Google - Privacy Issues

As Google's services and influence have expanded its security and privacy policies have experienced increased scrutiny. Some of this attention may be attributed to negative shifts in public perceptions of the company (Rivlin, 2005), but the amount of coverage dedicated specifically to the security and privacy issues of Google's services seems to indicate a sincere concern about its policies. Concerns of this nature have prompted the appearance of numerous articles, forum discussions, and the emergence of watch groups.

Contents 1 General Causes of Concern 2 Concerned Parties 3 Service Specific Privacy Issues 3.1 Google Search Privacy Issues 3.1.1 Google Search Privacy Policy 3.2 Google Toolbar Privacy Issues 3.2.1 Google Toolbar Privacy Policy 3.3 Gmail Privacy Issues 3.3.1 Gmail Privacy Policy 3.4 Blogger Privacy Issues 3.4.1 Blogger Privacy Policy 3.5 Google Groups Privacy Issues 3.5.1 Google Groups Privacy Policy 3.6 Google Earth Privacy Issues 4 Google's Privacy Philosophy 5 Related Topics 6 References:

General Causes of Concern

The privacy issues surrounding Google stem from a variety of sources all related to various aspects of its services. Many of these concerns involve technological uses somewhat unique to Google, such as its Adsense program, automated updating of files, and its use of cookies which do not expire for thirty-five years. Given the range of Google's offerings, it is easy to see that what might be a major concern in one service may be negligible in another.

Many also point to the fact that as the range of Google’s services continues to grow it is able to gather ever increasing amounts of information about its users. While numerous privacy activists are concerned about Google's potential use of this information, even more are focused on the potential for outside exploitation. As Google gathers reservoirs of information about users, it becomes increasingly attractive to outside sources seeking personal information. The possible uses for Google's data range anywhere from government investigations to identity theft (AP, 2005).

Concerned Parties

• Google:
  Google's evolution as a company has necessitated further inspection and development of its privacy policies. These policies help protect both Google users and Google itself. By developing more rigorous policies Google is able to somewhat limit their liability in the event of a breach. Such developments of privacy policies also help promote user confidence which is ultimately critical to Google's revenues.
  
  
• Governments:
  Governments whose citizens utilize Google services are also concerned with Google's policies. Many governments have their own laws regulating aspects of internet usage and media access designed to help protect its citizens, and in some cases, the government itself (McHugh, 2003)(Skatssoon, 2005). However, governments are not only interested in the security of information they may also be concerned with the terms on which Google would be willing to release user information for use in investigative and legal proceedings.
  
  
• Competitors:
  Google competitors are very interested in Google's policies. By all accounts Google currently wields the dominant market share in search engines across the globe. Their prevalence establishes them as a leader in the industry so that decisions within Google are likely to be echoed elsewhere.
  
  
• Specialist/watch groups:
  The watch group site Google Watch and the specialist site Search Engine Watch are both examples of independent organizations that closely monitor developments in the policies of Google and its competitors. While Google Watch focuses solely on the flaws of Google, and has been the subject of controversy due its overt bias (to the point that a Google Watch Watch page has been established), Search Engine Watch tends to take a more balanced approach in considering a broad range of developments across the sector.
  
  
• Users:
  As Google's privacy issues have been brought to the forefront of media attention, users are becoming more aware of the risks involved with using services both within the Google network and elsewhere. Their concerns revolve around the possibility of governments, businesses, and individuals gaining access to various forms of personal information from Google. As user awareness rises all of the previously listed groups are likely take more interest in the issues.

Service Specific Privacy Issues

Google Search Privacy Issues

Any debate concerning Google Search policies also apply to Google's image search, Froogle, and Google Catalogues search functions due to the fact that they all operate in a similar manner. The majority of concern around these applications originates in their usage of the Google cookie which identifies users and helps Google maintain information about their usage and preferences within the Google network. What is unique about the Google cookie is that it is not set to expire for thirty five years (Penenberg, 2005).

While the lifetime of the cookies may sound suspicious to some, Google and its supporters point to the fact that these cookies only monitor your actions within the Google network and that these cookies can be deleted from users' computers at any time. Another issue worth consideration is the actual useful life of the cookie technology. Given the current rate of change within the industry it would seem feasible that the use of cookies by providers may dwindle well before they reach their expiration date.

