Not only did we do it to ourselves, we're mostly enjoying and benefitting from it. The alternative (where all software is pay-to-play) actually shuts out the vast bulk of the world's population that doesn't have chips to play yet.
Does Libre Office allow for simultaneous collaborative editing by multiple users and seamless passing of current version by passing a URL around? Does it require correct set up and maintenance of a Linux installation (which has gotten a lot simpler in the past 20-odd-years, but still requires more than its fair share of technical expertise), or can it be used by anyone with a web browser, regardless of operating system or installed software configuration (save, of course, the web browser)?
If not, it's definitely an option but I'd generally anticipate it'll lose out in userbase to the alternative that has those features.
I think most of us can agree that sometimes Google services are extremely practical. I just don't think that the practicality is an argument towards the morality of their business.
I wouldn't make this a morality based argument if we just had transparency. If they were perfectly transparent, their business model would be fine (in terms of morality at least). But I believe, personally, that they have the responsibility to better inform consumers exactly what data they're collecting and exactly where it's going.
If you are a well educated consumer who decides that they are comfortable with the level of surveillance in exchange for that product, than by all means. I just wish it wasn't impossible to be a well educated consumer in this field.
Privacy isn't a morality question for most users. If it were, we would expect to see more people up in arms about demographic surveys instead of willfully participating in them.
privacy isn't the morality question, being misleading about your privacy is the morality question.
Google is collecting surveillance data on it's consumers, that the majority of it's consumers don't even know is being collected.
At what point does it become Google's responsibility to make a reasonable effort to inform people about their surveillance practices? I'd say if polling shows that the majority of your consumers aren't aware of your surveillance practices, you aren't being honest.
> At what point does it become Google's responsibility
The last time we tried to push the responsibility onto individual organizations to inform the public of the basics of how the Internet works, we ended up with "This site uses cookies" dialogs popping up redundantly and annoyingly everywhere.
I think I'd rather see the money spent on a public education campaign, not unlike the US Health and Human Services videos of the 1950s. While hokey and hilarious by modern standards, they provided a real service in helping Americans reconcile with rapid advances in technology and hygiene (including now "common sense" ideas such as "Don't play in construction sites" and "Drinking and driving are dangerous").
With exceptions on the level of sharing recipes or whatever, I find it hard to imagine collaborators using such an insecure platform. Sure, communications are encrypted, but Google has full access to documents.
How do IT security staff sign off on stuff like that?
Perhaps the security staff are convinced that either Google doesn't actually have access to it in any practically-concerning sense (https://www.quora.com/Can-Google-open-and-see-files-in-my-Go...), or the risks associated with that access are negligible?
I think you've hit on a very interesting point. The fact that IT security staff (with careers and reputations on the line) do sign off on companies using Google's platform for business applications that include passing sensitive data around might indicate that our assessment of the risk model is flawed?
I'm talking about actual information about what Google does with their data.
The cost-benefit analysis and risk tolerance doesn't tell us about how much Google secures their privacy, it tells us about how much the company cares about their privacy/security.
Beyond that, it's a trust and a penalties-for-violating-policy exercise.
And I agree with you: you can probably tell volumes about how much a company cares about the risk factors based on who they trust. But I don't generally think companies are being ignorant placing their chips on Google---it's a big org with a lot to lose if something goes wrong. That gives it advantages over either smaller competitors or rolling one's own (factoring in that to match the security of a dedicated service's cloud offering while approaching the convenience of such an offering, you basically have to hire your own full-attack-surface-spectrum infosec team, and that's one more line item in a small company's budget).
Open source solves both of these problems. The way I see it, software that costs money is a problem, and software that compromises your freedom is a problem.
Sure Google can solve one of those problems, but we also shouldn't pat ourselves on the back unless we solve both problems.
I've seen this attitude a lot, and I don't really understand it. Software takes a ton of work to produce, and in many cases a significant degree of skill as well, and I don't really see an issue with wanting to be compensated for it. If charging money is bad, and advertising is bad, what are you supposed to do? Given that you're posting here, I'm assuming that you likely get paid to write software as well - do you think it's reasonable for everyone to expect that you produce software for free?
You're right, it's certainly more nuanced than 'money = bad' and 'advertising = bad'.
I still think that in the context of this discussion, open source does solve both the privacy problem and the accessibility problem. But you're right that there are problems, namely incentive, that open source does not solve.
Open source is not the only solution to those problems, and sometimes solving those problems (privacy and accessibility) just isn't practical. In those cases, I would just wish for more transparency.
