Skip to content

Your Personal Data and whether Google knows all

Google knows a lot about each of us. If you’re doing anything online these days, you’ll be hard-pressed to do it without Google having a hand in a part of it.

Recently, James Thomas decided to not use Google’s products at all for two weeks and quickly realized it made the Internet quite hard to use. They’re everywhere – and he had to go out of his way to force his computer to not lookup or visit google.com. Not exactly an option for the vast majority of users. (He did also note that the Internet was faster…)

Google is moving into the ISP space (over 100,000 organizations already), the photo hosting space, the email space, the calendar space, the higher education space, the analytics space, more banner ads, and now, into the RSS space itself with yesterday’s purchase of FeedBurner, the premiere RSS serving tool. Most high powered RSS sites I see are pushed out over FeedBurner’s network – their statistics and republishing in multiple formats of your serialized datastream are first rate. For $100M, and a promise of a couple years future employment for the owners, Google now has insight into that side of our collective data behavior as well. They’ve got the readership side figured out with Google Reader, and now the serving side is known to them via this deal. How tidy.

I’m starting to sense a shift in my own dealings with the King of Search. I go out of my way to avoid Google Groups and Gmail. I don’t use Google Docs or Google Apps for my domain, even though they’re arguably easier and more functional than most other setups available today. I avoid having them know all the feeds I’m reading (Reader) and things I’m searching for (log out of google account before searching). I can only assume since these services all sport a unified login now, that Google could not plausibly deny that aggregation is possible across all their (growing) properties.

And I trust Google. I do.

But who I don’t trust is everyone else. I don’t trust that Google will not be driven by the government to hand over certain records or prevent themselves from a data breach forever. They are a very high value target.

With regards to Google knowing too much, Fred has a paragraph that’s worth quoting in his post from yesterday afternoon…

Anonymity is the ultimate irony of the internet. The medium is so clouded in the perception of anonymity, it can fundamentally change human behavior. Of course, the reality is that the internet is the most sophisticated data mining tool ever invented. Compared to any offline action, you are less anonymous when you are using the internet. The nature of our revelations in this false anonymous context could lead a CEO to believe that they really could uncover the “true” persona of an individual, hence being able to accurately answer these very personal questions. In fact, this may be partially true; however, what we’d have to give up to get this benefit is almost always too much.

All that said – I truly want my stuff to be online and available to me. I want global access to what is mine – and to be secure in the fact that it’s redundantly backed up and ‘safe’ from the bad guys. I think that is the way of the future. A personal repository of my stuff with nuanced access given to those who need it when they need it. Jon Udell posted something along the lines of what I want earlier this week… Hosted Lifebits…

Grade 11

You’re applying to colleges. You publish your essay into your space, then syndicate it to the common application service. The essay points to supporting evidence — your e-portfolio, recommendations — which are also (to a reasonable degree of assurance) permanently recorded in your space.

College sophomore

You visit the clinic and are diagnosed with mononucleosis. You’ve authorized the clinic to store your medical records in your space. This comes in handy a couple of years later, when you’ve transferred to another school, and their clinic needs to refer to your health history.

Working professional

You use your blog to narrate the key events and accomplishments in your professional life, and to articulate your public agenda. All this is, of course, published in your space where you are confident (to the level of assurance you can reasonably afford) that it will be reliably available for your whole life, and even beyond.

I think we are well on our way to giving up too much. There will always be a wide spectrum that defines how we live our lives, but more and more, we are choosing to give up our personal information for the sake of convenience in the very short term. This is a dangerous precedent and, I’m certainly not the first to say it, but, I’d rather not be the one who jumps first. Have we really gotten to the point where giving up all our privacy is the right answer? Posting everything online?

So it dawned on him: If being candid about his flights could clear his name, why not be open about everything? “I’ve discovered that the best way to protect your privacy is to give it away,” he says, grinning as he sips his venti Black Eye. Elahi relishes upending the received wisdom about surveillance. The government monitors your movements, but it gets things wrong. You can monitor yourself much more accurately. Plus, no ambitious agent is going to score a big intelligence triumph by snooping into your movements when there’s a Web page broadcasting the Big Mac you ate four minutes ago in Boise, Idaho. “It’s economics,” he says. “I flood the market.”

It seems so wrong… Is this just paranoia on my part?

Update: Fred did it again today – went and posted something relevant – Your Private Twitters Aren’t:

If you’ve been Twittering privately for the past few months, I’ve got some bad news. As reported by Meish, the Twitter API does not enforce privacy ACL’s, meaning all of your private Twitters are available to the public. To check this out for yourself, visit http://twittervision.com/username, and you’ll be able to see private Twitter streams.

I must note that it appears that not all accounts are affected by this problem. It’s impossible to calculate the breadth of this breach, or what it will do to Twitter as a company, but it illustrates a greater problem with the internet. What if your Gmail, or Google History, or Facebook/Myspace account leaked? Or what if the government swept up your information in a national security letter, only to have your information posted in court documents? Think it can’t happen, or that these well-meaning companies can even control it? Just ask people at Enron how they feel.

Tags: -

View blog reactions

{ 2 } Comments

  1. Rvrseppala | May 25, 2007 at 11:14 am | Permalink

    Well,
    are we actually posting such interesting information that anyone will want to get it? Of course there are a lot of security issues, but I think most people are overestimating how interesting and informative their Twitters are to others. For the security part, I definitely think that most people are not informed enough and don’t care enough about their personal information.

    But I think not using Google is maybe going a bit too far. Or what are you actually doing on the internet?

  2. jkd | May 25, 2007 at 1:25 pm | Permalink

    So, as the MSFT case showed, using existing antitrust legislation to deal with electronic monopolies isn’t really practical. If anything, breaking up GOOG would be less effective than the planned splitting of MSFT, creating a whole bunch of monopolies in different sectors that would each have incentive to take their own cut off the top, creating a less-integrated and more-expensive and burdensome user experience. And they’d still have all our data.

    What we need, I think, is a Citizen EULA/Terms of Service. Most of the EULAs and ToSes are boilerplate anyways – and people (except for us) don’t ever read them. And they esp. don’t read the “we reserve the right to change any and everything without telling you” part of the EULAs and ToSes. That, at a minimum, has to go: a EULA/ToS is a contract, wherein the software/service provider is provisioning a service/product for a fee, even if it’s not money – and as more and more people are realizing, disclosure of personal information is a kind of fee.

    Unilateral changes in EULAs/ToSes should be treated as what they are – a breach of contract.

    Then there’s the matter of making users aware of what they’re agreeing to, and I think that standardization is the way to go, here. The Free Documentation License is a good start, but making it even more human-readable (e.g., having available the graphical + human + machine + lawyer – readable versions of the same license as CC does) would be good.

    How to accomplish this? Legislation would be… problematic, but ultimately I think will be necessary. But first, there really needs to be better public awareness of just what people are giving away. And given the general public disgust/fear of ID theft, I’m not above doing a little bit of fear-mongering in the service of that goal – because they should be afraid.

{ 1 } Trackback

  1. Hat tip to Terrell and Fred « Ubiquity | July 17, 2007 at 11:27 am | Permalink

    [...] tip to Terrell and Fred Published July 17th, 2007 Uncategorized Musings on Google, Twitter, and privacy from the guys who brought you [...]