Google Search Privacy Policy

Key points of the Google Search Privacy Policy:

• Google records:
  • users’ internet protocol address
  • browser type
  • browser language
  • the date and time of your query
    
• Google inserts:
  • one or more cookies that may uniquely identify your browser
    
• Google only shares your information if:
  • they have your consent
  • it is going to be used by a trusted outside business for purposes on behalf of Google
  • they conclude that they are required by law or have a good faith belief that access, preservation or disclosure of such information is reasonably necessary to protect the rights, property or safety of Google, its users or the public

Google Toolbar Privacy Issues

Some sources, including contributors to the site Google Watch, have voiced a significant number of concerns over the Google Toolbar application. While some of these issues was alleviated with the update of the toolbar (version 1.2), debate still remains. The primary issue concerning the Google Toolbar is its ability to track all of your activities on the net even if you're not using the Google Toolbar to access pages. The updated version enables users to turn this function on and off at will. Google has stated that they use information gathered from this tracking solely to help them with their Page Rank system.

They have also voiced concern over Google's ability to automatically update your toolbar once it has been installed on your computer without your authorization. It seems unlikely that Google itself would install any malicious software, but those wary of this feature have voiced their suspicions concerning this matter.

Google Toolbar Privacy Policy

Key Points of the Google Toolbar Privacy Policy:

• information about the web pages you visit will automatically be forwarded to Google when the advanced functionality is enabled however, this advanced functionality is optional, and can be disabled and re-enabled at any time.
• periodically, the Google Toolbar contacts Google servers to see if you are running the most current version. If not, Google will automatically update for your Toolbar.

Gmail Privacy Issues

Many privacy advocates have expressed concern over how Gmail will affect the way emails are stored. Users have been filing complaints against Gmail in California and 16 other countries (Waldermeir, 2004). Gmail's privacy policy states that users' emails will never be completely deleted, and that cached copies may continue to remain on their systems (Ng, 2004). Some also worry that Google's AdSense software may actually read emails coming into Gmail, which Google denies, saying that emails are merely scanned by software (Swartz, 2004). Some also suggest that Gmail may enable Google to obtain the identity of individual users with the help of cookies.

Gmail Privacy Policy

Key Points of the Gmail Privacy Policy:

• Google asks you for some personal information in order to create an account.
• Google employees do not access the content of any mailboxes unless you specifically request them to do so or if required by law, to maintain the system, or to protect Google or the public.
• They also may collect information about the use of your account, such as how much storage you are using, how often you log in, information displayed, and links clicked on.
• The AdSense program is completely automated.
• A limited set of employees are authorized to access user accounts and their access to user accounts is recorded.

Blogger Privacy Issues

At this point, most of the privacy debate has focused around the use of other Google services. The Dominant threats concerning Blogger revolve around the use of the Google cookie and the potential linking of individuals to their blogs. Some cases of blog tracking have already arisen in places like the U.S. where recent legal changes have enabled the use of internet traces and have made the evidence found in such tracing permissible in any court (Poulse, 2005).

Blogger Privacy Policy

Key Points of the Blogger Privacy Policy:

• Blogger requires users to register for an account
  • In the case of Blogger, this means users must provide Google with an email address
• Google collects limited non-personally identifying information your browser makes available whenever you visit a website.
  • This log information includes your Internet Protocol address, browser type, browser language, the date and time of your query and one or more cookies that may uniquely identify your browser.

Google Groups Privacy Issues

The Google Groups privacy issues are unique due to the fact that most of the concerns revolve around previous contributions to the Usenet archives. Google acquired a significant portion or the Usenet archives in 2001 with their purchase of the struggling Deja News Research Service (Naraine, 2001). Google reintroduced the archives under the name Google Groups. Original contributors to these archives have had a number of concerns about Google Groups.

Some contributors wanted to have their original posts taken down, a matter on which Google has addressed by allowing users to remove their own messages. Another issue revolves around the fact that Google automatically masks and distorts email addresses linked to posts. While some feel that the feature helps protect them, others point out that they wouldn't post with an email address that they wouldn't mind being publicly available (Weinstein, 2004). The system now requires one to register and login to the Google Groups website in order to contact other users through their masked email addresses. That in itself would probably not be of so much concern if it weren't for the fact that it requires the use of the Google cookie.

Google Groups Privacy Policy

Key Points of the Google Groups Privacy Policy:

• when you register for Google Groups, they will request some personal information to create your account, including an email address and a password
• they collect and maintain information about your account activity, such as the groups that you join or manage, lists of other members or invitees in the groups, messages or topics you track and your preferred settings

Google Earth Privacy Issues

Google Earth's privacy issues are unique within the Google network. This is due to the fact that it is not so much individual users who have the most at stake. On a personal level the primary concern would be Google's ability to access what parts of the world you've been looking at through the tracking of your Google cookie.

In this case, it is larger organizations, primarily governments, who are the most susceptible. Since the primary focus of Google Earth it's mapping of the earth's surface from various satellite images, its attempts have to potential to threaten the security of sensitive areas by revealing aspects of their layout.

