“It’s the Privacy, Stupid!”
Maybe the name, “1984″, was 25 years too early…?
Maybe George Orwell did so intentionally…?
I was reading a devoted Google employee’s blog article recently, attempting to discredit the organization, Privacy International, which ranked Google as having the worst privacy policies of any of the companies it studied… Apparently, in an attempt to defend Google.
It’s easy to get lost in all the details… and all the specifics of some supposed incident that may or may not have happened…
Privacy is the issue.
Google is not a search engine anymore.
eBay is not an auction site anymore.
Microsoft is not a software publisher anymore.
A CHALLENGE FOR YOU:
Just TRY living without using any of the tools and services of these three Big Brother-like companies. Can you do it?
CHALLENGE #2 FOR YOU:
Try simply making a list of all of the companies and services owned by each of the Big Three Big Brother companies…
If a list could even be compiled… I know it would be shocking! They seem to own everything!
I think that a couple of the comments on that blog item really hit the nail on the head, when the readers said things like this…
~~~~~~~~
“Google collects a mind boggling amount of personal and corporate data. You folks collect it with the Google Toolbar, AdWords, AdSense, Google Analytics, Blogger, Google Maps, Google Reader, Gmail, YouTube and now Doubble Click and FeedBurner… WOW! – (Yikes)
Some people may think it’s too much information.
I like Google and the people running the show right now. However… Things change. Things might be very different 10 years from now.”
— Hawaii SEO
~~~and~~~
“I am a Google supporter in many ways, including collecting AdSense publisher’s checks, so I am not inclinded to bite the hand that feeds me arbitrarily.
But I didwork for the US governement for many years, mainly on projects at a high level of classification .. I know quite a bit about security, at a level above the “ones and zeros” and what characters should be in a password.
Over the years a number of significant security breeches have aoccurred simply becuase too much data is stored, all secured by best practices, on specific programs or issues. Suddenly (and you’ve all read articles in major media, sometimes without even knowing that the articles actually revealed classified information) a reporter or other interested party takes info from one source, and then another and “click” the puzzle peices fit together. Happens all the time and will continue to happen.
Google collects massive amounts of data … far, far beyond what any ISP or even Google competitor collects and I would submit, Matt, that there is not enough long range planning and oversight. Google’s corporate focus on security, given that Google is run by “computer experts” is focused on “computer-related security” … not upon the mountain of information the computer-level security is keeping private.
Just the one widely publicized agreement about anonymizing query logs after _18_ months points this up. It’s “your” data and “you” are going to hang onto it as long as it possibly an be milked. But think through what possible use millions and millions of 18 month-old queries can be .. still identified personally to the individual’s IP. It makes no sense, and creates a massive pool of data that could, by virtue of something as simple as an AOL “Ooops” be released. If the identifiable data wasn’t there in the first place … it couldn’t be released.
That’s why in the classified documents world “the shredder is our friend” … what is no longer there can’t possibly go missing.”
— Dave Starr — ROI Guy
~~~and~~~
“If Google is serious about privacy protection and wants to clearly state so: European Commission just started a project to establish a European privacy protection quality certification. Information at https://www.datenschutzzentrum.de/europrise/ “
— Markus
~~~and~~~
“I agree with Hawaii SEO. Your policies might be good when compared to others, but since you guys collect the largest amount of information, you are still my greatest concern. And yeah, I see new ways for Google to find out new personal data of mine without my permission with many of your announcements and I don’t like it at all (DoubleClick, FeedBurner, StreetView).
The fact that you were keeping the search history for my account without asking me (I had to go deactivate it but many don’t even know about it) really pisses me off.
So yeah, I’m glad Privacy International said something about it, even if they took it too far, and I’m glad that the European Union is doing something about this.
You might not be able to sleep at night because thoughts of protecting my privacy run amok in your head, but you’re still using the data you collect from the 8-9 Google services that I’m using. And yeah, I know I can stop using them. Believe me, I’m trying to find better alternatives.
