Online privacy is a funny thing. There is largely an expectation of anonymity that people don’t have in the physical world. For instance, if you go in to a store and ask for help finding clothes you might be interested in, the employees can look at you and instantly gather demographic data (approximately how old are you, do you look like a man or a woman, etc.). They can even tell what you’re already wearing to get a sense of what clothes you presumably like already. This is generally considered good because a teenage girl walking into the clothing store doesn’t want to be shown to the “old man” section; she wants to know whats trendy in the groups she identifies with.

As that same girl goes back to the store, the employees can learn what types of clothes she likes and point out more specific choices. They can learn that, although the latest summer dresses are in and they’re very popular, this particular girl prefers not to wear dresses, for instance. That’s also good. The more relevant and personalized the help, the better the experience for the consumer and the more positive the impression of the company. That’s one of the reasons people like to shop at smaller stores; when I go to the Korean restaurant for lunch near my work, the guy there knows I want spicy bulgogi with salad and brown rice to go (well, I don’t want the salad, but I choose that over the kimchi).

People will happily use a customer loyalty card to save a few bucks even though it exists purely to give the company the ability to analyze customer behavior. Further, even when the card isn’t assigned to a person, it can be associated with a real person (or people) when used in combination with a credit card.

Yeah, pretty much anything you do out in public is expected to be, well, public. That is, as long as you aren’t a weird shirtless guy.

The online world is a different place. There, the expectation is mostly privacy but with some interesting wrinkles. For instance, forums often allow posts from anyone, but you have to create an identity (an account) that is used to connect your posts. This allows people to control how much anonymity is used, making a smaller more welcoming community, but preventing it from locking out known trolls, racist people, etc.

At the same time, we (as consumers) and businesses are seeing the value of analyzing data. Sometimes the effects aren’t obvious to the end user (such as a website making changes to improve the user experience based on analytics), but sometimes they are (such as a service suggesting movies or music you might like based on your past habits and ratings).

Both Apple and Microsoft have gone well out of their way to paint Google as the company that is acquiring all the knowledge they possibly can about you to sell it to third parties, despite that not being the case. They want you to think the conversations go like this (probably in a dark alley):

Google: We’ve got some great info on someone you might care about.

Third party: Tell me about this person.

Google: Well, Gary Smith is a 34 year old man who lives at 123 Main St. His wife, Sally, is 32 years old and they have a daughter together.

Third party: Oh that sounds excellent, tell me more about this daughter.

Google: Her name is Rebecca, but they call her Becky. She likes dolls, story time, and freshly pooped diapers. She has a birthmark on her left thigh that looks like a cute little heart.

Third party: Excellent! How much money will this cost me?

Google: Oh about tree fiddy.

That implies that Google is actually directly selling this data to third parties, but that would make no sense. If Google’s business is data about people and they just sell that data, they wouldn’t stay in business long. The third party would never have to pay Google again for that knowledge of Gary. A much more profitable model would look like this:

Third party: We’d like you to show this ad to possible customers.

Google: Which group of people would you like us to show this to?

Third party: Preferably people who might have small children.

Google: Alrighty, we’ll give it a try.

The third party doesn’t buy the personal details of Gary; it buys the advertisement impressions for specific demographics. But that’s not the story Microsoft wants you to believe. They want you to literally believe that a human is reading your email to sell your personal details to a stranger. Even if you know it wouldn’t be remotely cost effective to pay humans to read all your shitty email (do you even read it all?) and that a computer algorithm is parsing the email just like they do for filtering spam messages, they want you to think the algorithm that looks for keywords to trigger advertisements is more evil than the one that looks for keywords to block.

Similarly, Apple wants you to believe Google is literally selling intimate knowledge of your personal life. They want you to believe that they would never, ever share any of your personal data with anyone else because that is a cardinal sin. I mean, Google’s privacy policy would probably say something downright evil like

At times Google may make certain personal information available to strategic partners that work with Google to provide products and services, or that help Google market to customers. […] Google shares personal information with companies who provide services such as information processing, extending credit, fulfilling customer orders, delivering products to you, managing and enhancing customer data, providing customer service, assessing your interest in our products and services, and conducting customer research or satisfaction surveys. […] To provide location-based services on Google products, Google and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your computer or device.

Seriously, how can Google be so evil? Oh wait, that quote is from Apple’s privacy policy; I accidentally changed the instances of ‘Apple’ to ‘Google’ somehow.

The reality is companies will use data because it is extremely valuable. As something valuable, they will make reasonable efforts to protect it. The more core to their business, the more important it is for them to protect it. You just have to decide which companies will make efforts that are significant enough for you to feel confident in trusting them with that data. Should you trust Apple’s continued claims that they don’t track you, despite their privacy policy and all the security problems they’ve had? This is the company that “accidentally” kept an infinite list of previous locations an iPhone/iPad had been at, even after location data was turned off, and restored that data across backups and devices. They claim they were unaware that this was happening despite the book “iOS Forensic Analysis” being published the prior year with details. Yeah, maybe they learned from that, but they still upload every single voice query you make to their servers, they have a bad security record, and their rhetoric doesn’t match their own privacy policy.

But if you want to trust Apple with your data because you believe that the services they provide are worth it, go for it. Just don’t claim that they respect your privacy more than Google because they tell you they do. Both gather a substantial amount of data; Google is just better at using that data to provide good services.