May 30, 2003
Are Google Privacy Policies OK?
My beloved Google is up to being heavily criticized by privacy interest groups unless it can make sun shine again on the heavy clouds of doubts that are hovering its privacy policy approach and methods of utilizing individual search data that should be indeed owned by each individual.
Maybe I finally get to have an answer to a question that has been bugging me for a long time: Why search engines do not sell access to their data?
In my article "Search Engines Should Sell Access To Their Traffic Data" I had not engaged myself in considering the privacy implications of collecting all that data especially when Goggle does this by going a bit beyond what you and me have been thinking all along.
Here is a little mind opener, thanks to excellent technology investigator and communication agent Daniel Brandt at GoogleWatch:
Question: What would be the fastest, most efficient, and most revealing approach to data mining the Internet?
Answer: Pay Google for a back-door feed on who's searching for what.
Question: Has Google ever, in their entire existence, issued any sort of statement suggesting that their sense of public responsibility would preclude being used in this way, or that the information they collect would never be sold for a price?
Answer: Not convincingly.*
Question: If Google decided to sell out, could they be held liable for privacy violations? Would we even find out about it?
Answer: No. The Homeland Security Act exempts companies from lawsuits or government prosecution after they turn over information to the new agency. Such information is exempt from the Freedom of Information Act. Officials who release this information can get up to six months in prison and a $5,000 fine.
Here some interesting quotes:
"Mr. Poindexter is pursuing a scheme he thought up right after 9/11 and then sold to the Bush administration. Total Information Awareness, or T.I.A., aims to use the vast networking powers of the computer to 'mine' huge amounts of information about people and thus help investigative agencies identify potential terrorists and anticipate terrorist activities. All the transactions of everyday life -- credit card purchases, travel and telephone records, even Internet traffic like e-mail -- would be grist for the electronic mill." -- New York Times editorial, 18 November 2002
"Google currently does not allow outsiders to gain access to raw data because of privacy concerns. Searches are logged by time of day, originating I.P. address (information that can be used to link searches to a specific computer), and the sites on which the user clicked. People tell things to search engines that they would never talk about publicly -- Viagra, pregnancy scares, fraud, face lifts. What is interesting in the aggregate can seem an invasion of privacy if narrowed to an individual.
"So, does Google ever get subpoenas for its information? 'Google does not comment on the details of legal matters involving Google,' Mr. Brin responded." -- New York Times, 28 November 2002
April 2002: In the Name of Homeland Security, Telecom Firms Are Deluged With Subpoenas (Miles Benson) Law enforcement officials have begun to press sources to deliver information without a formal subpoena.
Find out more about Google privacy issues at Google-watch.org.
Daniel Brandt President of Public Information Research and master investigator of Google privacy issues analyzes in detail also the issue of tracking adopted by Google through the use of its unique cookies.
Read what Mr Brandt has to say in an open letter to the king of search engines:
"The fact that Google has (at least until recently) tried to remain ad-free, suggests that its interest in tracking is not commercial. One might infer from this that your tracking policies are even more intimidating that those of portal-like sites that use cookies for ad-serving purposes.
Here are my objections to Google's use of cookies:
1) Google has inadequate justification for planting a cookie that expires in 2038 on every user, and also recording that user's search terms, IP number, and time-date. If Google needs cookie-tracking feedback for software design and improvement purposes, you could offer an incentive to accept a cookie for browser configuration convenience, and clearly explain the consequences of "opting in" with such a cookie.
2) Even given an "opt in" situation for a cookie, there is no justification for an expiration date of 2038. Google could use session cookies, or if this is not satisfactory, it would be easy to constantly reset the cookie with a 30-day expiration date. That way, if a user didn't frequent Google at least once a month, their cookie would expire. There is no excuse for your near-immortal cookies. Mr. Jason Catlett of Junkbusters asked Larry Page about this 15 months ago, with respect to the toolbar, and he did not get a straight answer from Mr. Page about the reason for these cookies.
3) Your privacy policy claims that you do not collect identifiable information from the user. However, many users now have static IP numbers. New laws passed by Congress last year give authorities the right to obtain the information in Google's possession, apparently without a showing of probable cause, just as they now have the right to obtain logging information from Internet service providers. With the new Patriot Act, the use of the GET instead of the POST method for Google searching makes your case even weaker, as the authorities can claim that the search terms are part of the URL, and that they get logged with the URL in normal httpd logging. Therefore they may fall under the definition of "routing and addressing" information that is subject to "tap and trace device" scrutiny. Judges are required to approve orders for such scrutiny without a showing of probable cause.