I agree with Hawaii SEO on another thing also (guess I should become a subscriber now), that a lot of things can change in the next 10 years. I can already see your image very slowly changing from the favorite child of the web image to the evil spawn status that Microsoft has already achieved. It starts first with the webmasters that come in contact with you guys all the time, and just as Firefox managed to get a huge chunk of the market with the help of the webmasters that promoted it, so can other search engines if you manage to piss off the geeks like Microsoft did.”
— Alexandru
~~~and~~~
“1. As has been pointed out at places like SMX, logging out of Web History (and even the mechanics of it) are practically hidden in a ‘cold’ part of the page.
2. Google collects a LOT of data, anonymized or not, as prior poster claims.
3. There isn’t a way for a user to review their own file and correct it, or get it removed. This used to, I seem to recall, be required in the EUDPD, although I’ve been playing US-only privacy games for several years.
4. Again as previously noted: Current corporate policy has been acceptable, in so far as Joe User knows about it, to date. But you’re a US company. You’re public. You’re subject to a lot of external forces. Those external forces include socio-political stuff, and can involve the FBI, CIA, NSA, etc. Things change, and can change quickly. It’s a risk.
I think Americans, as a whole, are far too complacent about personal data. Once released, it’s very hard to put back in a cage in a dark, private basement. Google data is a huge and behaviorally-oriented example of this, and that data in the wrong hands really could be pretty deadly.”
— Julie VanMersbergen
~~~and~~~
“There are serious issues here and making the case that Google is better because it didn’t loose any data last year is admission of guilt by association. What is called for is a point-by-point address the concerns and avoid the knee jerk reaction to point a finger at the competition.
The only one Google should be concerned about in this case is Google. “
— Brett Tabke
~~~and~~~
“I’m not sure how much you accomplish by trying to address a systematic problem with a couple of one-off examples. Through consolidation of the platform, Google has a strategic data trove that would make the NSA jealous.
Like it or not, Google is in its own ballpark here. Never before has a private organization had such comprehensive data about a large demographic, and with that comes new risks. Google can’t cheaply explain away its flaws by comparing itself to AOL.
While the PI report leaves a lot to be desired, I do look forward to seeing the full report. The more hard facts we can get about Google’s stance toward privacy, the better. While Google may appear to be the friendly neighbor, it is really a huge, intensely secretive public company in the consumer data business. Google is the surveillance camera we’ve all invited into our house.”
— Robert
~~~and~~~
“Google is a leader in the market and as such should be a leader in privacy. What you are doing now is not enouth.
Then, there’s this Danny Sulivan quote:
“I think Google’s problem is that it far too much believes its “Don’t Be Evil” philosophy without realizing it’s a big company that people simply aren’t going to trust. In the years I’ve dealt with Google, the culture is one of “we’d never be bad.” That should change to one of “how might we be bad, and how do we prevent it.” Google should assume the worst about itself, not the best.”
Please, I can’t stress enough how that paragraph is important. And it looks like Eric Schmidt don’t understand it. Be sure to put that paragraph on the Google Intranet, on the walls, on your email signature, everywhere. And be sure that all Google employers (specially management) read it 10, 20 times so that they really understand it.
But, let’s take an example of how privacy could be improved:
1) Instead of anonymizing user logs after 18-24 month, delete it. Yes, that’s it. Delete it. Why not?
2) Substitute all those service privacy policies by something such as Redhat one-page SLA.
3) You have mentioned that ISPs can spy on user queries. Well, do you know what? That’s is also a Google problem. When I try to access httpS://www.google.com it redirects me to httP://www.google.com. Amazing. no?
4) I don’t know exactly what information is beeing collected. For exemple, is my browser Useragent info beeing collected? You know, there’s a lot of toolbars out there that append theirs versions to the browser Useragent string. So, If I am the only one using a specific combination of toolbars in a city, it is like a permanent cookie – it doesn’t matter if I change my IP. Imagine people seeking by Useragents (with toolbars versions appended) on that AOL leaked data!
5) And so on, and so on…”
— Robert
~~~and~~~
“Google does indeed collect a staggering heap of personal data, which leads me to…
the fact that you have much-publicized fights with the US government (but give in to China?) does nothing to address the fact that Google itself has the data. What guarantees Google’s use of that data?
