Privacy International pokes a stick in Google's eye

Privacy International pokes a stick in Google's eye

Summary: Privacy International has poked Google in the eye with the stick. In an interim report on the privacy ranking of the major Internet services, Google was the only company found among those surveyed to receive a failing grade, which Privacy International described as conducting comprehensive consumer surveillance and having entrenched hostility to privacy.

TOPICS: Google

Privacy International has poked Google in the eye with the stick. In an interim report on the privacy ranking of the major Internet services, Google was the only company found among those surveyed to receive a failing grade, which Privacy International described as conducting comprehensive consumer surveillance and having entrenched hostility to privacy.

Needless to say, Google objects to the report and asserted that it didn't have a chance to explain its privacy practices to Privacy International. In the latest twist, Privacy International Director Simon Davies said that two European journalists have asserted that Google representatives are claiming that the watchdog organization has a conflict of interest regarding Microsoft, which scored better than Google in the survey.

privacy.jpg Source: Privacy International report. See full report.

The six-month investigation looked at twenty different factors, and using data from public sources, current and former employees and interviews with company representative. Companies were graded on issues such as Corporate administrative details corporate leadership; data collection and processing; openness and transparency; responsiveness; ethical compass; customer and user control; fair gateways and authentication; and privacy enhancing innovations.

The European Commission is concerned about how Google's data used and Google's planned acquisition of DoubleClick has privacy advocates charged up.

What's becoming more evident is that as Google acquires more market power and user data the company needs to provide leadership in establishing clear privacy guidelines in the best interest of its users. It's not a matter of sending lobbyists to Washington D.C. to sway legislators on issues of importance to the company. Google needs to make sorting out privacy concerns a top priority. It's not like dealing with the Chinese government on censorship.

See TechMeme for coverage of the Privacy International report and subsequent Google squabble.

Also Mitch Ratcliffe has added his perspective: "Just giving up our privacy for a little Web functionality and storage capacity is like handing over the mining rights to ancestral lands to the first guy who comes along with a better shovel."

Here's how the report characterized Google's failures:

* Google account holders that regularly use even a few of Google's services must accept that the company retains a large quantity of information about that user, often for an unstated or indefinite length of time, without clear limitation on subsequent use or disclosure, and without an opportunity to delete or withdraw personal data even if the user wishes to terminate the service. * Google maintains records of all search strings and the associated IP-addresses and time stamps for at least 18 to 24 months and does not provide users with an expungement option. While it is true that many US based companies have not yet established a time frame for retention, there is a prevailing view amongst privacy experts that 18 to 24 months is unacceptable, and possibly unlawful in many parts of the world. * Google has access to additional personal information, including hobbies, employment, address, and phone number, contained within user profiles in Orkut. Google often maintains these records even after a user has deleted his profile or removed information from Orkut. * Google collects all search results entered through Google Toolbar and identifies all Google Toolbar users with a unique cookie that allows Google to track the user's web movement.17 Google does not indicate how long the information collected through Google Toolbar is retained, nor does it offer users a data expungement option in connection with the service. * Google fails to follow generally accepted privacy practices such as the OECD Privacy Guidelines and elements of EU data protection law. As detailed in the EPIC complaint, Google also fails to adopted additional privacy provisions with respect to specific Google services. * Google logs search queries in a manner that makes them personally identifiable but fails to provide users with the ability to edit or otherwise expunge records of their previous searches. * Google fails to give users access to log information generated through their interaction with Google Maps, Google Video, Google Talk, Google Reader, Blogger and other services.

Topic: Google

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Untrustworthy?

    Personally, I don't trust it. They appear to have *preemptively* singled out how Google is worse than Microsoft - why? They take offense to things that don't matter to me (what is wrong with seeing whether someone has read an e-mail that you yourself sent?). And the retaining of the "cookies are bad" attitude doesn't make me feel any better.
  • No surprise to me.

    It certainly comes as no surprise to me and I suspect there is even more to the story.
  • Google is a marketing company you trust not to market your data.

    When you get all of these services for free, they somehow got to pay for it. You are better off paying with money for services and keeping your privacy. Some people will never learn. I believe that Google is the privatization of the CIA since they hire ex-CIA folks. Just stay very far away. Besides what does Google really have to offer you cannot get elsewhere? Kudos for Privacy International that I have suspected for years.

    Happy Profiling!
  • Your soul on a spreadsheet

    Thanks for the article.

    The powers that be yanked Admiral Poindexter, but his universal database project is alive and well. This crowd wants your soul on a spreadsheet.

    Steve Marshall
  • Human Nature at work...

    This isn't much of a surprise. Google publicly prides itself on being full of smart people, hiring lots of PhDs even when they're not necessary and generally building on the original founders' academic background. These people already consider themselves smarter than their customers, and considering themselves superior is only a slight adjustment to that position. And why not? Their financial success reinforces that belief. There have been a number of articles in the Harvard Business Review about the psychology of individual and corporate arrogance in business, and Google fits the profile to a T. It's really more a principle of organizational behavior based on individual psychology than it is a failing of Google: essentially the more successful a company is, the more self-righteous it gets.

