A slide from a National Security Agency presentation on how to access Google's cloud architecture

We’re all aware that free online services are tracking our every move – but some paid-for services are just as bad.

We’ve all come to accept that if the online service you are using is free, you are no longer the customer – you are the product being sold.

Put another way, when a company offers to give you a free online book through which you can show your face, that company is selling you, to its real customers. Typically those customers will be advertisers who would like to book adverts that then get put before your face, often on entirely different websites through various affiliate and ad-networking schemes.

Google learned long ago how sexy and attractive is free. In fact, we’re marking an anniversary of its very success in pushing out free this month in April 2014, as the company launched Googlemail (Gmail) to an incredulous public exactly ten years ago on 1st April 2004.

Many thought it was an April Fools joke, so distracted they were that Google could truly be offering a totally free email hosting service with the then-ridiculously huge quota of 1 gigabyte of free storage. Until then, you were lucky to get 4 megabyte.

Most people were so smitten and keen to sign up, they either didn’t read the conditions, or blithely accepted the fact that Google was making a trade, demanding in return to read every word of every email they wrote, analyse these contents, and use those words to build a unique database, all about them. By then siphoning up the user’s address book, it could also see with whom they associate, helping colour in the identity picture.

Given the current user base of Gmail users – over 400 million two years ago alone – we can see just how successful was Google’s April Fool gambit; and simultaneously how little people seem to care about their personal privacy.

But reading your email is only where the privacy-destroying fun begins. As you then surf the web, a unique user ID is generated for anyone that stumbles upon a Google-connected web property. This is stored in a cookie on each computer and device you use. And alongside cookies are other ways to uniquely track you – invisible pixels on the web page hosted by a third party, crafty JavaScript tricks, Google Fonts, browser fingerprinting and more.

Given the near-universal use by webmasters of either Google Analytics, AdSense, AdWords or DoubleClick across the world-wide web – all these run by Google – your surfing history is essentially logged from almost every single webpage you visit, from site to site to site. Where you visited, how long you spent on each page, which links you clicked.

Google Search – where it all started

When you make a search on Google’s search page, your query is recorded against your unique ID. Everything from ‘best restaurant in Camden’ to ‘mole skin cancer?’ to ‘new sex positions’ to ‘[high-school sweetheart name]’ gets logged for you.

Up to this point, it may be categorised as ‘anonymised data’ since your real name and identity are not yet attached to this profile.

Only now, since you’ve already given Google your personal details to open a Gmail account, it now knows exactly the ‘who’ of who visited that site, attaching your browsing UUID cookie to you, personally. In manifold ways, just starting with your current IP address, it can then build up the more complete picture of where you live, where you work, your working habits, your sleeping habits... even though you never expressly told Google any of these details. This is advertising dynamite, enabling it to laser-guide lucrative behavioural advertising from its customers more directly at you, its product.

For users of Google Android mobile devices, the issue of avoiding Google’s all-seeing eye is next to impossible. Besides everything else, it knows to within 10 metres where you were when you made that search, looked at the webpage, and took that photo.

Especially now, what Gmail users give willingly for free with their consent is literally worth a fortune to Google. Google’s revenue, predominantly creamed from brokering advertising, was around $13 billion last year.

Like prostitution in this country, the whoring of your personal data to a data collection agency like Google is not illegal. But the end user needs to opt in to allow being tracked so effectively like this, and Google does explain in neutral legalese language in its Terms and Conditions and Privacy Policy that it will record all that you do online when you first sign up; and, since March 2012, it will collate all the data on you from all its many varied services, to sharpen further its focus on you.

He who pays the piper

So what happens when you pay for services on the internet? Now you’re the paying customer, you’re the data boss! Well not exactly.

As well as ‘free’ services, there are also ‘remarkably cheap’ ones, hardware products too, still requiring a cash payment but considerably cheaper than that for which what the competition are selling theirs. Examples of this include Google-sponsored smartphones like the LG Google Nexus 5 (‘the best value smartphone you can buy’) and tablets like the Asus Google Nexus 7 (‘the best 7in tablet available to buy in the UK’).

Returning to Google’s core inducements through online services, there is also Google Apps for Business. This Google package provides a neatly unified portfolio of Gmail hosting, and collaborative Google Docs and Google Calendar, for businesses and their staff to manage all their online communications and data. But since the unified Privacy Policy of March 2012, each end user is also required to agree to Google’s exact same terms, to being pathologically tracked, their data harvested, sliced and diced and then used to sell you as a product.

We can expect our company-time email and surfing history to be monitored by our employer. But what about by another company entirely whose goal is to make money by abusing your privacy?

The final insult

Distilling so much of our life into deeply insightful databases became an all too tempting treasure trove for those that would wish to surveil the population en-masse. That temptation has proved too much for the UK and US governments who now skim Google’s servers either by gagged side-door requests through the Prism program; or simply tapping all its users’ data in transit (Tempora, and specifically for Yahoo! and Google users, the UK-hosted Muscular program run by GCHQ).

It’s not only Google that knows more about you than you probably do yourself. So does the British government.

Thankfully, being tracked by Google is mostly a matter of your own choice. No-one can force you agree to Google’s terms.

Download your FREE issue of Android Advisor, the brand new monthly digital magazine dedicated to everything Android.