I would encourage everyone (especially those of us signed up for Google services like Gmail, Picasa, Checkout, etc.) to think about something for a long moment. Besides the government, who collects more data about us than Google?
That’s half the point Privacy International is making in their report. For the loyal Google users, you have our buying habits, surfing habits, what ads work on us, our email, spreadsheets, written documents, credit cards, address, phone numbers, photos, notes, calendars, and more.
Google is a business and there are always pressures to find new revenue streams. If you want to prove you value our privacy, give us the ability to encrypt our data, show how you WILL NOT use our data to market us or leverage your giant databases against us.
It is not enough to protect us from the government; show us how you will protect our data from Google Inc.”
— Bill Weaver
~~~and~~~
“Google is the market leader, so it should lead also when it comes to privacy issues. In my view, Google has a responsability not to become a universal database of personal information, because they eventually will start to use it for their own good and not just to make the search results more accurate.”
— Carfeu
~~~and~~~
“There are huge issues at stake here, and with reports like this, we tend to focus on the sexy well known items like search query logging. Those are kiddie issues that the general web public can understand. However, there are serious deeper issues such as toolbar data, gmail data, and docs data, that are a wild cards that remain unopened and undressed satisfactorily by Google.”
— Brett Tabke
~~~and~~~
“Has anyone read this article?
Google’s goal: to organise your daily life
http://www.ft.com/cms/s/c3e49548-088e-11dc-b11e-000b5df10621.html
Here is a quote:
—————
Eric Schmidt, Google’s chief executive, said gathering more personal data was a key way for Google to expand and the company believes that is the logical extension of its stated mission to organise the world’s information.
Asked how Google might look in five years’ time, Mr Schmidt said: “We are very early in the total information we have within Google. The algorithms will get better and we will get better at personalisation.
“The goal is to enable Google users to be able to ask the question such as ‘What shall I do tomorrow?’ and ‘What job shall I take?’”
—————
How do you get to that level without amassing large amounts of personal information?? Or as Eric Schmidt called it – “Total Information”?”
— Jess
~~~and~~~
“I think you are missing the most important points of the study.
1. Google collects tons of information that most people (if they understood what it could be used for) would not want tracked.
2. Google keeps it for way too long. Anonymous or not. AOLs data was “anonymous” and they also thought it was “safe”.
3. Google collects data from more people than any other group on the internet.
In my mind these three points do make Google the biggest threat to privacy on the web. Detailed information, from lots of people, over a long period of time is a recipe for a privacy disaster. You think because you are “good” and “not like the other guys” that it is not going to happen. But only externally controllable checks and balances can truly preserve privacy.
Sure the other guys are bad also, the PI report underscored that, but Google is the biggest player and therefore the biggest danger. With greater power comes greater responsibility. Google should be proud of that and carry that title with dignity and respect to those who gave you that power. Otherwise an arrogant attitude will keep it as an enemy to privacy whether you recognize it or not.”
— Lee
~~~and~~~
“The AOL leaked data is still floating around the web – once data is leaked it just never really disappears. The overall fear may be – what happens if the amount of information that google collects ends up being leaked, especially with gmail and the like.”
— Jen Harris
~~~and~~~
“Google, having the gigantic amounts of data it has, needs to clearly state how they use it. Do you mix search query data with gmail data? I don’t want to have to worry about that, there’s should be a easy to read policy that states it clearly.”
— Emil Stenstrom
~~~and~~~
“Educate people about the internet, the sensitivity of information, how to use it, or how not to.
I see children using the internet without knowing the dangers, placing sensitive information on the net that might be used against them in the future.
The same way i see adults use the internet without even thinking about the possibility the information provided could get back on them.
The net is relatively new to large groups of people that now start to think about privacy issues they should have thought about early on.
Educate them, let them know what happens with or could happen with data gathered, if it was data gathered from programmas like gmail, analytics or data they provided themselves.
Education will take the fear away and make aware.”
— Tonnie
~~~and~~~
““Customers have a right to amend personal details held by Google but does not allow search history to be removed.”
That’s not fair, you do not allow removing. However, you should not start collecting it without user’s permition. This was really bad and controversial.”