The fact that you record unique cookie ID, plus IP number, plus date and time, makes much of your information "identifiable." Authorities can also do a "sneak and peek" search of a Google user's hard drive when he isn't home, retrieve a Google cookie ID, and then get a keyword search history from you for this ID."
Read more of this very interesting story at:
Google Privacy Policies
Recommended reading.
Conversation Tags:
Many of these complaints regarding Google's "invasion of privacy" are overblown. Every time you access a page in the internet (ANY PAGE ON THE INTERNET!!!!) the people in charge of the webspace can have at their disposal (if they wish) your IP number, the day and time you accessed their page, the browser you are using, the page you just came from, and other statistics. The nature of the internet inherently lacks privacy. Anyone can sit in front of a computer screen log onto a bank site like Wells Fargo and experiment with account numbers and passwords until they get a match. Does this scare you? If you have serious issues with privacy, maybe you should avoid using the internet altogether.
Personally, when I looked over at the ads in my Gmail account, I did get freaked out a little bit but I got over it in a second. Gmail is a free service. Nobody is putting a gun to your head and saying "Use Google's Email service!" There are plenty of other email services available (Hotmail, Yahoo) that do not scan your emails for advertisements.
You can try to "stop Google" from collecting your data as Sepp above is trying to do by limiting time limit for cookies. This isn't going to accomplish anything. As I explained above, every time you click on a link someone out there is able to see where you're going, when your doing it, where you just came from, etc.
The problem is not just Google, everyone including websites like Amazon.com are looking at your clicks. Every time I shop Amazon.com after I click on a few movies I get "suggested" movies that are similar to the ones that I just clicked on off to the side, not too different from what Google is doing with Gmail.
The problem with Gmail is that some of the information being passed via email can be sensitive in nature and I can see where people might have issues with that. All I can say is: get over it.
Giggi,
there it is, all on your site. The German said that a good way to stop Google from collecting your data would be to limit their ability to set cookies on your computer. (they are long time cookies, valid until 2038 - 25 years!
He said Mozilla allows you to exclude specific domains from setting cookies.
Netscape allows to set a maximum time limit for cookies to be accepted. I have set the limit to one day validity.
Sepp
Subscribe to the Professional Online Publishers' Newsletter
Recent Articles
July 2, 2008
The Future And What It Holds: Howard Rheingold Video Interview - Frontiers Of Interaction IV
I shot the video interview that follows for the Frontiers of Interaction conference which took place yesterday in Turin, Italy. Superbly organized by Leandro Agrò and Matteo Penzo, the sold out event brought together high prestige names like sci-fi writer and visionary Bruce Sterling, Elizabeth Churchill... read more
May 24, 2008
Spam Checking Tools And Tips To Avoid Your Newsletter Being Filtered, Blacklisted Or Marked As Spam
Sending out newsletters and having them delivered reliably to your list of subscribers has become a greater challenge than I would have ever thought. Problem is, if you don't devote yourself to it, everything is set for your newsletter to run into trouble. To not run... read more
May 18, 2008
Making Sense Of New Technologies And Media: An Opinionated Digest by George Siemens - May. 18 08
"Media literacy" is increasingly the keyword to which I attribute the greatest importance when it comes to become effective trainers, online communicators as well as effective and successful entrepreneurs of yourselves. Understanding, to the very root, what communication means, how we do it, what reality and... read more
February 19, 2008
Edit And Remove Text Chat Messages In Skype
Did you know that in a live Skype text chat session you can actually remove or even edit messages you have ALREADY SENT to some of your contacts? Don't believe me? Check out how to do it in this short two minute video.
Isn't it great? How... read more
January 18, 2008
Virtual Teams: Best Practices When Communicating Electronically
When communicating inside a virtual distributed team, things are not as clear and evident as when you operate in traditional physical environments. Virtual teams are somewhat more sensitive to bad or improper use of communication tools and methods as such teams pivot their key abilities specifically... read more
December 3, 2007
Lifestreaming - Aggregate And Author All Your Social Media Content From One Place: Lifestrea.ms
If you want to aggregate and author all of your social media content from a single service, Lifestrea.ms may very well interest you.
Lifestrea.ms offers you a single solution for gathering all of your various online identities and publishing destinations into a single social media space.
Given... read more