    It's not just Google's privacy policy that shows their arrogance, but their lofty sounding "do no harm" is another smokescreen that obscures their egoic agendas. Ultimately, "do no harm" is a cop-out: if you want to do good, then intend to do good. Doing no harm allows Google to cooperate with the Chinese government's censors, since they aren't making anything worse. It makes me wonder if they're cooperating with some nefarious Bush Administration program that invades our privacy, the way that AT&T rolled right over for the government in the domestic wiretapping scandal.

    My friends usually consider me a Microsoft-basher, but this reports shows that Microsoft isn't alone. What it really boils down to here is the limitations of individuals who are given too much power, together with the lack of coherence that any large and rapidly growing organization suffers.
  • Google & Privacy

    For those of us who have real jobs we can do without Privacy International a hell of lot easier than without Google.

    In other words, who really cares.

    Write about something important like MS's failing system called Vista.

    • Weel, if your life is bland I suppose

      it doesn't matter who looks at your private info.
    • Huh?

      Sorry, but I don't find Google any better than Yahoo, so if they're more privacy friendly, then that's who I'll use.

      And considering that many use Google's desktop search, this could be scary. Do you really want Google holding on to personally identifiable data that's on your PC until whenever? If they hold your information, then that's info the government can get, and I'm certain I don't want the Feds looking at ANYTHING on my PC, even though there's nothing on here that should interest them.

      Maybe it's time to start using one of those proxy services.
  • Sell your soul for search results?

    Never did like Google. Always seemed a little creepy to me. MSN search works just as well.
  • Internet privacy?

    There's no privacy on the Internet, anyone who expects it is a fool. Google isn't hacking into your PC and stealing information, they're just keeping records of what you use their services for.

    As for Google toolbar - only idiots install toolbars.
  • Google Is ASP for Evil Doers Everywhere

    Google takes no responsibility for the fact its search engine is used as a defamation delivery device. I heard one writer refer to it as the defamation superhighway. Google generously weights the hundreds of sites receiving feeds from the Usenet news groups because Google purchased these groups from DeJa News in 2001. (These groups are also inherently inter-linked, kind of like your average family from Appalachia). Problem is ... over 90 percent of the messages are flame war fodder, campaigns by gangs of anonymous individuals to defame a blogger or Usenet newbie by taking control of -- and vandalizing -- the results of a Google search on his or her name. Most of this is perpetrated in so-called "science" news groups by individuals who have no advanced science degrees whatsoever, and in some cases, never even finished college.

    It is invasive. The defamation may include digital dossiers but always includes disclosure of personal info dredged on the net about a person's family, business associates, residential history, contact info.

    The impact of all this is always immeasurable. No prospective employer will tell a candidate she wasn't interviewed because the employer found a critical mass of suspicious messages about her in Google.
  • This flurry of stories is probably an attack by Microsoft.

    Microsoft is hurtin for certain, they just released an OS that NOBODY wants. But the main thing is, they own HOTMAIL which is the biggest NON-Secure Email service in the entire world: And for all the money you have to PAY Microsoft for several types of HOTMAIL accounts:

    Google has an email service that is not only more secure than HOTMAIL but I can slide it into to Email Clients- FOR FREE.

    MS's response to anything that is better than what they got- First DISCREDIT it, then ACQUIRE it.

    HOTMAIL used to be one of the best Free Web-based EMAIL services, but then MS took it over in most hostile fashion, just like everything else Gates stole, including MS-DOS which was STOLEN from PC-DOS. And if you look at Vista: There are STILL pieces of PC-DOS in there. That's one stain that will not go away, ever. Anyway some assjack will try to falsify this, but what I just posted was common knowledge so 1990 and why would it be any different 17 years later?

    This is more of the same activity.

    Now as far as facts, it is a fact that I receive all kinds of vicious email from compromised HOTMAIL accounts, but ZERO emails from compromised GMAIL accounts.

    This is what Privacy Int'l (In MS Pocket) does not really tell you in their reports. Well, I use 17 different email accounts for various purposes and all across the board I get the same spam emails from accounts that are compromised HOTMAIL.

    I'd say P.I. needs to turn that Beedy Little Eye on this whole PASSPORT business, cos it is NOT SECURE. AT ALL. And THIS is the stuff that is BUILT IN to XP and VISTA. It is BUILT IN to MS MONEY- And THAT is damn dangerous.
    • To correct your factual error . . .

      MS didn't steal MS-DOS from PC-DOS.

      MS-DOS and PC-DOS were both MS products, until MS and IBM had their falling out.

      MS stole DOS from CP/M-86.
  • Read

    All I can say to many of the posts, read the article. They were not talking abotu whois more secure. They are talking about what PI has reported, the way the information is beign used. The way it can be potentionally used. How long the data bases are kept, how much intercorrelation there is. Google has made arrangments with Gov. agencies, they are/were attempting to scan every document they can get their hands on.
    If you search for say, "sex toys" in google there is a record of it. Or how about "explosives"? Curiosity about a subject is noted and recorded but not the reasons that the search was performed to begin with.
    Gee, I now have google records that I have looked for pornographic sites though in reality it was my very curious and horney 16 year old son. Not important to me now, but if I need to go back to a TS clearance how will that affect the application if the NSA requests my data base that google maintains? They say nothing about it being private from the Gov. Look at the full privacy statements and TOS.
    MS may not be secure, but they do have a record of not cooperating with the gov well.