— Itman
~~~and~~~
“You may disagree with Privacy International, but what you need to face is that Google worries a lot of people, and this won’t go away – if anything it is increasing. Is it rational? Who knows – on the one hand one can believe Google has a “do no evil” culture – on the other, the commercial temptations are potentially overwhelming.
Personally I’m glad the EU is looking into this, because to be honest the US’s laws on data protection for individuals are too lax.”
— Alan P
~~~and~~~
“Google not only collects every scrap of data, but uses it. Extensively. You are experts in data mining. I open my gmail and you give me an ad about something I only told my close friend about in an email. You might even conceivably follow my tracks as I research a topic and deliver an ad to me that’s in my head and I didn’t even tell anyone about. No other company in the history of time was that efficient. It’s the kind of thing George Orwell could have written in 1948 (and did). And it’s scary to people.
The fear comes from knowing that if you wanted to use it for evil purposes, you would be good at it. The ISPs just don’t have that know how.
And as Hawaiin SEO said, today Matt Cutts might hold the data, but one day someone else will and that day might be scary indeed.”
— GilbertZ
~~~and~~~
“who in Google asked anyone if they’d like their house photographed and potentially viewed by millions? it IS an ethical question that i dont think we really have an answer to yet.
i for one would feel a bit creeped out if my house appeared on Streetview. overhead sat is fine. but streetview of my house is , i dunno, going a bit *too* far”
— justinf
~~~and~~~
“Google can’t just delete the data it has collected on users. The data is used for many purposes, such as enhancing the user experience, and protection from fraud. In fact, because Google collects all this data, it is able to provide an improved user experience over time, as it “learns” users’ habits. Users thus implicitly approve of Google’s collection and usage of this data, in order to have a better user experience.
While there are certainly concerns about how Google might use this data, a greater concern is what might happen if the data falls into unscrupulous hands. The AOL debacle taught us a sharp lesson about what might happen if personally identifiable data is accidentally disclosed. So any concerns about the means Google takes to protect against the disclosure of user data are well-justified, IMO.”
— CPCcurmudgeon
~~~and~~~
“googles aim is to index the entirity of human knowledge and make it searchable.
so how come i cannot find a newspaper from 1861 in new york, and read it in its entirity ( a resource that would be invaluable to millions of history and genealogy students). and yet i know where Paris Hilton lives?
http://googlesightseeing.com/2007/06/08/paris-hiltons-prison-cell/
somethings not right with Google right now. you should focus on knowledge. get those old books and newspapers digitised. please dont streetview my home.”
— justinf
~~~and~~~
“A short look at Google’s new Street View feature in Google maps shows, that Google doesn’t care about people’s privacy no matter whether they are Google users or not.
Google’s main goal is to make all information available. That may sound nice when you first hear it but what’s next?”
— SEO Expert Blog
~~~and~~~
“I think this whole issue is only going to heat up more as people begin to contemplate the ways that data from initiatives like personalised search and webmaster tools can potentially be misused.
Is there some way / any way that the data can be completely anonymized from the word go and still make it useful enough that Google can use it for the good initiatives? I strongly doubt it – any data that can be used to personalize search is, I guess, by definition, going to be able to be inverted and used for privacy infringement.
I guess it all comes down to the basic problem – litigation. People admire Google for taking a strong stance against the legal decision that you mentioned above – but I guess what worries people ‘in the know’ is this – “What if Google didn’t win the case?” – this brings up some very orwellian questions.
So – staying with Orwell – I think that amongt the general popl’n people do trust Google – I don’t think people perceive Google to be Big Brother, and the legal stance Google has taken in the past to protect user’s data is something that has added to that trust. What people are generally really worried about is ‘the authorities’ – eg, government, the legal system etc.
This feeling is even prevalent in the US – imagine how much more worried you’d be if you’re from a country that doesn’t have the kind of free speech protection that the US offers – I know it’s all fairly academic given that local ISP’s hold the information too, but it could be worth considering if Google can take it a few steps further..
For example – would it be possible for google to store all unique identifying information in an encrypted form on local DC’s and host the encryption keys on servers off-shore? So, if you get a domestic legal decision that compels Google to offer up private information, Google can essentially offer up the encrypted version only – if the authorities want data they can use, they also need to go to prosecute (and win) a case in an off-shore jurisdiction. Perhaps buying a small pacific island nation could work? 