A prime example of this concern has arisen within Australian borders at the Lucas Heights nuclear reactor. Ultimately officials decided that the Google Earth photos posed no real threats to the facility due to the fact that the photos were somewhat dated and were of relatively poor resolution (Skatssoon, 2005). There are other areas, especially within the United States, that have already been made unavailable to Google Earth Users. As the service improves and possibly begins to incorporate timelier image updates of a higher resolution this issue may become of greater concern.

On the other side of this issue, however, is the fact that Google is now marketing advanced features of the Google Earth interface to various government offices. Links promoting its use in homeland security and defence/intelligence are easily accessible and openly promoted alongside possible applications in real estate and insurance.

Google's Privacy Philosophy

The ultimate decision maker in terms of privacy policies at Google is Sergey Brin, one of Google's founders. Google has a list of statements that helps define its corporate values, but foremost among them is the phrase, "Don't be evil"(McHugh, 2003) It is part of Brin's job to determine exactly what is evil in the eyes of Google.

It is naturally to assume that in the eyes of Google, their privacy policies should coincide with this all encompassing motto against evil, but there are other issues which must be considered. Another dominant theme in Google's philosophy is the idea of their services being useful (McHugh,2003). When you consider Google's rationale behind its usage of debated technologies such as cookies, AdSense, and the page rank system, it becomes clear that a service's usefulness and the user privacy can sometimes be at odds.

Outside sources and Google itself have frequently pointed to the fact that they are not primarily interested in the usage of individual users (Lee, 2002). Google tends to be more interested in the aggregate of the data collected on its users rather than the individuals. By identifying trends it hopes to make its offerings more useful and profitable.

Many of Google's policy statements have been stripped of legal terminology and fine print in an attempt to make them more accessible to average users. While this seems to please some, others find the statements to be relatively vague concerning how Google actually handles user data. Perhaps the most reassuring statement the Google philosophy provides about user privacy is that it, "Will provide notice before any personally identifying information is transferred and becomes subject to a different privacy policy"(Penenberg, 2005). What Google fails to tell users is on what grounds they will transfer or release personally identifying information. It seems Google's lack of clarity on such issues may be the reason behind all the debate over its privacy issues.

Related Topics

Companies - Google

Google - GMail

Google - AdSense

Google - Cultural_Icon

Google - How_It_Works

Google - IPO

References:

Associated Press (2005, Jul. 17) "Google Growth Yields Privacy Fear," Wired News, retrieved August 13, 2005, from http://wired-vig.wired.com/news/print/0,1294,68235,00.html accessed 13/8/2005

Lee, J. (2002, Nov. 28) "Postcards From Planet Google," The New York Times, retrieved August 15, 2005, from http://tech2.nytimes.com/mem/technology/techreview.html?res=9D07E1DF1538F93BA15752C1A9649C8B63

McHugh, J. (2003) "Google vs. Evil," Wired Magazine, Issue 11.01, January 2003, retrieved August 13, 2005, from http://www.wired.com/wired/archive/11.01/google_pr.html

Naraine, R. (2001, Apr. 30) "Deja Usenet Archives Restored on Google" Internet News.com, retrieved on August 23, 2005, from http://www.atnewyork.com/news/article.php/8471_755181

Ng, Q. (2004) "No Free Lunches?," Asia Computer Weekly, 10 May, 2004. pg. 1

Penenberg, A. (2005, Jun. 23) "Beware the Google Threat," Wired News, retrieved August 15, 2005, from http://www.wired.com/news/print/0,1294,67982,00.html

Poulse, K. (2005, Jul. 8) "Cops Watched Sex Offender's Blog," Wired News, retrieved August 15, 2005, from http://wwww.wired.com/news/print/0,1294,68136,00.html

Rivlin, G. (2005, Aug. 24) "Relax, Bill Gates; It's Google's Turn as the Villain," The New York Times, retrieved August 29, 2005, from http://www.nytimes.com/2005/08/24/technology/24valley.html?adxnnl=1&adxnnlx=1125311120-sps3+Rfohp1Qo553ZAE3HA

Skatssoon, J. (2005, Aug. 8) "Lucas Heights image stays on Google," ABC Science Online, retrieved August 15, 2005, from http://abc.net.au/science/news/stories/s1432823.htm

Swartz, N. (2004) "Google's New E-mail Service Sparks Privacy Concerns?," Information Management Journal, Vol. 38, Iss. 4; pg. 6

Waldmeir, P. (2004) "Google's e-mail snooping is a test case for privacy?," Financial Times, 24 May, 2004. pg. 10

Weinstein, L. (2004, Dec. 12) "New 'Google Groups' Netnews Service Mangles Messages + Related Copyright and Privacy Issues" retrieved on August 23, 2005, from http://neon.vortex.com/google-groups

Contributors to this page include:
Sherwin Huang 11:42, 27 Oct 2004 (EST)
Michael chappelow 10:19, 30 Aug 2005 (EST)