[HN Gopher] A Dad Took Photos of His Kid for the Doctor. Google ...
___________________________________________________________________
A Dad Took Photos of His Kid for the Doctor. Google Flagged Him as
a Criminal
Author : carbolymer
Score : 140 points
Date : 2022-11-25 21:47 UTC (1 hours ago)
(HTM) web link (web.archive.org)
(TXT) w3m dump (web.archive.org)
| sekh60 wrote:
| This story broke the camels back for us when it first appeared
| here and got us to migrate our email to protonmail and a domain
| we bought.
| josephcsible wrote:
| I wish we had a portable email address format, like phone
| numbers are, instead of being inherently tied to a provider.
| [deleted]
| startupsfail wrote:
| This. There should be anti-monopoly regulation that would
| state that e-mail addresses belong to users, just like the
| phone numbers or domain names.
| orangepurple wrote:
| I own my domain and therefore my email address will belong
| to me as long as I can pay the property tax (ICANN) and
| management company (Fastmail).
| chrismeller wrote:
| You don't own a phone number either. Ever tried to move
| between countries?
| layer8 wrote:
| Owning a domain is close enough.
| rosnd wrote:
| Buy a domain name, now you have a portable email address.
| noirbot wrote:
| Though I often have questions about how that works in terms
| of managing your domain. I feel like I shouldn't have the
| account I manage my domains with tied to an email address
| at the domain that's under management. If my email provider
| disappears, I'm potentially locked out of the account I
| need to log into in order to change the MX records, right?
| pyuser583 wrote:
| Stratechery covered this ... they pointed out the really f*ed:
| part: Google is refusing to reinstate the account.
|
| Protecting children is important. AI is imperfect.
|
| But there is no reason the keep the account suspended once it's
| clear there was no wrongdoing.
|
| This man is innocent of doing anything wrong. Google had
| suspended him, and removed access to all his online account data.
| And refuses to reinstate.
|
| We balance out liberties with responsibilities all the time. We
| allow the state power to protect children, and corporations have
| the right to assist them.
|
| There are careful balancing acts being done.
|
| But there is no balancing act here. There is no justification for
| Googles action.
| gjsman-1000 wrote:
| This is the part that should receive a Congressional inquiry. I
| would love to see Congress drag Sundar Pichai (and no one else)
| before them and scream "What the hell is wrong with you?" in
| his face.
|
| We have courts for a reason. They found no wrongdoing. Google
| is objectively deciding _they know better than an elected
| court_ on what happened.
|
| This whole situation is absurd and evil.
| fossuser wrote:
| IIRC there was a follow up which was arguably worse.
|
| Google implied that the account was suspended because of real
| CSAM concerns unrelated to the photos sent to the doctor/police
| officer (other photos in their account? the wouldn't go into
| details about their decision) and that the officer closing the
| case doesn't mean their judgement here is wrong.
|
| If that's the case I can understand why they're obstinate about
| their decision (which otherwise would seem like a dumb mistake
| they should just reverse), but the problem is none of this
| happens in a place where users have any ability to get
| reinstated or have any sort of control over their digital life
| - there's no real path any individual has out of this _even_
| after going to the press.
|
| The user also using all account access (two factor, email,
| etc.) is particularly bad.
|
| The current local max of computing we find ourselves trapped in
| (accounts on a handful of megacorporation servers) is awful.
| The 90s dream of a decentralized web failed.
| shadowgovt wrote:
| I'm not normally one to indulge conspiracy theories.
|
| ... But given the situation and high profile nature of this
| incident?
|
| If that account's still locked, it's locked under sealed FBI
| warrant.
|
| Google has had situations where they work hand-in-give with law
| enforcement to resolve something, and when they do, they're
| radio-silent on the situation. Sometimes for years, given the
| scope.
| Waterluvian wrote:
| This is the one that causes me to finally commit an entire
| weekend to getting off Google.
|
| Because I have the exact same kinds of photos on my phone, auto-
| backed up to Google Photos, intended for his physician.
| [deleted]
| nehal3m wrote:
| NextCloud on a VPS works very well for me. The AIO setup does
| all the work for you: https://github.com/nextcloud/all-in-one
| Barrin92 wrote:
| what happened to the guy was awful but in general, _don 't ever
| store medical correspondence on Google cloud or send it over
| email or messengers_. Here in the EU and I would be surprised if
| it's different in the US there's dedicated apps for telemedicine
| which are regulated like medical devices, so there's
| confidentiality, no storage or scanning of vieo or audio, and so
| on. Sucks but you can't really treat any other services as secure
| or private.