But then I guess that would come down to another argument – whether data hosted off-shore is protected by the off-shore privacy laws… it’s a difficult one.”
— dockarl
~~~and~~~
“I don’t give a rat’s ass about PI’s report or Google’s response to it. What I do care about is the actual issue behind the story.
I also do not believe that the data you collect on me has improved my user experience. “
— Kirby
~~~and~~~
“For those that think they know about privacy but have never heard of PI here are a couple of facts:
Google: created in 1998
PI: Created in 1990
PI is not some Johnny-come-lately organisation that is looking for publicity. If some of you haven’t heard of it before then I would suggest a bit of research before gobbing off in public.”
— Not-a-Fan-Boy
~~~and~~~
“I am suprised with an article about privacy, have only found 3 references to googles situation with helping keep the wool of the eyes of the china population.
Do posts about china and google not get posted ?
I have seen many examples of google doing bizarre things latly, to name a few, google videos placement and top 100 rigging, removing pages from the google index.
To see this going on and the disgusting behaviour google has adopted with china, is frankly doing this company more harm than good.”
— Tom Taylor
~~~and~~~
“The privacy concerns that many might have regarding Google come not from third parties issues but first party issues – i.e. Google itself. When I think of how many Google services I use I do have to wonder just how much info you guys collect on me. My guess is lots. While I trust you guys now, how can I be sure that will always be the case?”
— Richard Hearne
~~~and~~~
“I have a rather modest first step that Google (and other engines) could undertake to help users address the ISP issue which you point out:
Default to (or at least allow) SSL encryption so we can prevent thirds parties from harvesting our queries and SERP pages.
This is a small first step, not a solution by any stretch of the imagination, but at least it limits the opportunity to associate queries with specific users and assists those who want to increase their privacy via the browser. It should also be fairly easy to accomplish and perhaps lay the foundation for the next step.”
— Jonah Stein
~~~and~~~
“Sometime in October 2006 I checked my web search history for the first time in Google… and was surprised how far back the data went. Clearly Google had been collecting all this information (and God knows how much more) about my surfing behavior and I was clueless that this was being done. I am sure I must have signed some user agreement when I downloaded one of your innumerable tools – but I never “knew” this was the extent to which my behavior was available for somebody out there.
As for the argument that leaks of private information have occurred in other engines but not (yet) on Google, I worry even more about my privacy on Google now. To me it seems that it is only a matter of time before something similar (or God forbid, worse) will happen at Google – it’s the classic Black Swan issue which Taleb has explained in his two books recently.
All in all, irrespective of the PI report, since Oct ‘06 I have been and continue to remain worried about the privacy of my data on Google’s servers.
Disclaimer: I am a techie layman – so I do not understand the technicalities on this issue. All I know is that I am worried. And there are other people like me out there who are worried too”
— Dilip
~~~and~~~
“Why doesn’t Google quickly regain the highground by simply letting users delete ALL of their historical data when ever they want?
Sure some will clean it out several times a day for a time 
but its highly likely most will never ever bother.
If their tailored results are worse so be – after all its their choice and it is their data.”
— gpmgroup
~~~and~~~
“Google, because of what it is and could possibly become, has the most imperative responsibility to handle it’s data in the most critically safe way it can invent. Yes, invent, just like the rest of what you guys have done in your business, it’s up to you to come with the new way to deal with that data; and with that, a new way to handle your richest asset, the users from which the data comes.”
— Michael
~~~and~~~
“I’m a battle weary privacy activist of some 10+ years. Pretty much seen it all.
There’s no denying it Google wants to monitor, track and tag us everywhere we turn.
That being said I also love Google for the services that it brings to my life, and the convenience that it has given me. For that I must be thankful.
And these days being a privacy activist I have a little message for all the whiners who say that our privacy is being eroded and stolen from us by Big Corp.X… stop pointing the finger outside yourself and start looking at the information you have chosen to give away to individuals, corporations and governments.
Then wake up, and start protecting your privacy… yourself.
I can use privacy protection services that leave Google blind as to what I am doing online.
