Reply: "Are you naive?"

I guess, though the issue isn't completely new even for me ("Orwell was wrong, we don't need surveillance patrols, we all deliver all our privacy willingly..." Blah blah blah.)

I thought, oh well, as long as it is just a monopolist... so is my electricity company, and many of our brands just look like many of our brands too...

But an individual user cookie that not just saves settings, but gives an individual number to your browser that gets deleted by the company after 30 years, probably to save individuals' search entries and see patterns?

A prog by the same company that reads all my emails?

And Google kindly "offers" me a health profile on Google Health, a calendar, a "private" weblog, and so on? And is going to own 90% of the market in Europe if they fuse with Yahoo (whereas of now, it's 85%)?

A company that is able to perform "behavioral targeting" (since buying "Doubleclick") and recreate users' movements throughout the entire net? (That cookie not only collects which pages you visit via Goole, oh no.)

That collects the data of every site and every route you check via Google Maps?

Not to talk of "Street View", where many persons were found to be perfectly recognizable on detailed pictures showing them leaving a sex shop, or taking a pee, or holding a beer, for the world to see en detail.

Or that Firmware-Update for PSP (Playstation Portable) by Sony that supports a direct connection to Google if you connect via WLAN - rumour has it Google is going to try to profile their users via their gaming behaviour in online game worlds as World of Warcraft. Why should that rumour be paranoid, if the technic is there?

Or Google boss Eric Schmidt enthusiastically telling journalists Google was indeed planning to collect as much data of individual users as possible - so they could, in the future, answer search queries like "What job should I take?" Or: "I am bored, what can I do now?" (And how many users are going to get the answer, "Masturbate to these splatter porn clips on XXX.com - should we enter your credit card data for you? Of course we should.")



The Google Trap




Now.. what search angine but Google could I use? I mean, we even call it "to google". ANd where do I put my mailing lists? Don't say Yahoo...

(Actually I "know" a few alternatives, but this post has become awfully long...)

You could use a different search engine, but it would be like methadone to a heroine addict.

Speaking of evil empires, did you know that Microsoft, in size, makes Google look like a little puppy next to a baleen whale? MS are also undertaking the mapping of the universe.

Yes, but they were known as evil for a long time. Also, I don't think they check my mails...

Google's main business has been, since Day One in fact, about data mining. The first database that they had collected and mined had in fact been one of website information - contents, popularity, etc.

This is, in fact, how every single search engine was *supposed* to work, in theory, until Google came along to attempt and perfect the process.

Their further business ventures are merely an extension of their central premise - that mining public data, and to an extent private data. The question remains, of course, is what they do with it - and what they can legally do with it.


Now, let's go offtrack for a moment, and explore the wonderful world of online stores. Each and every store holds your credit card data, knows where you live, and knows your purchase information to further enhance that ability. The bigger ones (Amazon, Barnes & Noble, Ebay, etc) all take the extra step and build a browsing database based on your user cookie to show you products that you're more likely to be interested in on the site's homepage.

This is their way of trying to earn an extra buck off you.

Now, at the very least, the above people know where you live. In theory, they also know your credit card information. In practice, to avoid being sued and to make the home user feel slightly more secure, they encrypt your connection with them when you pass actual private data, and further encrypt the information in their databases so that, in theory, no one working for these companies can actually access the info. This is standard practice for any online store's database, because they *don't* want the employees to steal your credit info. That leads to trouble - lawsuits, losing customers, a big hit to the reputation and loss of future revenue.


So, do you trust online stores? You can always take the extra paranoid step and use just physical stores... that can record your credit information just as easily, should they ever want to. And at the very least, record you in a client database (been there, done that).


So, back to Google. In their data mining ventures, Google first and foremost builds automatic software - robots, if you will - that sift through huge amounts of data collected to build some kind of personalized database per user. This is still "private" data, in that the general statistics remain anonymous, and the per-user bots only work on a per-user basis. To take the example of Gmail, *every single* online e-mail provider has your email information by definition. Their servers are full of your private information, like it or not. You, the customer, in fact take them up on their free offer (or pay them for the service) of a storage and propagation center for your personal correspondence.

