Fear mongering in the name of privacy

If you want your private data to remain private, here's a piece of friendly advice - don't use the Internet. Don't use web-based e-mail, instant messaging, net telephony, file sharing, or any other service that might record a transcript of your activities, interest, and conversations.

I don't want to sound peeved but the reaction from people I generally consider to be thoughtful and reflective yesterday to a feature in Google's latest beta release of their Desktop Search is the online equivalent of running into a crowded room and shouting "Fire! Fire!" at the top of your lungs.

Privacy is a big, gnarly issue that anyone who uses the public network should think about carefully. I work in the information security business. I spend a big part of my day writing web content discussing the importance of using strong encryption and authentication, well-crafted passwords, public keys, and other technology tools to protect data in transit. As the way we work moves our data inexorably onto remote servers that are often owned by someone other than ourselves or the organization we work for, this will only become more important and require greater deliberation.

Anytime you create a doorway to the outside world, there is an element of risk involved. Use a file sharing technology like BitTorrent and you've opened a door onto your machine. Use a VoIP telephony application like Skype and you allow your machine to become part of a big peer-to-peer network. Use HotMail, Yahoo! mail, or Gmail and your private data is stored on someone else's hardware protected by nothing more than a password.

Google Desktop 3 is a nice release. It has some interesting new features and provides a lot of useful functionality. But reading the tech blogs, you'd swear that the latest beta release from Google is a fiendish plot to undermine our right to privacy. Consider these frightening headlines and introductory sentences:

B2Day: Would you trust Google with your desktop? Google has a new version of its desktop search product, which sports a feature that sounds both incredibly useful and raises serious privacy concerns. 

DotMyBlog: Privacy? What's That? Mike is raising some serious and legitimate concerns about the recently released Google Desktop 3.0 and how slowly it erodes end-users privacy.

Bayosphere: Google's Latest Convenient Privacy Problem Is the convenience worth the potential for invasion of privacy? Not in my view. (That's the entire post BTW except for a quote from the EFF, reproduced below, via Boing Boing.)

Michael Arrington at TechCrunch writes a generally thoughtful and balanced piece but obscures it behind a tabloid headline. 

TechCrunch: Google Desktop 3.0: Privacy is Dead(er) The biggest change is the option to store your hard drive index on Google’s servers instead of locally on your own computer. This allows searches from a remote computer (such as a work computer). This is of course a touchy privacy subject, but the ability to search from a remote computer will be very welcome by some users.

And here's the grandaddy of them all - the Electronic Frontier Foundation - uttering an incredibly inflammatory statement that I find impossible to defend. It's factually incorrect fear-mongering of the worst sort (the statement in bold is my emphasis):

"Google today announced a new "feature" of its Google Desktop software that greatly increases the risk to consumer privacy. If a consumer chooses to use it, the new "Search Across Computers" feature will store copies of the user's Word documents, PDFs, spreadsheets and other text-based documents on Google's own servers, to enable searching from any one of the user's computers. EFF urges consumers not to use this feature, because it will make their personal data more vulnerable to subpoenas from the government and possibly private litigants, while providing a convenient one-stop-shop for hackers who've obtained a user's Google password.

OK, so far so good. No argument with this lead paragraph. But the very next paragraph goes right off the deep end:

"Coming on the heels of serious consumer concern about government snooping into Google's search logs, it's shocking that Google expects its users to now trust it with the contents of their personal computers," said EFF Staff Attorney Kevin Bankston. "Unless you configure Google Desktop very carefully, and few people will, Google will have copies of your tax returns, love letters, business records, financial and medical files, and whatever other text-based documents the Desktop software can index. The government could then demand these personal files with only a subpoena rather than the search warrant it would need to seize the same things from your home or business, and in many cases you wouldn't even be notified in time to challenge it. Other litigants—your spouse, your business partners or rivals, whoever—could also try to cut out the middleman (you) and subpoena Google for your files.""

WRONG! Untrue. When you install Google Desktop, the option to make your desktop searchable is turned OFF by default.  You have to make an overt decision to turn it on. This requires the following steps:

  1. Click "Desktop Preferences" on the main Google Desktop window in your browser.
  2. Click the "Gmail and Search Across Computers" tab
  3. Check a box labeled "Search Across Computers" which is displayed with the following text: "Index and search my documents and viewed web pages from across all my computers. (This feature stores your indexed files on Google Desktop servers for copying to your other computers. Learn more about this feature or our Privacy Policy.)"
  4. Decide what will be copied to Google's servers that can be searched from your other computers (documents, web history, or both).

In other words, you have to consciously configure Google Desktop before any of your information is uploaded to Google's servers and potentially put in harm's way.

Don't get me wrong. I value the work the EFF does. My company has donated software to the organization because we believe in what they stand for and the good work they do. I've personally made financial contributions to the organization and encouraged others to do the same. But this is over the top. 

Are there privacy implications here? Absolutely. Should you use this feature? That is entirely up to you. If you have condfidential information on your PC, probably not. If you're concerned about the government or hackers or "other litigants" gaining access to your data while it resides on Google's servers, definitely not. Let them subpoena your PC. Which they will - and much more easily than fighting their way through Google's army of lawyers.

Will I be using this feature? No. Did I arrive at this decision because I have concerns about my privacy? Not really. It's simply not terribly useful to me. I use my Tablet PC as my primary computer. I always have it with me. This feature simply doesn't add a lot of value for the way I work. But that's a completely different discussion that the hysterical reaction being expressed by the EFF and other smart people who ought to know better and from whom I've come to expect a bit more thoroughness and balance.

UPDATE: The latest edition of OnTheRun with Tablet PCs, a weekly podcast I co-host with fellow Tablet PC MVP James Kendrick is now available. In this week show, James and I spend some time discussing this topic and the implications that applications like Google Desktop 3 have for mobile computing.