"If you don't want this data used to improve Google's machine learning models, you can opt out by following the steps in Set up Gemini Code Assist for individuals."
and then the link: https://developers.google.com/gemini-code-assist/docs/set-up...
If you pay for code assist, no data is used to improve. If you use a Gemini API key on a pay as you go account instead, it doesn't get used to improve. It's just if you're using a non-paid, consumer account and you didn't opt out.
That seems different than what you described.
It's even more nuanced than that.
Google recently testified in court that they still train on user data after users opt out from training [1]. The loophole is that the opt-out only applies to one organization within Google, but other organizations are still free to train on the data. They may or may not have cleaned up their act given that they're under active investigation, but their recent actions haven't exactly earned them the benefit of the doubt on this topic.
[1] https://www.business-standard.com/technology/tech-news/googl...
https://support.google.com/accounts/answer/10549751
That said, once your data is inside an LLM, you can't really unscramble the omelette.
If the data is sent by a user to sub-unit X of Google, and X promised not to use it for training, it implies that X can share this data with sub-unit Y only if Y also commits not to use the data for training. Breaking this rule would get everyone in huge trouble.
OTOH, when sub-unit X said "We promise not to use data from the public website if the website owner asks us not to", it does not imply another sub-unit Y must follow that commitment.
We need open infrastructure and models.
When I click 'OPT OUT' I mean, 'don't use my data, show me how you're respecting my privacy'
"You can find the Gemini Code Assist for individuals privacy notice and settings in two ways:
- VS Code - IntelliJ "
https://github.com/google-gemini/gemini-cli/tree/main
If you scroll to the bottom, it says that the terms of service are governed based on the mechanism by which you access Gemini. If you access via code assist (which the OP posted), you abide by those privacy terms of code assist, one of the ways of which you access is VScode. If you access via the Gemini API, then those terms apply.
So the gemini CLI (as I understand it) doesn't have their own privacy terms, because it's an open source shell on top of another Gemini system, which could have one of a few different privacy policies based on how you choose to use it and your account settings.
(Note: I work for google, but not on this, this is just my plain reading of the documentation)
I guess the key question is whether the Gemini CLI, when used with a personal Google account, is governed by the broader Gemini Apps privacy settings here? https://myactivity.google.com/product/gemini?pli=1
If so, it appears it can be turned off. However, my CLI activity isn't showing up there?
Can someone from Google clarify?
When you look at the github repo for the gemini CLI:
https://github.com/google-gemini/gemini-cli/tree/main
At the bottom it specifies that the terms of service are dependent on the underlying mechanism that the user chooses to use to fulfill the requests. You can use code assist, gemini API, or Vertex AI. My layperson's perspective is that it's positioned as a wrapper around another service, whose terms you already have accepted/enabled. I would imagine that is separate from the Gemini app, the settings for which you linked to.
Looking at my own settings, my searches on the gemini app appear, but none of my gemini API queries appear.
This depends entirely on the type of auth method you use.
Auth method 1: Yes. When you use your personal Google account, the Gemini Code Assist Privacy Notice for Individuals applies. Under this notice, your prompts, answers, and related code are collected and may be used to improve Google's products, which includes model training."
Off-topic, but I wish this kind of plain language doc existed for Google One vs Google Workspace as well.
Well... you are sending your data to a remote location that is not yours.
EDIT: Lmao, case in point, two sibling comments pointing out that Google does indeed do this anyway via some loophole; also they can just retain the data and change the policy unilaterally in the future.
If you want privacy do it local with Free software.