cross-posted from: https://infosec.pub/post/9936059
I would like to collect the scenarios in which people are forced to enter Google’s #walledGarden (that is, to establish and/or maintain an account).
If someone needs a Google service to access something essential like healthcare or education, that’s what I want to hear about. To inspire a list of things that are “essential” I had a look at human rights law to derive this list:
- right to life
- healthcare
- freedom of expression
- freedom of assembly and of association
- right to education
- right to engage in work and access to placement services
- fair and just working conditions
- social security and social assistance
- consumer protection
- right to vote
- right to petition
- right of access to (government) documents
- right to a nationality (passport acquisition)
- right of equal access to public service in his country
Below is what I have encountered personally, which serves as an example of the kind of experiences I want to hear about:
- Google’s Playstore is a gate-keeper to most Android apps in the world and this includes relatively essential apps, such as:
- emergency apps (e.g. that dial 112 in Europe or 911 in the US)
- banking apps
- apps for public services (e.g. public parking)
- others?
- (education) Google docs is used by students in public schools, by force to some extent. Thus gdocs sometimes cannot be escaped in pursuit of education. When groups of students collaborate, sometimes the study groups impose use of gdocs. Some secondary school teachers impose the use of Google accounts for classroom projects.
- (education) A public university’s wi-fi network involved a captive portal and the only way to gain access was to supply credentials for a Google or Facebook account.
I’ve noticed that when creating an account for a public service I often have the option to supply credentials for Google or Facebook to bypass the verification process. In all cases of this kind of registration shortcut being used for public service, there was an alternative Google-free way to open the account. But in the private sector, I’ve seen this style of registration that absolutely required a proxy login via some shitty walled garden (like the university wi-fi). So I wonder if there are any situations where a government (anywhere in the world) requires a Google account in order to get service.
Education is a good one. Fortunately at this stage in my life it’s no longer an issue for me. I cannot think of anything else I would need google for. Never needed Google to dial emergency services as this is available on dumb phones as well as land lines. Public service apps just need an email of phone number, email I host myself.
One thing that should be discussed is major email providers shutting out self-hosters so that they only accept emails originating from one of the big tech companies. You can receive emails, but having them accepted by others is another story. I’m usually not in favor of heavy handed legislation, but this is an area I would have no issue with the feds interfering as this is essentially a way to create a monopoly.
I’ve ditched email for the reason you mention. If I need to email a private sector entity, I might check their MX server and attempt to send a message if the receiving server is not Google or MS. But generally I nix whatever company I would otherwise want to reach. If I need to reach them (e.g. to get support for a product I already own and I’m stuck with), then I use snail mail. Same for public offices. Most government offices use Microsoft for email which is a non-starter for me. If they use MS then they’re getting snail mail from me.