Google Privacy Policy: 2007 in Review
Google has posted a video recap of 2007’s privacy policies. In the heart of “don’t be evil”, Google Global Privacy Counsel member Peter Fleischer covers Google’s position on some of the toughest privacy topics of our time.
- Cookie Expiration and Log purging
Google will be implementing a realistic expiration date on cookies it gives to users. The previous expiration date was more than 30 years, and critics said this set a bad example and was an unnecessary amount of time to hold a cookie. Although cookies do not contain sensitive data, per se, I think it is important to be explicit and thoughtful of how long websites intend cookies to remain useful. The idea of Log purging fits this vein but has potentially greater impact. Because it is feasible that logs can be traced to individuals, by purging logs Google is absolving itself from the responsibility of holding information on people that governments of the future may seek. The fact the data is being destroyed means our privacy will be protected regardless of how legislation attempts to infringe in the future.
- Google Earth/Street View
Recently Google has been documenting city streets with omni directional photographs and attaching this data to its Google Maps. This has a lot of people up in arms, as they feel that there is potential for incrimination or spying based on images of license plates, faces, and people being captured and published online. Google is entitled to do this by the laws regarding public space in America. However, this tests our principles behind the laws when explored on such a massive scale.
- Privacy through obfuscation
Peter reflects upon the phenomenon of data availability infringing upon privacy. There have long been public records available in different areas such as home purchases, partial medical records, and political voting trends. Privacy was protected because it was difficult to get these records or view them in any timely way (ie, you would have to go to the library and get the records in paper and look something up). Now that these records are being moved to databases and can be searched and cross references, there have been a number of privacy issues arising. In the future, we must find ways to better refine how to protect data and still keep records of necessary information available.
The decisions that Google makes have a huge impact on how our privacy is protected online. As internet users, we must go to great lengths if we want to avoid contact with Google, and to some degree it is impossible. Because of this, it is important to be aware of policy decisions that Google is making and how it will affect how much is or is not known about our data on the Internet. Be in the know and you can protect yourself as well as know what not to worry about.
Comment by mccoyt
February 10, 2008 @ 1:20 pm
Google’s full privacy policy: http://www.google.com/privacypolicy.html
The challenge with an organization like Google is the enormous breadth of information that they store about many of their users. In my case, they know what I search for, what sites I visit, what I buy, the contents of my email, the value of my investments, upcoming events I plan to attend, and the material contained in my online documents. Given that wide range of data that can be personally tied to me, a principle concern with Google is that their privacy policy is not detailed enough to allow me to make truly informed choices about using their services. Nearly every paragraph addresses how most of the data is treated most of the time, but finding hard numbers or technical specifics is difficult to do.
Perhaps of more interest is considering the wider context of the role of privacy policies online. More specifically, given that most company’s policies are similarly devoid of specfic information handling practices, is it possible for the market to take such policies into account when consumers are chosing where to take their business? Similarly, if they had such information, would it actually change their behaviors? Consider the likely outcome if Live Search were to come out with the most detailed and privacy friendly policy of any of the major search engines. I think it highly unlikely that any measurable number of people would change providers on that basis alone. We see, then, the apparent value placed on privacy by the general online population is very low.
Considering that Google has arguably faced the most intense privacy scrutiny of any major internet company, and it has a generally respected reputation of addressing customer concerns, the fact that even it has not provided such detail is telling of how little market pressure there is for companies to become more privacy friendly. Indeed, it seems likely that doing so would run counter to many of their own business interests. As a result, it seems unlikely that we will witness any sort of sea-change in the area of privacy in the near future. We can only hope that as consumers become increasingly reliant on web service providers to handle their data, they will also become more stringent in their expectations of privacy from those whom they chose to do business with.