A random collection of stuff mostly about operating systems, software licensing, technology, and privacy
November 14th, 2010
It has been about two weeks since I stopped using Google because of their privacy policies. It isn’t that other search engines provide significantly better privacy, but in my opinion, Google’s actions show that they either don’t get privacy, or more likely, they just don’t care.
I find results that meet my needs without any problem. Likely this is because I frame my search requests carefully. For best results I make sure I understand how a search engine works, including how the search engine handles ‘or,’ ‘and,’ as well as ‘ ’ (space) between words. For example, Bing’s advanced search options are described here. I also tend to restrict my searches to a specific Website using a ‘site=’ parameter.
I received a lot of e-mails about not using Google from people who had seen my posting on Twitter and Facebook (which I have since stopped using due to privacy concerns), and many people indicated they felt the same way, but weren’t willing to give up the Google.
To them I say, come on in, the searching is fine.
Others wanted to understand why I won’t use Google, so here are my thoughts on this issue.
I probably should begin by answering the question, ‘What is privacy?’
In my opinion, a good starting point is the seminal article written by Samuel D. Warren, and Louis D. Brandeis for the Harvard Law Review in Dec. 1890. In the article, the author’s cite the opinion of Judge Cooley, who had written in his treatist on Torts, “that people have a right ‘to be left alone’”
Their examination as to whether or not there was a right to privacy, which was written in the late 1800’s was driven by changing technology and business methods. Then, the new technology was photography. The changing business method accompanying the new technology was the publication of gossip to sell newspapers. In the words of the authors, photographs and gossip had “invaded the sacred precincts of private and domestic life” and were “threatening to make good the prediction that ‘what is whispered in the closet shall be proclaimed from the house-tops’.”
Imagine how they would feel today, when almost every cell phone contains a camera capable of taking pictures, or recording events, and the Internet allows anyone to publish information faster and broader than a newspaper ever could.
I think the point Warren and Brandeis were making was that it was becoming necessary to determine whether people had a right to privacy, and if they did, then how would the law define the borders or margins of such a ‘privacy right.’ They proposed that people’s affairs should remain private unless revealing them met a legitimate community concern, and to “protect all persons, whatsoever; their position or station, from having matters which they may properly prefer to keep private, made public against their will.”
But the authors were also concerned with the limits of any privacy right. For example, they felt that “the right to privacy ceases upon the publication of the facts by the individual, or with his consent.”
In many ways, rapidly changing technology will always exceed the Legislature’s ability to keep pace. For example, according the the Revised Code of Washington, Divulging (the contents of a) telegram still appears to be a misdemenor, as does Opening (a) sealed letter, that appears to cover opening a sealed letter. But, would this apply to a e-mail or instant message? That is less clear.
Number six on the Google ‘core principles’ that ‘guide our actions’ states:
6. You can make money without doing evil.
Maybe I take this too personally, because I have always felt that it was targeted at Microsoft, and when I worked there I feel very comfortable that I didn’t do anything evil. Google also tries to disclaim this by stating:
Google is a business. The revenue we generate is derived from offering search technology to companies and from the sale of advertising displayed on our site and on other sites across the web. Hundreds of thousands of advertisers worldwide use AdWords to promote their products; hundreds of thousands of publishers take advantage of our AdSense program to deliver ads relevant to their site content. To ensure that we’re ultimately serving all our users (whether they are advertisers or not), we have a set of guiding principles for our advertising programs and practices.
The company that wants to ‘make money without doing evil’ had to reluctantly admit on May 14, 2010 (with additional updates on May 17 and June 9, 2010) that “…we had mistakenly included code in our software that collected samples of payload data from WiFi networks…”
A report on the collection was prepared by the security consulting firm Stroz Friedberg, and this report was sent to the interested data protection authorities. The report confirmed that Google did indeed collect and store payload data from unencrypted WiFi networks.