So, in theory, any and every employee of any and every email provider can sift through your private data... if it wasn't encrypted in the databases by default, that is, along with your user info - they "key" to your private part in the database. Google Mail just takes the extra step of building you a bot to mine your data and give you a news feed and commercials based on your interests - as seen from your correspondence.

Their future ventures are build along the same lines. So... is there room for corruption here? Is there potential for some employee who knows how to work the system to gain access to your browsing history, interests, personal information that can then be used against you in some kind of blackmail scheme?

Abso-doo-da-lutely. So Google had better put in security measures in place (though I'm sure they have plenty as it is), give some assurances regarding just what it can or can't do with the data, and those assurances had better be legally binding. And that's that.


As for Google Maps, Google Earth, or StreetView... Meh to thah. That's actually the least of our concerns - they're taking pictures in public streets, and if it means someone gets on the picture in the street when he really doesn't want to be there... well... there had better be a law about that in his country, because Google is by far not the only public entity to take pictures in the street. Google has to obey legal standards on a per-country basis, which is why there are quality limitations to the sat pictures, and even direct changes to the real scenery for security purposes (there's a lovely green park in Tel-Aviv where the IDF central command should actually be), and they're just as limited by privacy laws on a per-country basis.

So if your country's legal code demands that you give your consent before appearing on a picture, then Google must remove it - which they have when prompted. Best solution would be to start blurring faces when the pictures are taken in countries with laws that demand consent on being in a picture taken for public use.

But when such laws don't exist... tough. It's not Google's fault though. If anything, it's the fault of the general public.



Now, back to credit card information again. Google is *never* going to offer to enter your credit card info for you for one simple reason - it can't. There are clear rules on online purchases. Google will probably be able to offer customers sales commercials, but from that to filling in the purchase confirmation for you... big no-no. The kind of no-no that get you lawsuits not just from customers, but possibly from the credit companies as well.



If you're really concerned about the Google cookie, you just need to delete it periodically - there are scripts for that sort of thing. Web computers in secured organizations (military, government, and the smarter corporations) kill the cookies in timed intervals. Don't like Gmail's internal data mining? Don't use it. Same with Google Groups. Alternatives exist, though they're often less convenient.

In terms of actual data available, every single ISP on the planet can have all the data it could possibly want about you. An engineer with a laptop can probably intercept most of your passwords that pass over the supposedly "encrypted" connection with a simple Man-In-The-Middle attack, because most authentication methods that pass before the encryption phase on the net are total shite. And if not that, then how shall I put this... well... brute force attacks on hash codes are becoming easier by the day, which means that the encryption used by most banks today is becoming quite amusing in its obsolescence. It's just a matter of time and computation power - and infecting several thousand computers worldwide to serve as slaves for your main process really brings multi-threaded processing to a whole new level.

So at the end of the day, we take our chances because we like living in the ease and comfort of the Information Age. We like having everything pop up on our screen in a split-second. We've gotten used to it. And frankly, going to the Paranoid Underground is not really my cup of tea, nor is that of the vast majority of the world's population. We'll take our chances and hope that the people giving us services aren't stupid enough to screw-up, thus losing us as sources for revenue.

And that, really, is that.

Don't talk me out of my paranoid mode. :p

I guess part of the background is that I am not only worried what a company might do if they're evil enough. (Recently, Germany's biggest phone company, Telekom, was found out do be doing illegal surveillance and saving telephone data of Telekom-critical journalists, union members, and regulatory authorities for years, to recreate who is talking to whom. (Seeing I am the daughter of a journalist and a union leader, I found that interesting in a not so abstract way, although of course I am aware that my humble parents probably weren't a target at all.)

The German government is planning to safe Email- Telephone- and Online-Data and sms in an act to prevent terrorism (which Germany has been a main target of [/sarcasm], so we should go more Orwell than other states...). They actually want to do rather publicly what the Echelon project has been doing for years. ( ECHELON) - Wikipedia, the free encyclopediaAnd more examples like that, ad infinitum.

So, I guess I am somewhat influenced by the current public debate here, plus there's an almost traditional debate about how transparent the average private person should become since the German government tried a census in the eighties and had to abandon the program because they raised -or planned to raise- too much private data from the people - the populace boykotted the thing. So now, the debate is also driven by the question why there was a successful uproar, when people wanted to remain private in the eighties, but willingly give all the private data you can think of to companies who might be forced to hand them over to the government in future, say, during a crisis or perceived crisis we probably can't think of as of yet.

