Comment by mattzito
18 days ago
It's a lot more nuanced than that. If you use the free edition of Code Assist, your data can be used UNLESS you opt out, which is at the bottom of the support article you link to:
"If you don't want this data used to improve Google's machine learning models, you can opt out by following the steps in Set up Gemini Code Assist for individuals."
and then the link: https://developers.google.com/gemini-code-assist/docs/set-up...
If you pay for code assist, no data is used to improve. If you use a Gemini API key on a pay as you go account instead, it doesn't get used to improve. It's just if you're using a non-paid, consumer account and you didn't opt out.
That seems different than what you described.
your data can be used UNLESS you opt out
It's even more nuanced than that.
Google recently testified in court that they still train on user data after users opt out from training [1]. The loophole is that the opt-out only applies to one organization within Google, but other organizations are still free to train on the data. They may or may not have cleaned up their act given that they're under active investigation, but their recent actions haven't exactly earned them the benefit of the doubt on this topic.
[1] https://www.business-standard.com/technology/tech-news/googl...
Another dimension here is that any "we don't train on your data" is useless without a matching data retention policy which deletes your data. Case and point of 23andMe not selling your data until they decided to change that policy.
I'll go ahead and say that, even if there was a method that deletes your data when you request it, nothing stops them from using that data to train the model up until that point, which is "good enough" for them.
Google offers a user-configurable retention policy for all data.
https://support.google.com/accounts/answer/10549751
That said, once your data is inside an LLM, you can't really unscramble the omelette.
1 reply →
[dead]
This is incorrect. The data discussed in court is data freely visible on the web, not user data that the users sent to Google.
If the data is sent by a user to sub-unit X of Google, and X promised not to use it for training, it implies that X can share this data with sub-unit Y only if Y also commits not to use the data for training. Breaking this rule would get everyone in huge trouble.
OTOH, when sub-unit X said "We promise not to use data from the public website if the website owner asks us not to", it does not imply another sub-unit Y must follow that commitment.
Hopefully this doesn't apply to corporate accounts where they claim to be respecting privacy via contracts
Reading about all the nuances is such a trigger for me. To cover your ass is one thing, to imply one thing in a lay sense and go on to do something contradicting it (in bad faith) is douchebaggery. I am very sad and deeply disappointed at Google for this. This completes their transformation to Evil Corp after repealing the “don’t be evil” clause in their code of conduct[1].
[1] https://en.m.wikipedia.org/wiki/Don't_be_evil
We need to stop giving money and data to hyperscalers.
We need open infrastructure and models.
People said the same thing about shopping at walmart instead of locally.
8 replies →
[dead]
Sorry, that's not correct. Did you check out the link? It doesn't describe the CLI, only the IDE.
"You can find the Gemini Code Assist for individuals privacy notice and settings in two ways:
- VS Code - IntelliJ "
That's because it's a bit of a nesting doll situation. As you can see here:
https://github.com/google-gemini/gemini-cli/tree/main
If you scroll to the bottom, it says that the terms of service are governed based on the mechanism by which you access Gemini. If you access via code assist (which the OP posted), you abide by those privacy terms of code assist, one of the ways of which you access is VScode. If you access via the Gemini API, then those terms apply.
So the gemini CLI (as I understand it) doesn't have their own privacy terms, because it's an open source shell on top of another Gemini system, which could have one of a few different privacy policies based on how you choose to use it and your account settings.
(Note: I work for google, but not on this, this is just my plain reading of the documentation)
My understanding is that they have not implemented an opt-out feature for Gemini CLI, like they've done for VSCode and Jetbrains.
1 reply →
As a lawyer, I'm confused.
I guess the key question is whether the Gemini CLI, when used with a personal Google account, is governed by the broader Gemini Apps privacy settings here? https://myactivity.google.com/product/gemini?pli=1
If so, it appears it can be turned off. However, my CLI activity isn't showing up there?
Can someone from Google clarify?
I am very much not a lawyer, and while I work for Google, I do not work on this, and this is just my plain language reading of the docs.
When you look at the github repo for the gemini CLI:
https://github.com/google-gemini/gemini-cli/tree/main
At the bottom it specifies that the terms of service are dependent on the underlying mechanism that the user chooses to use to fulfill the requests. You can use code assist, gemini API, or Vertex AI. My layperson's perspective is that it's positioned as a wrapper around another service, whose terms you already have accepted/enabled. I would imagine that is separate from the Gemini app, the settings for which you linked to.
Looking at my own settings, my searches on the gemini app appear, but none of my gemini API queries appear.
3 replies →
Sorry our docs were confusing! We tried to clear things up: https://github.com/google-gemini/gemini-cli/blob/main/docs/t...
"1. Is my code, including prompts and answers, used to train Google's models?
This depends entirely on the type of auth method you use.
The opt out appear to be about other type of stats, no?
Thanks a lot for clarifying in plain language! Makes sense re basically anything paid is NOT used for training, free - does.
Off-topic, but I wish this kind of plain language doc existed for Google One vs Google Workspace as well.
> It's a lot more nuanced than that. If you use the free edition of Code Assist, your data can be used UNLESS you opt out,
Well... you are sending your data to a remote location that is not yours.
Yes, I'm right about to trust Google to do what they pinky swear.
EDIT: Lmao, case in point, two sibling comments pointing out that Google does indeed do this anyway via some loophole; also they can just retain the data and change the policy unilaterally in the future.
If you want privacy do it local with Free software.
Do you have recommendations? I have ollama but it doesn't have built in tool support