the parking lot? They mention sitting there for 15 minutes at two locations, but don't discuss the rest. So perhaps they actually went into the building other times. It is not clear to me.
If you are just sitting in a shared parking lot with other business around how are they supposed to label the location? If it gets labeled as probably being the coffee shop, then its not a visit to a sensitive location which needs to get deleted.
Scenario: You navigate to a sensitive location. Close out Google Maps and do whatever. Now they forget where you navigated to, because it is sensitive. Some time later, you open Google Maps and navigate home. It now has an unknown location as your starting point, and guesses somewhere close. So it picks up the coffee shop as potential. And uses that as the starting point for the new trip. How could they also remove that coffee shop? That would require retaining the fact that you were at a sensitive location there.
Also note that the lack of data around sensitive locations in your history may be an indicator for those looking for it. If you had gone to the coffee shop it would show up as the coffee shop, but instead it shows up as no data. I would much rather it have a nearby plausible location than a total gap in the data.
And I think the most important part of it is they don't have any history of anyone going to that specific location. So a subpoena asking for everyone who went to that location returns 0 results. Getting a subpoena for everyone who went to the neighborhood or the coffee shop, should be harder, and even if they get it its not likely to provide any useful info.
as someone who does not have a google account signed in to my android phone, who tries to mostly use f-droid, i find it deeply unsettling that all my actions are recorded by the overlords. why should you opt in to that?
you say turn it off but how many people know that option even exists?
Yes, but every time I’ve shown someone their location map they have not remembered turning it on.
I think this is in part to google prompting you pretty much every time you use maps or other web tools to turn on location history for improved functionality. I think lots of people don’t understand that and just turn it on to remove the prompt.
Kind of frustrating as this could be done in a privacy preserving manner by keeping all location data local on device and overlaying it on the map locally. Functionality wise, google doesn’t need these data.
> In all cases except one, the feature seems to be working as intended:
This is not supported by the article text.
>To test Google’s privacy promise, I’ve been running an experiment. Over the last few weeks, I visited a dozen abortion clinics, medical centers and fertility specialists around California, using Google Maps for directions. A colleague visited two more in Florida.
In about half of the visits, I watched Google retain a map of my activity
"Often, Google kept my location on its timeline but only labeled it as the name of a neighborhood rather than a specific clinic. One time, it labeled my visit to a Planned Parenthood clinic as the coffee shop next door, and kept the record."
IOW, Google saw the author going to places _other_ than the abortion clinics or did not identify that the author had gone to the abortion clinic, so Google did not delete those entries.
Should Google delete all entries of anyone who at anytime passes within X feet/miles of an abortion clinic?
> Should Google delete all entries of anyone who at anytime passes within X feet/miles of an abortion clinic?
Should Google tell people they will proactively delete location data when people visited "particularly personal" places including abortion clinics if they didn't intend to keep their word?
Geofence warrants are a real danger and Google told the public they would delete their location history to protect people against this threat.
These warrants are based on GPS location, not how Google labels things.
In all cases except one, the feature seems to be working as intended:
> "After I sat for 15 minutes in the parking lots of two clinics south of San Francisco, Google deleted each from my location history within 24 hours. It did the same for my colleague’s two visits to clinics in Florida."
And in the one case where the author claims it hasn't been deleted, the screenshot [1] isn't showing Planned Parenthood as part of the timeline at all. It's simply showing it as a map location like other nearby locations not on the path (like "Himalayan Cuisine") -- and even labels it as "Recently viewed", which is why it might be prioritizing showing it when it might not otherwise. Not because it was in the timeline, but because it was recently viewed.
The only other criticism is:
> Often, Google kept my location on its timeline but only labeled it as the name of a neighborhood rather than a specific clinic. One time, it labeled my visit to a Planned Parenthood clinic as the coffee shop next door, and kept the record.
But what is Google supposed to do? It thinks you went to the coffee shop because location data isn't perfect. Sometimes it labels something adjacent and sometimes it doesn't label anything at all.
The feature seems to be working as intended, and if you want more privacy then just turn your timeline history off.
[1] https://www.washingtonpost.com/wp-apps/imrs.php?src=https://...