So quit whining people, and start taking responsibility for your own privacy instead of demanding that CorpX, GovtX, CitizenX does it for you instead.
Learn how to keep your own life private. Privacy is vital in a free society. Privacy is one the bedrocks of our democracy. But only YOU can be private. Corporations have only one thing at heart. Their own self interest. Same as you. So stop being hypocrites and take responsibility for your own privacy. If others choose not to – tough!
And for the person that said “no-one has ever heard of Privacy International”, then you obviously don’t know anything about the privacy marketplace! They’re a grand-daddy fool.”
— Josiah Severn
~~~and~~~
“an article in el reg today talks about Google’s recent implementation of ‘Street View’, where an individual was trying to get their identify removed from the site. Here’s the URL and what was said:
http://www.theregister.co.uk/2007/06/13/google_grills_privacy_buff/
“Bankston wasn’t amused, so he decided to take Google up on its pledge to remove “inappropriate” street views. In response, Google, sent Bankston an email that reads like an FBI affidavit.
Among other things it requires him to furnish his legal name, email address, a clear and readable copy of his driver’s license or other legal ID and a sworn statement affirming all the information in his complaint is true and correct.
“We will temporarily remove the Street View image pending receipt of your ID verification,” the email states. “If we have not received a copy of your photo ID within 5 days, then we will restore the panorama back to Street View.”
Says Bankston: “It’s utterly insane that to get Google to stop publishing information about you, you have to give them more information.” ®”
Whilst on its own, I admire Google’s commitment to respecting a users privacy, it does concern me that, as the article comments, to _secure_ your privacy, you actually have to _disclose_further_information_ to google. Surely that’s an oxymoron?”
— Christopher Buckley
~~~and~~~
“why i agree with Privacy International
to put it most simply, a cookie that ends when?
use scroogle.org folks, google search with no cookies, and screw google apps/email etc – you want me to put all my data where? thanks, i’m quite happy with keeping it locally and dealing with whatever problems that entails so that I can actually keep track of MY data.
but google isn’t evil, really, they jsut want to know EVERY last thing about you, but only to help….”
— “me”
~~~and~~~
“This is definitely a thorny issue. After reading most of the recent Google patent disclosures I can understand why there are negative comments about Google’s use of personal information and search histories.
Not only does Google track user’s search preferences and actual searches, but now with the advent of Analytics, Google has access to your web traffic logs. This information used to be considered proprietary by most webmasters and never ever shared.
I understand Google’s philosophy of do no harm, but at what point is gathering information for fine-tuning an algorithm to return on-topic items and the effort to personalize search going to step on users privacy. Personally, I think that line has been crossed already.
I have uninstalled the Google Toolbar and do not recommend the installation of Analytics when other tools are readily available. However I do use the personalized search feature and Google’s personal home page for feeds. So I myself am feeding some of this behemoths hunger for user information myself.
As long as Google is king on the Internet, as it is, they will be fighting these fights on privacy. Based on the patents and new technology advances, more and more personal information will be gathered. But it will be a benefit to the user and then in turn used by Google under the guise of providing “value to the user experience” to serve ads and make more money.”
— Nancy McCord
~~~and~~~
“I agree ISPs should have also been included, specifically AT&T who allowed the NSA to tap into their pipes and conduct widescale surveillance without warrant.
http://www.pbs.org/wgbh/pages/frontline/homefront/view/ “
— Nick
~~~and~~~
“Just thought this link http://www.newscientist.com/blog/technology/2007/06/we-know-who-you-are.html to an article about MS’s new plans might add some weight to your argument “
— webecho
~~~~~~~~~
Very interesting reading.
Privacy is the issue.
Google is not a search engine anymore.
eBay is not an auction site anymore.
Microsoft is not a software publisher anymore.
A CHALLENGE FOR YOU:
Just TRY living without using any of the tools and services of these three Big Brother-like companies. Can you do it?
CHALLENGE #2 FOR YOU:
Try simply making a list of all of the companies and services owned by each of the Big Three Big Brother companies…
If a list could even be compiled… I know it would be shocking! They seem to own everything!
~
Bruce Wagner
Click here to watch: The Bruce Wagner Show
~