Approximately five months later, on October 22, 2010, Google announced that it was creating stronger privacy controls inside Google. This posting still called the data collection a mistake, acknowledged that it wasn’t a particulary trustworthy thing to do, and that Google was going to strengthen internal privacy and security practices.
Among the proposed changes were:
That’s it, we made an ittsy-bitsy mistake, we’re really sorry, and some day, we might delete the information. No harm, no foul.
One problem I have is simply this: whether the information was collected mistakenly or on purpose is equally bad. If Google’s management didn’t know about this, then the key question becomes ‘what other inappropriate data collection don’t they know about’.
To a large extent, little would be known about this data collection and Google would not have likely taken any action were it not for the government of Canada and Germany. For example, the Canadian government concluded that Google’s collection of fragments of Wi-Fi transmissions violated the law. But, Jennifer Stoddart, Canada’s privacy commissioner was willing to close the investigation and consider the matter resolved if Google revised its internal procedures and deleted or segregated any data relating to Canadian citizens.
But in the United States, the FTC said it was satisfied with the improvements in Google’s internal privacy practices, including a formal review process, and therefore the FTC would not pursue the matter further.
According to USAToday, Google spends a lot of money to lobby Congress. The article refers to Google CEO Eric Schmidt as the company’s top lobbyist, and reported that Google “disclosed that it increased its spending on lobbying in the third quarter ending Sept. 30 to $1.2 million, an 11% increase as compared to the third quarter of 2009. For the first nine months of 2010, Google spent $3.92 million, approaching the $4.03 million the search giant spent wooing federal officials in all of 2009, Senate disclosure records show.”
Is it merely a coincidence this increase came when the FTC was reviewing the privacy violation? Probably a lot of this money targeted Google’s interest in Net Neutrality.
To keep this in perspective, Open Secrets shows that in 2010, Google spent $3,920,000; while Microsoft spent $5,200,000 and Apple spent $1,230,000. As many people complain about Halliburton, just what did they spend: $450,000 and even in one of the largest years, 2004, Halliburton’s lobbying totalled $1,010,000.
It is also interesting that Eric Schmidt was an early backer of President Obama (not that there's anything wrong with that), and was even discussed as potentially playing a technology advisor role in the Obama Executive Branch).
So while we’re discussing Google’s leader, here thanks to Fast Company are statements by Google CEO Eric Schmidt:
It further appears that Schmidt suggested on CNN’s ‘Parker Spitzer’ program that people “concerned about their homes appearing on the company’s Street View map service could ‘just move’.”
Perhaps as a result of people’s disbelief at his arrogance, Schmidt said, “I clearly misspoke…if you are worried about Street View and want your house removed, please contact Google and we will remove it.”
Finally, let’s just address the issue of why do you care who knows what you do on the Internet. My searches are incredibly boring. Mostly I am looking for information about operating systems or for law school. I probably tell people more than they want to know about my Wegener's Granulomatosis.
The article that best shows the issue of what company’s may (or may not) know about you was printed in the Wall Street Journal in 2002. The article is hard to find now, but this may be an accurate version, and it is referenced in this New Atlantis article.
The article discusses Their TiVo, the digital videorecorder will record some non-requested programs it just assumes its owner will like, based on shows the viewer has chosen to record. A phone call (now and Internet connection) the machine makes to TiVo, Inc. in San Jose, Calif., once a day provides key information. According to the article, a male 32 year old Tivo owner first suspected that his TiVo thought he was gay, since it inexplicably kept recording programs with gay themes.
Here is technology trying to be helpful, and to do so, I collects information in an attempt to personalize the services it provides. Whether it is recording a program, recommending a book or a purchase, sometimes it works and sometimes it doesn’t. Most of the time, regardless of how much it thinks it knows, it makes the wrong conclusion.
I know this can be painted in a more positive light. For example, it has been proposed that Google might be able to assist agencies like the CDC spot outbreaks like the flu. But the same data,in the wrong hands, could be equally used to perhaps deny people health insurance coverage. Not saying it will happen, but it could.
Revised 08/26/2013: Fixed links that were broken since first posting.