I am less worried about someone stealing my bank data... with only 20 bucks to loose and no credit on my account, what could they do... :(

*shrug* ECHELON is a major data-mining effort, and an illustration of just how unlikely you are to find anything useful when 99.99999% of what you have is unrelated crap, especially with the sheer volume of information we have moving around today. Sure, it *can* be abused... but it's likelier that the shopkeeper at the local grocery store will steal your credit card details. It's simply easier to do.

As for the change of views from the 80s to the present day, it's a global issue. We've had an actual revolution since then, equal in value, if not greater than, the Industrial Revolution. We live in an age where you can look up data at the push of key, and we expect it now. Privacy? What privacy? Our age is becoming more and more identified with TV programs whose sole *purpose* is to peek at peoples' lives. Privacy has become a secondary consideration when compared to our thirst for mostly useless information - we have people *addicted* to information now. Hell, I think I'm a prime example of the phenomenon, though I try to focus on something useful rather than peeking into peoples' lives.

Information, information... we want information. But have we become numbers now? To some extent, we have, particularly for various software bots designed to mine all the useless crap we so easily share about ourselves with a keystroke.


Everything we do with our computer when we connect to the net sends out amazing quantities of information about us - and there's very little we can do about it without compromising the ease with which we use it. You want an Internet connection? Cool, so the ISP is capable of monitoring everything that passes through its lines, like it or not. Try stopping it, you're paying it for the ability to transfer lots of data through its lines, after all. And this is true all the way up to the big continental ISPs that provide the Internet backbone. You want cool software? Expect it to send out lots of info that can be easily interpreted by anyone familiar with it... like a browser. Or an anti-virus. Or any piece of software that has to access a remote computer ever in its existence.

So in this sense, Google is really the least of your concerns. Google has too much junk in it. But someone who monitors merely a single PC directly based on its IP address can gather quite a lot more.

As for governments demanding information from private companies... They can easily set up an ECHELON-style project without bothering to ask you, not needing Google at all. And any demand for information would apply only to servers located in the country proper - a limited slice of the huge pie, which Google can simply decide to move someplace else to avoid any legal trouble.

Don't they have trampolines in their offices though?

Can that really be evil?

Of course, I've never seen a trampoline help an old lady across the road but I have heard stories of them eating babies and attending Nazi rallies.

Data mining has been going on for ages.

Watch section 6 of this program to see what's going on and how scary it can be... Personally I don't want people turning up at my front door knowing personal info about me and then tailoring the message just for me too. That just means I hear what they want me to hear rather than what I need to hear...

The only way to stop google is to stop using google. I don't know if i can live without it. besides a lot of what I do is for work and that'd screw up their results no end.

Spiky, the people who come to your door trying to sell you something (be it a product or an idea) have been telling you what you want to hear (to the best of their ability) ever since they came to exist. Door to door salesmen have had a shifty reputation as semi-legitimate con-men for ages now, of trying to "read" the personality of the people in front of them and changing the message accordingly.

So companies that collect publicly-available data to try and make for better salesmen by profiling the potential customers into archetypes is no surprise to me. They're only doing what they've always done - telling us what they want us to say, hoping that it's what we want to hear, and thus try prevent any rational thinking that may lead to uncomfortable questions.

It saves on design overheads. Marketing... *sigh*.

Off topic and meaningless post - I've had to turn the user reputation system on (the green box under posts where you can approve or disapprove of people's comments) just so I could give Doors a + rep for his post about the trampolines.

Thank you.

I actually chose my current job on the sole reason that they had branded space-hoppers near the meeting room I had my interview in. So far so good.

Ohhh! I am suffering from severe job envy here! All we get here is free post-it notes!

Men we get those too. My takings this week are a scented candle, a bar of White chocolate, 8 tickets to a Jay-Z concert and a Liverpool footy shirt that I traded for 25€ of toy shop vouchers. I like this job.

Edit: dunno if this should make me paranoid but while I was typing this, sitting on a bench in a shopping center, 2 people have walked past me with google sweatshirts.

See! I told you! They are everywhere!
Also, which company is this you are working for and where might I fit in? I'd move to Ireland, too.