Language Selection

English French German Italian Portuguese Spanish

Google's Growth Prompts Privacy Concerns

Filed under

Google is at once a powerful search engine and a growing e-mail provider. It runs a blogging service, makes software to speed Web traffic and has ambitions to become a digital library. And it is developing a payments service.

Although many Internet users eagerly await each new technology from Google Inc., its rapid expansion is also prompting concerns that the company may know too much: what you read, where you surf and travel, whom you write.

"This is a lot of personal information in a single basket," said Chris Hoofnagle, senior counsel with the Electronic Privacy Information Center. "Google is becoming one of the largest privacy risks on the Internet."

Not that Hoofnagle is suggesting that Google has strayed from its mantra of making money "without doing evil."

Rather, some privacy advocates worry about the potential: The data's very existence - conveniently all under a single digital roof - makes Google a prime target for abuse by overzealous law enforcers and criminals alike.

Through hacking or with the assistance of rogue employees, they say, criminals could steal data for blackmail or identity theft. Recent high-profile privacy breaches elsewhere underscore the vulnerability of even those systems where thoughtful security measures are taken.

Law enforcement, meanwhile, could obtain information that later becomes public, in court filings or otherwise, about people who are not even targets of a particular investigation.

Though Google's privacy protection is generally comparable to - even better than - those at Microsoft Corp., Yahoo Inc. (Nasdaq:YHOO - news), Inc. and a host of other Internet giants, "I don't think any of the others have the scope of personal information that Google does," Hoofnagle said.

Plus, Google's practices may influence rivals given its dominance in search and the fierce competition.

"Google is perhaps the most noteworthy right now by the simple fact that they are the 800-pound gorilla," said Lauren Weinstein, a veteran computer scientist and privacy advocate. "What they do tends to set a pattern and precedent."

The concerns reflect Google's growing heft. As startups get bigger and more powerful, scrutiny often follows.

Google says it takes privacy seriously.

"In general, as a company, we look at privacy from design all the way (through) launch," said Nicole Wong, an associate general counsel at Google.

That means product managers, engineers and executives - not just lawyers - consider the privacy implications as new technologies are developed and new services offered, Wong said.

She also said that Google regularly seeks feedback from civil liberties groups such as the Center for Democracy and Technology and the Electronic Frontier Foundation, both of which credit Google for listening even if it doesn't always agree.

Google's privacy statements specify that only some of its employees have access to personal data - on a need-to-know basis - and such access is logged to deter abuse.

Google Chief Executive Eric Schmidt says a tradeoff exists between privacy and functionality, and the company believes in making fully optional - and seeking permission beforehand - any services that require personally identifiable information.

"There are always options to not use that set of technology and remain anonymous," Schmidt told reporters in May.

But what is meant by personally identifiable information is subject to debate.

Google automatically keeps records of what search terms people use and when, attaching the information to a user's numeric Internet address and a unique ID number stored in a Web browser "cookie" file that Google uploads to computers unless users reconfigure their browsers to reject them.

Like most Internet companies, Google says it doesn't consider the data personally identifiable. But Internet addresses can often be traced to a specific user.

Here's just some of the ways Google can collect data on its users:

_One of Gmail's selling points is its ability to retain e-mail messages "forever."

_Google's program for scanning library books sometimes requires usernames to protect copyrights.

_The company is testing software for making Web pages load more quickly; the application routes all Web requests through its servers.

_Google also provides driving directions, photo sharing and instant messaging, and it is developing a payments service that critics say could add billing information to user profiles.

Because storage is cheap, data from these services can be retained practically forever, and Google won't specify how long it keeps such information.

Without elaborating, Google says it "may share" data across such services as e-mail and search. It also provides information to outside parties serving as Google's agents - though they must first agree to uphold Google's privacy policies.

Much of the concern, though, stems from a fear of the unknown.

"Everybody gets worried about what they (Google) could do but what they have done to date has not seemed to violate any privacy that anyone has documented," said Danny Sullivan, editor of the online newsletter Search Engine Watch.

Eric Goldman, a cyberlaw professor at Marquette University, believes the focus ought to be on the underlying problem: access by hackers and law enforcement.

"We still need to have good technology to inhibit the hackers. We still need laws that make hacking criminal. We still need restraints on government surveillance," Goldman said. "Google's database doesn't change any of that."

Anne Rubin, 20, a New York University junior who uses Google's search, Gmail and Blogger services, says quality overrides any privacy concerns, and she doesn't mind that profiles are built on her in order to make the ads she sees more relevant.

"I see it as a tradeoff. They give services for free," she said. "I have a vague assumption that things I do (online) aren't entirely private. It doesn't faze me."

Larry Ponemon, a privacy adviser, says research by his Ponemon Institute found Google consistently getting high marks for trust.

By contrast, Microsoft, whose software sometimes crashes and regularly gets violated by hackers, didn't fare as well despite what Ponemon and others acknowledge are improvements in its approach to privacy.

"People confuse customer service with obligations to maintain privacy," Ponemon said. "Google has a product that seems to work. It gets almost like a free ride on privacy."

That's changing.

Google, a perennially secretive company, may share some of the blame. It goes out of its way to strip its privacy statements of legalese so they are easier to read. But the statements remain vague on how long the company keeps data.

In an interview, Wong said Google had no set time limits on data retention; such determinations are left to individual product teams. She said the information helps Google know how well it is doing - for instance, are users getting the results they want in the first five, 10 or 100 hits?

"We keep data that's collected from our services for as long as we think it's useful," she said.

