Proton

The biggest new threat to privacy in 2023 wasn’t any surveillance program. It was the false advertising Big Tech companies use to trick people into thinking their products are private.

Like oil companies claiming fossil fuels are “green”, Google, Apple, Microsoft, and others increasingly try to convince people their surveillance-based advertising models are “private” when they’re not. This sneaky marketing practice is known as privacy washing(new window).

We expect this trend to increase in the coming years, and it’s important for everyone to understand the reality that surveillance capitalism is incompatible with privacy.

Three factors are pushing privacy washing to new extremes: 

  • The increasing consumer demand for online privacy
  • Stronger privacy regulations around the world
  • Pressure on ad revenue because of ad blockers and other privacy-protecting technologies

These are headaches for Big Tech, and they’re not going away. Their only response so far is to offer the illusion of privacy while continuing to profit off your personal information.

Because being alert to these strategies is one of the best ways to protect yourself from new forms of data collection and manipulation, we devoted multiple articles last year to exposing privacy washing. Let’s look at some of the biggest privacy-washing stories of 2023. Then we’ll consider some new trends we might see in 2024.

Privacy washing year in review

2023 was the year of privacy washing. We worked to expose some of the most egregious examples. 

Google branded a tracking tool as ‘enhanced ad privacy’

Google Chrome is the most popular browser in the world, and the company uses it to monitor what you do online. Last year, Chrome rolled out a feature(new window) that claimed to offer more privacy. Instead, the feature just gives Google exclusive rights to collect your data. By branding this as a privacy feature, the company is trying to redefine privacy as “no one can track your data — except us”.

Then Google brought the same ‘feature’ to Android

Just like the Chrome ‘ad privacy’ feature, the Android version(new window) blocks other apps from collecting your data while giving Google a surveillance monopoly. And once again, Google used dark patterns to force people to accept the change, turning the feature on by default with only a notification and a “Got it” button.

Apple’s iCloud isn’t as private as you think

Apple has a stronger reputation for privacy than Google, but that doesn’t mean Apple can’t see your personal information. Contrary to what you might think, Apple can see your photos, emails, calendar events, contacts, voice notes, messages, and many other categories of data by default. So much for “privacy, that’s iPhone(new window)”.

Facebook’s new Threads app is a privacy nightmare

Meta introduced a new Twitter-like app called Threads last summer, but anyone who signed up became subject to a surprisingly broad data collection regime(new window). Threads wasn’t even initially available in the European Union over concerns about regulatory compliance. 

Google Chrome’s “fake” Incognito Mode led to a $5 billion lawsuit

In what is essentially a lawsuit contesting one of the original versions of privacy washing, plaintiffs say Google’s marketing of Chrome’s “Incognito Mode” amounts to wiretapping and a breach of contract, among other allegations. While assuring you can “browse privately”, the company in fact continued to monitor people’s browsing, the lawsuit claims(new window).

Google’s lobbyists reveal the company’s true values

In its marketing to you, Google says it values your privacy. But when talking to policymakers, Google’s lobbyists are pushing in the opposite direction, successfully arguing that more privacy would be an economic disaster. We found multiple examples of Google’s anti-privacy lobbying(new window).

IP Protection protects nobody

Taking another page from Orwell, Google marketed its new IP Protection feature as enhancing your privacy. Instead, once again, it just blocks other companies from tracking you while Google continues to spy on everything you do online. IP Protection offers zero privacy benefits, especially compared with a no-logs VPN(new window).

Privacy washing trends to watch in 2024

We’re already starting to see hints that we’ll be inundated with privacy washing again in 2024. Google and the other Big Tech players will continue introducing “privacy features”. But other companies will also try to muddy the waters to obscure their own exploitation of personal data, including automakers, internet service providers, and insurance companies.

Here are some of our predictions for this year.

New forms of data capture

The demand for data is only increasing because companies are building machine learning tools that require it. As companies move more of your communications behind encryption, they will race to develop new ways to track you, such as mining your conversations with AI chatbots or scanning your documents and photos(new window).

State-level privacy laws in the US will let Big Tech off the hook

Big Tech companies have invested tens of millions of dollars trying to push weak privacy laws through statehouses in the US. For them, this is preferable to a strong federal law comparable to the EU’s GDPR. We explained how surveillance tech companies are pushing to pre-empt democratic policymaking in our article about Google lobbying(new window), and the strategy seems to be working. 

Your car will start privacy washing, too

Vehicles are trackers with wheels(new window). They have cameras, microphones, GPS, and other sensors — and there is very little privacy oversight. Many car manufacturers collect far more data than they could possibly need. For example, Kia’s privacy policy(new window) states the company collects information about your “sex life or sexual orientation”. As more people become aware of the ways their cars are spying on them, auto manufacturers will join Big Tech in the privacy washing game. Car insurance companies may also increase their use of privacy washing to hedge against privacy concerns. For example, Liberty Mutual(new window) tracks and shares your “predispositions, behavior, attitudes, intelligence, abilities, and aptitudes” with third parties.

‘Privacy control’ overload

Companies will roll out more and more privacy settings and push these options to you on all your apps and devices, asking you how you would like your data to be used. European regulators are already concerned(new window) about the way tech companies use dark patterns to bypass valid consent, and Google’s privacy settings are so confusing even employees couldn’t understand them(new window). By bombarding you with an avalanche of confusing “privacy choices”, tech companies are hoping you’ll simply agree to surveillance rather than invest time figuring it out. 

People want real privacy

Privacy washing is a shameful form of false advertising that takes advantage of people. But the fact that companies are doing it is an indication that attitudes regarding privacy are changing. People are sick of sharing their private lives with corporations just to use the internet — one reason there is a growing movement of people learning how to deGoogle their lives (stop using Google services).

It’s your life, not Google’s: DeGoogle your life for $1

At Proton, we crossed a major milestone back in April when our community grew to over 100 million accounts. This is another indication that people are ready to give up the surveillance-based business model that has dominated the internet for almost 20 years.

Our revenue comes from community support, not advertising. And our apps, including Proton Mail, Proton Calendar, and Proton Drive, collect as little data as possible. Only you can see your emails, events, photos, notes, and other data. (The privacy disclosures in iOS speak for themselves.)

And far from bombarding you with confusing privacy choices, we make privacy the default(new window).

Stay tuned in 2024 for more articles exposing the worst privacy washing offenders. And consider switching to privacy-first tech to join our fight for a better internet.

Related articles

The cover image for a Proton Pass blog comparing SAML and OAuth as protocols for business protection
SAML and OAuth help your workers access your network securely, but what's the difference? Here's what you need to know.
Proton Lifetime Fundraiser 7th edition
Learn how to join our 2024 Lifetime Account Charity Fundraiser, your chance to win our most exclusive plan and fight for a better internet.
The cover image for a Proton Pass blog about zero trust security showing a dial marked 'zero trust' turned all the way to the right
Cybersecurity for businesses is harder than ever: find out how zero trust security can prevent data breaches within your business.
How to protect your inbox from an email extractor
Learn how an email extractor works, why your email address is valuable, how to protect your inbox, and what to do if your email address is exposed.
How to whitelist an email address and keep important messages in your inbox
Find out what email whitelisting is, why it’s useful, how to whitelist email addresses on different platforms, and how Proton Mail can help.
The cover image for Proton blog about cyberthreats businesses will face in 2025, showing a webpage, a mask, and an error message hanging on a fishing hook
Thousands of businesses of all sizes were impacted by cybercrime in 2024. Here are the top cybersecurity threats we expect companies to face in 2025—and how Proton Pass can protect your business.