| kodt wrote:
| It sounds like a secure platform was likely used to send it to
| the doctor but the photos were taken on a phone and auto backed
| up to Google Photos and also texted to his wife's iPhone.
| cozzyd wrote:
| right but most people take pictures with their phones nowadays,
| which might automatically backup up to google photos.
| Waterluvian wrote:
| And the supermajority of users of this set of systems and
| features are entirely technically unaware of how to
| micromanage it.
|
| To them, they have a phone that backs up to the cloud.
| [deleted]
| xeromal wrote:
| Sounds like there almost needs to be an incognito mode for
| cameras.
| themacguffinman wrote:
| There is. The Android camera app has a button on the top-
| right corner that lets you quickly switch between saving to
| "photo storage" or "locked folder". If you pick "locked
| folder", it saves it to a special folder that isn't backed
| up to the cloud and requires a screen lock to open.
| wholinator2 wrote:
| I figure it's probably not typical but I disable every single
| piece of tracking possible and disallow any external cloud
| storage on every device I have. I just don't actually have a
| need to give Google thousands of my photographs and access to
| every piece of my personal history. The benefit would be
| marginal and the cost is unlikely but potentially
| catastrophic. (And seemingly more likely every year). Every
| new device I get I go through every setting and turn off all
| the new bullshit they've put in to steal my privacy, because
| they do constantly add to the attack surface.
| afandian wrote:
| I don't trust anyone with health data, honestly. Two examples
| from the UK:
|
| Babylon data breach for UK GPs:
|
| https://news.ycombinator.com/item?id=23471347
|
| Palantir getting its teeth into the NHS:
|
| https://www.bbc.co.uk/news/technology-56183785
|
| Next time I need a doctors appointment I'll do my best to make
| it in-person.
| warbler73 wrote:
| Apple's Photos app tried to tell me that my child was my lover in
| their photo event labeling, which really pissed me off a lot.
| bagels wrote:
| Does getting your google account blocked prevent you from using
| GCP? There are so many stories of people losing access to google
| accounts that it seems way too risky to use GCP when this sort of
| thing can happen.
| cypress66 wrote:
| I don't know why people use gcp, I would like to hear some
| opinions.
|
| The way I see it, if you don't mind price, you go with AWS
| (most polished). If you mind price gcp isn't really much
| cheaper, so you go with something actually cheap like OCI.
| gjsman-1000 wrote:
| Potentially yes, if you use a personal account for GCP. Don't
| do it.
|
| If you have to use GCP, use a burner account... because Google
| is absolutely asinine right now.
|
| I would not trust Google if they were a hired employee to turn
| on my sprinklers in the morning.
|
| Edit: For this reason, I am actually all in favor of having
| GCP, AWS, Azure, etc declared utilities. Unless there is a
| crime, we have a _right_ to an account. Your electricity
| company can't cut you off whenever they feel like.
| ronsor wrote:
| Google aggressively links accounts together. If you ever hire
| someone who was banned by big G, kiss everything goodbye.
| josephcsible wrote:
| > If you have to use GCP, use a burner account
|
| Does that actually help? Don't they collect enough of your
| data to be able to correlate accounts?
| gjsman-1000 wrote:
| Perhaps, but better safe than sorry. If you had a small
| business and relied on Google Workspace, the damage for one
| mistake like this could be incalculable.
|
| Imagine losing your contacts, your photos, your emails with
| clients, your cloud setup... because you had the humanity
| to take care of your child.
|
| It is impossible to underestimate Google now.
| dylan604 wrote:
| You're going to have to start using your GCP like it's a
| freedom fighting session. Never used from the same public
| wifi. Don't use a public wifi within xDistance from your
| house. Only interact with GCP from a freshly spun up
| VM/Tails boot/etc. If no available wifi access, only use a
| mobile hotspot that is prepaid in cash where the burner was
| bought by someone else (so their shiny mugs are on the
| security camera), buy that burner in a different town, and
| all the other paranoid things to safe in a hostile world.
| Just to use Google
| lrvick wrote:
| I just use Whonix in a QubesOS VM routed via Tor.
| yjftsjthsd-h wrote:
| That works? I would expect Google to ban accounts just
| for using Tor.
| kadoban wrote:
| Doesn't Google famously link accounts that have ever had
| anything to do with each other, and ban them as a group? I
| recall some businesses getting their play store accounts
| banned because some dev did sketchy stuff separately, or the
| other way around.
| gjsman-1000 wrote:
| If so, treat everything that Google offers as ephemeral.
| They deserve no additional respect.
| FeistySkink wrote:
| Anecdotal, but I know somebody who got their personal Google
| account blocked and then the company they work for GCP
| account blocked just because their names "looked" the same as
| somebody else's on the sanction list, even though it was a
| different person. I'm not sure they ever got the personal one
| back.