Google says it releases data when required by law, but its privacy statements offer few details. Wong said Google doesn't surrender data without a subpoena, court order or warrant. But she would not offer any details on how many requests it gets, or how often, and federal law bars Google from disclosing requests related to national security.

For civil lawsuits, Wong said, Google warns users before it complies so they can file objections with a court - a fact the company doesn't publicize.

Mark Rasch, who was a Justice Department prosecutor in the 1980s and has since advised companies on getting data from Internet companies, says electronic records will only become more relevant for investigators searching for evidence of intent and knowledge.

"As Google becomes more involved in parts of your lives including chats and blog, then it's going to get lots more subpoenas," he said. "It's a lot more than just a search tool."

Associated Press

More in Tux Machines Website Says Microsoft's Software Is Malware has a category on its website named “Philosophy of the GNU Project,” where the Microsoft software is described as malware, along with Apple and Amazon. Read more

Ubuntu Touch Devs Might Release an OTA-8.5 Hotfix Update for Ubuntu Phones

Earlier today, November 25, Canonical's Łukasz Zemczak sent his daily report for the day of November 24, 2015, informing all Ubuntu Phone users about the latest work done by the Ubuntu Touch developers on the Ubuntu for phones operating system. Read more

Systemd — unit dependencies and order

Welcome back to our continuing series on systemd features. As you’ve guessed from our previous articles, systemd brings more power and flexibility to service startup and management. One of the most important changes in systemd from legacy SysVinit is how it starts up units. You may have heard from casual users that systemd starts everything together. Some people believe this is true, and that’s why the system starts faster. But the reality is not quite that simple. Let’s look a little more deeply at how systemd understands unit relationships. Read more

today's leftovers

  • AWS launches EC2 Dedicated Hosts so you can bring your own Linux licence
    AMAZON WEB SERVICES (AWS) has announced the arrival of a new service called EC2 Dedicated Hosts. The new feature will allow companies to run the software they pay for on multiple virtual machines using a single server, giving more granular management to finding what applications are working on what virtual machine. AWS has outlined the advantages of EC2 Dedicated Hosts in a blog post by evangelist Jeff Barr.
  • Unikernels, meet Docker!
    The demo described here is just the beginning. There are many implementations of unikernels and there’s plenty of work ahead to ensure they can all reap the benefits of integration, as well as improving Docker itself to make the most of these new technologies. Look over the collection of unikernel projects and contribute your experiences to this blog!
  • AMD Radeon Software Crimson Edition Is A Letdown On Linux
    While leaked slides indicate AMD was planning better gaming on Linux for Crimson, in the end they really didn't deliver. Even for their mentioned games, when testing various Linux OpenGL games on three different systems the performance was largely unchanged.
  • New HPCG Benchmark List Goes Beyond LINPACK to Compare Supercomputers
    The High Performance Conjugate Gradients (HPCG) Benchmark list was announced this week at SC15. This is the fourth list produced for the emerging benchmark designed to complement the traditional High Performance LINPACK (HPL) benchmark used as the official metric for ranking the TOP500 systems. The first HPCG list was announced at ISC’14 a year and a half ago, containing only 15 entries and the SC’14 list had 25. The current list contains more than 60 entries as HPCG continues to gain traction in the HPC community.
  • New Opera 34 Beta Is Based on Chromium 47.0.2526.58, Brings Linux and Mac Fixes
    Opera Software, through Aneta Reluga, has announced the release and immediate availability for download and testing of a new Beta build for the upcoming Opera 34.0 web browser for all supported operating systems, including GNU/Linux, Mac OS X, and Microsoft Windows.
  • Hamster rediscovered
    If you like to track your time in a fine granular way, consider to use project-hamster with the GNOME Shell extension.
  • Distro hopping: feeling good with my time on LXLE
    Well the time has come to officially switch off from LXLE. This time around however I find myself in a weird spot. I’ve honestly struggled with LXLE; not in using the distribution itself but rather coming up with things to write about it. That isn’t to say that LXLE is bad by any stretch of the imagination, in fact it is quite good, it’s just that once you get used to the light weight desktop environment (DE) there is a perfectly capable “heavy weight” distribution underneath. What I mean by this is that once you get used to the DE and it fades into the background you’re left with a perfectly functional distribution that could just as easily have been Ubuntu or Linux Mint or Fedora or {insert your favourite one here}.
  • Netrunner 17 'Horizon' is here -- download the Kubuntu-based Linux distro now
    About a week ago, the Netrunner team released an update to its rolling release operating system. Based on Arch/Manjaro, I advised Linux beginners to steer clear, and instead opt for the Kubuntu-based variant. There are a couple of reasons for this. For one, the Ubuntu community is arguably friendlier and better for newbies -- there are a ton of instructions and .deb files available too. More importantly, however, the rolling release could be less stable overall.
  • Netrunner 17 Screenshot Tour
  • KNOPPIX 7.6.0 Screenshot Tour
  • Tumbleweed install for November
    For this month, I installed Tumbleweed on my laptop. I had installed Leap 42.1 to overwrite my previous Tumbleweed install on that laptop. This computer uses legacy booting. I gave Tumbleweed a 40G partition, which I formatted as “ext4”. I also allowed it to use the swap and home file systems from my encrypted LVM on that computer.
  • Python 3 Porting FAD: Lessons Learned
  • Fossetcon 2015 Orlando Florida – Lake Buena Vista Hilton 19 – 21 November 2015
  • Reproducible builds: week 30 in Stretch cycle