[This is a multiple-part series – go here for the full list]
In preparation for an interview I just did for the Malwarebytes Lock and Code Podcast, I put together a strategy for my “de-Google” project. It’s honestly how I should have started this entire series of articles. But better late than never! (When you’re done here, check out Part 1 next.)
Give Yourself a Checkup
The first thing I would do is limit what Google already collects. Google actually has a tool for this called Google Privacy Checkup. Just be keenly aware that Google is painting each and every bit of data collection in the best possible light, what some would call using dark patterns. Phrases like “enhanced experiences”, “better recommendations”, and “personalized ads” are just euphemisms for tracking. If all of this data collection were strictly for your benefit – if Google were being a “data fiduciary” – then it wouldn’t be as big of a deal. But make no mistake, Google is an advertising company that happens to have 80+ “free” products whose primary purpose is to collect as much information on you as possible so that it can target you with ads.
Beware of disabling some third-party app sharing. If you’ve used “sign in the Google”, your entire account may be based on Google. I would still disable this linkage, but it may take some planning and legwork if you want to preserve all your settings and history.
While you’re there, go ahead and run the Google Security Checkup, too. Google will prompt you to do this after you complete the privacy checkup.
Find out what Google knows about you by going to takeout.google.com. Warning: this will probably scare the crap out of you. At least skim the long list of info Google has so you’re aware of what’s going on. But you might actually want to download some of that data and look through it. I can’t recall if this tool will also show you the purchase information Google collects from email receipts in Gmail (I disabled this long ago), so you might also want to check that here.
The next thing you should do is disable as much data collection as you can and delete activity history. From your Google account, you need to find “My Activity” (myactivity.google.com). Again, be keenly aware of euphemisms here. When it says that this info “helps Google make services more useful for you”, this also means they’re tracking what you do and selling access to your activity history.
Make Your De-Google To-Do List
While you’re doing these things, make a list of all the Google products and services you use. This should include apps on your smartphone (e.g., YouTube, Waze) and smart devices in your home (e.g., Fitbit, Nest). Note that this series of articles will touch on the most popular Google services and devices, but everyone’s list will be different. There are so many possible items in this list, you’re going to need to note the ones that apply to you.
When you’ve completed this exercise, make yourself a customized de-Google to-do list. I would order them from easiest to hardest – start with the low-hanging fruit and work your way up. Also, give yourself plenty of time to do this – weeks, even months, if that’s necessary. Slow and steady wins the race!
I wouldn’t necessarily delete your Google account when you’ve completed this exercise. First of all, a lot of people probably still have your Gmail address. If you delete your account, that user ID will eventually get recycled – meaning, someone else may take it. You’ve already “planted your Google flag” – it’s okay to keep it there, just stop using Google where you can.
I’ve created a nice summary page for all of these articles, including links to more resources.
Need practical security tips?
Sign up to receive Carey's favorite security tips + the first chapter of his book, Firewalls Don't Stop Dragons.
Don't get caught with your drawbridge down!