| autotune wrote:
| GCP is so awful to deal with directly their sales people
| ghost you after you submit your LLC info to raise limits.
| Then the sales person you were working with initially gets
| sacked, and weeks later a new one comes on board and tries to
| pick up where you left off again.
| walrus01 wrote:
| imagine what happens if you use google's domain registrar
| services.
|
| even if you were to run a domain name zonefile that pointed its
| MX at something non-google and had zero A records or CNAMEs
| pointing at things hosted on GCP, you'd still risk being unable
| to login or admin your domain.
| markdown wrote:
| Shit, this gave me pause.
|
| My dog has crypto* and my vet asked me to send him pics at
| various states of arousal so I have numerous pics of dog junk on
| my phone.
|
| * Cryptorchidism is the medical term that refers to the failure
| of one or both testicles (testes) to descend into the scrotum.
| layer8 wrote:
| Thanks for the footnote, it's quite confusing otherwise. :)
| kodt wrote:
| I just figured his dog had its own bitcoin wallet.
| layer8 wrote:
| Yeah, everyone and their dog has crypto these days
| (possibly Dogecoin), but then it gets weird with the
| arousal.
| rosnd wrote:
| This is such a weird story. Is google really using computer
| vision to detect CSAM? How could that possibly work? This seems
| like a tremendous technical challenge.
|
| Usually photoDNA has been deployed for this, but that almost
| certainly wouldn't be triggered by the dad uploading his own
| photos that hadn't been previously marked as CSAM in the photoDNA
| database.
| mopsi wrote:
| Everyone's using AI, and widely. I sell stuff online and sync a
| product feed to Facebook. Products often get banned based on
| image analysis. Sometimes it is reasonably close, eg darts
| getting classified as dangerous weapons, other times sneakers
| get that classification.
|
| If I appeal, it usually gets overturned, but sometimes sneakers
| get confirmed as weapons after review. There seems to be no
| image history; when a previously whitelisted product gets
| imported again (with a minor change in description or
| something), it may get classified as weapon again.
|
| Needless to say, my ad spend is now zero and I expect my
| account to get banned any moment.
|
| Fuzzy AI-based image analysis is OK for things like extracting
| roof shapes from aerial images, but seems totally inadequate
| for moderation, because it lacks nuance and context.
| culanuchachamim wrote:
| Original thread 3 months ago:
| https://news.ycombinator.com/item?id=32538805
| jack7e wrote:
| +1 for the archive link
| morgosmaci wrote:
| It was removed but there was a discussion about a similar account
| over on the Photos reddit this week.
| https://old.reddit.com/r/googlephotos/comments/yzz03x/it_loo...
| baggy_trough wrote:
| Outrageous and unacceptable.
| 9991 wrote:
| Then don't accept it. Null route Google in your hosts file and
| move on with your life.
| josephcsible wrote:
| It's been three months, and AFAIK, Google still hasn't given him
| his account back yet.
| Overtonwindow wrote:
| That would require Google to at least tacitly Admit that they
| made a mistake.
| duxup wrote:
| Or that one guy who can restore accounts to get to it.
| gjsman-1000 wrote:
| Forget that - Google states to the media they had reviewed the
| situation and had decided to _uphold his ban._
|
| Good luck convincing them to admit their "appeal" system, and
| their media review, were mistakes. Google is too arrogant for
| that.
| Alupis wrote:
| It might be worth remembering we only have one side of the
| story here. How do we know we can thoroughly trust the Dad
| any more than we can thoroughly trust Google? Perhaps there
| are more pictures Dad took the article doesn't know about?
| Perhaps Google can't verify it was indeed Dad's child in the
| images?
|
| Perhaps there is more to the story than what the article lets
| on...perhaps not. We will never really know.
| drewmol wrote:
| Google seemed to review the images and determine they were
| for the reason he explained, but the video of his wife
| naked in the bed with his son seemed to be what was still
| considered an issue. Perhaps they were asleep while he
| filmed the video?
| loeg wrote:
| SFPD investigated the other photos, too, and determined
| there was no crime.
| josephcsible wrote:
| The police investigated and verified that Google's
| accusations were completely false.
|
| Also:
|
| > we only have one side of the story here
|
| In real court, if you don't show up to tell your side of
| the story, you're considered to be in the wrong by default.
| Why should the court of public opinion be any different,
| when Google has had the chance to tell their side but chose
| not to?
| para_parolu wrote:
| We have one side of the story because the other side (huge
| corporation) didn't give any information and decided to
| keep ban. No transparency there.
|
| Ps. This "we will never really know" is triggered me. This
| phrase used by Russian propaganda when they got caught in
| crimes every damn time.
| Alupis wrote:
| > We have one side of the story because the other side
| (huge corporation) didn't give any information and
| decided to keep ban. No transparency there.
|
| I'm not sure why we expect Google to provide transparency
| for CSAM bans/investigations. That would be highly
| irregular, and not just for Google.
|
| The Dad has legal path(s) to take if he feels he was
| truly wronged. Paths that would ultimately cost nothing
| if he prevailed. Paths that would likely force Google to
| undo their decision if Dad's statements are in fact the
| truth and Google has no other data/evidence.
|
| Dad chose not do do any of that though... why? I'm
| confident there are lawyers out there that would even
| represent Dad for free.
|
| > This phrase used by Russian propaganda when they got
| caught in crimes every damn time.
|
| What?
| [deleted]
| bawolff wrote:
| This is always true, and a fundamental reason why free
| societies adopted the notion of open courts: to ensure that
| all sides of the story are known and innocent people don't
| suffer based on ifs and maybes.
| Alupis wrote:
| The Dad appears to have chosen not to sue Google for some
| reason. The dollar amount quoted in the article is
| peanuts for what these things normally cost, making it
| sound more like an arbitration thing.
|
| Typically if you win arbitration or court, the losing
| party pays the lawyers anyway - so why did he not pursue
| this?
| rokhayakebe wrote:
| How can we trust the dad?
|
| I think if someone was doing something criminal and their
| access was blocked, they will juat quietly walk away. But
| talking to the press? That would be a new level.
| wastedimage wrote:
| Seems hard to believe that if it really is this cut and dry some
| SVP would have unfucked it by now in order to avoid the PR
| disaster. I suppose that would require someone to take a risk
| though and it's easier for everyone to hide from something like
| this.
| lrvick wrote:
| Google will not lose any significant number of users no matter
| how shitty they are, because most people have no idea how to
| leave.
| fersarr wrote:
| So, basically if I have disabled cloud backups in google photos,
| this shouldn't affect me right?
| lrvick wrote:
| Do not send them via plaintext email, or a proprietary chat
| system. Also be aware that other corpo apps on your phone may
| harvest and back them up too or scan them in place. US cell
| carriers require extensive root access malware like OMA-DM
| toolkits that can be triggered to spy on anything on your phone
| at any time.
|
| As long as you use proprietary software on your devices you
| will never be safe from this type of thing.
| loeg wrote:
| For now they don't scan the contents of your phone, yes. If
| that changes, potentially no.
| formerly_proven wrote:
| > Mark did not remember this video and no longer had access to
| it, but he said it sounded like a private moment he would have
| been inspired to capture, not realizing it would ever be viewed
| or judged by anyone else.
|
| Recontextualisation is one hell of a drug.
| drewmol wrote:
| Yeah I wouldn't be surprised if they were asleep in the video
| and that's what Google still had issue with. Perhaps not but if
| so, it would explain things a bit better.
| LAC-Tech wrote:
| Thanks for the reminder.
|
| Wife and I take a lot of photos of our newborn, including in the
| bath. We think nothing of it, but probably worth figuring out a
| digital plan.
| cpcallen wrote:
| Use a film camera and develop the film yourself.
| Cameri wrote:
| That Google snoops and watches your video, photos and emails
| should not be a surprise to anyone in 2022. If your entire online
| identity is tied to a string that ends in @gmail.com they own
| you.
| [deleted]
| jacob019 wrote:
| These stories of people being banned by google without recourse
| are so common, it's amazing that anyone here is still using
| google for anything important. First of all, get off of gmail. If
| you do nothing else, get off of gmail. I'm very happy with
| fastmail, they provide email, calendar, contacts, notes, and some
| cloud storage for a monthly fee.
|
| I've also come to love nextcloud, I started using it to replace
| google photos, but there are tons of other great features too. I
| use it for photos, notes, calendar, contacts, news, and some
| collaboration stuff. It's open source, you can self-host, or get
| a hosted account somewhere.
|
| While you're degoogling, start using duckduckgo for search. It's
| a better experience than google these days, and if you really
| want to send a query over to google, just add !g to the end of
| the search.
|
| Get off of Chrome too. I would prefer that you use firefox, but
| chromium works fine too.
|
| Getting off of google voice took a bit more work. I ported my
| number to Telnyx, wrote a SMS-to-XMPP bridge, and set up Asterisk
| to route voice calls. I'm happy with that solution but it won't
| be practical for most, so maybe someone else can comment on
| google voice alternatives.
| [deleted]
___________________________________________________________________
(page generated 2022-11-25 23:00 UTC)