Google recently announced some changes to their privacy policy, and policy makers (The Article 29 Working Party) in the EU are calling for a pause to the new changes saying they need to investigate the agreement to ensure that users’ information is protected. There are also concerns that the new policy may violate the terms of a Google Buzz-FTC settlement, according to the US-based Electronic Privacy Information Center (EPIC).
The commissions are right to be concerned, Google trimmed the once-hefty 70+ page policy collection into a single document, to go into effect March 1st 2012. The new agreement makes some broad strokes about sharing information across Google services.
Regarding the FTC decision, and whether Google is violating the decision in the Google Buzz case, I don’t think so. There are no third parties involved (information is being shared across Google services, not third party networks), and users are being given plenty of notice to understand how their information is being collected and used. But what Google hasn’t really done, is provide a clear definition of consent – one of the two core tenets of privacy (the other being a reasonable excuse for collecting information).
Google is firing back, however, stating that there are several ways user can protect their information or, “opt out”. They can disable their search history, for example, or they can use multiple accounts to help compartmentalize data. Director of public policy, Pablo Chavez, spells it out.
“The main change in the updated privacy policy is for users signed into Google Accounts,” Pablo Chavez, director of public policy for Google, said in the letter. “Individuals don’t need to sign in to use many of our services including Search, Maps, and YouTube. If a user is signed in, she can still edit or turn off her search history, switch Gmail chat to off the record, control the way Google tailors ads to her interests using our Ads Preferences Manager, use Incognito mode on Chrome, or use any of the other privacy tools we offer.”
The safeguards are there, but one wonders if they’re adequate.
What could Google be doing?
Well, in plain language, ask for consent at every opportunity and clearly explain the consequences. If I consent to be advertised to on YouTube, will that mean I consent to being advertised to on other Google sites? I don’t mind, just tell me up front. But steps like that could cut into Google’s 28 billion dollar ad revenues, as could clear and prominent opt out language. In those cases, Google isn’t being reasonable. Opting out should be easy, like in newsletter subscriptions. But neither Facebook or Google make it easy to opt out of all their services, certainly not easy enough for my Mom to figure it out.
Increased pressure from the EU, from Canada and organizations in the US, might push both companies to make radical shifts in how they interact with, and especially how they advertise to people.
Related content
The FTC ruling for Google Buzz
Europeans, EPIC Bring More Scrutiny To Google Privacy Changes
Google responds to privacy policy concerns
This entry was written by Sean Enns, posted on February 3, 2012 at 2:02 pm, filed under Privacy, Search Engine Optimization. Leave a comment or view the discussion at the permalink.
Google has announced some changes to their privacy policy. The current arrangement includes a total of 70 separate documents covering all of their services. On March 1st, 60 of those documents are being rolled into one main privacy policy.
The new privacy policy, which is available for preview now, is short and wonderfully free of legalese. That’s not to say that there’s nothing troubling in the new policy, there’s a couple of sections that have me concerned. The first (not necessarily in order of appearance) talks about how Google is moving to track your behaviour across all of their services. As a Google fan (and I am), I think this is a good move for personalized search. However:
We may use the name you provide for your Google Profile across all of the services we offer that require a Google Account. In addition, we may replace past names associated with your Google Account so that you are represented consistently across all our services. If other users already have your email, or other information that identifies you, we may show them your publicly visible Google Profile information, such as your name and photo.
So, if on Google Docs, you’re Sean Enns (as I am) and on YouTube you’re Harbour City SEO (as I am), they’ll replace one to make it synchronous with the other. That’s fine, so long as I have the choice. The troubling bit is here: “If other users already have your email, or other information that identifies you, we may show them your publicly visible Google Profile information, such as your name and photo.”
Emails are easy to get, most people have their email posted publicly somewhere (their Facebook page, for instance), so this represents a privacy nightmare and a goldmine for phishers and data miners. Google would be smart to dress this up a bit, perhaps by offering a link to some advanced privacy controls. I, for one, would like to be able to tell Google exactly how many connections someone should have with me before they’re able to see my personal profile.
The second bit needs some serious clarification, in my opinion. It reads:
We use the information we collect from all of our services to provide, maintain, protect and improve them, to develop new ones, and to protect Google and our users
The word that has me concerned is “protect”. It’s a powerful word, and it’s unclear (in this iteration) exactly whom Google is protecting their services from, and whom they’re protecting me from. Terrorists? Microsoft? Twitter? Google needs to clarify what they mean here.
The answer
I’ve always said this about Google. Because Google is a private company, their first responsibility is to the shareholders, not to the user. Based on my readings, Google seems to try quite hard to find the balance between the two, but their sole purpose is to increase market share. They don’t owe me anything, and anything they give me (such as free traffic from organic search results) is a gift, not a right.
If you don’t like the scope of what Google is doing with your info, while you can’t necessarily opt out, you can log out. When you’re finished checking your Gmail, log out. Surf anonymously, disable cookies on your browser. It’s the best tool you have to ensure that your personal information isn’t being collected and used across platforms. Your search results won’t be as relevant, or as rich, but your personal information will stay that way.
Related content:
Google’s New Privacy Policy Raising Questions in Washington
Google’s New Terms Of Service & Privacy Policy: Anything You Do May Be Used To Target You?
This entry was written by Sean Enns, posted on January 25, 2012 at 12:41 pm, filed under Marketing, Privacy and tagged Google. Leave a comment or view the discussion at the permalink.
Harbour City SEO will be going offline on Wednesday, January 18th. Not for maintenance, but as part of one of the internet’s largest protests of all time.
The Stop Online Piracy Act has garnered massive attention over the last several months from privacy advocates, from free speech enthusiasts, from web giants and service providers, everybody is chiming in with their various cents’ worth. It’s gone so far as to launch an online rebuttal that’s going to go down in history (such as it is) as the day the Internet went black.
This isn’t a case of a few left-wing fringe elements going down, there are major players involved in the day long strike. Wikipedia, BoingBoing, WordPress, Reddit, Mozilla, ICanHasCheezburger and Failblog (etc., etc. and to name just a few) are going dark for the day to protest a bill that, while on its last legs, still has enough teeth to come back and bite us all in the pitoot.
So, it’s easy enough to not link to or host pirated content, but that’s not what has netizens in an uproar. It’s that the sweeping ambiguities of the bill imply that you could be penalized for who you link to, links to.
Let me give you an example. Let’s say I’m writing a piece (as I do) about file sharing, and let’s say I link to the infamous Pirate Bay as an example of how file sharing has been used to illegally share and distribute intellectual property.
According to SOPA, I could be tagged for violating the rights of any organization who’s intellectual property is being shared on the site I linked to. Under SOPA, my site would have to be pulled down, my ISP would be required to deny service and Google would be required to remove my site from the index.
There are other examples, less (that’s right, less) insidious in nature. The implications lead to a censored web, where content is controlled by the biggest holders of intellectual property (the film, television and music industry) and eliminates the “fair” internet.
While SOPA has essentially been shelved, the major opposition to the bill is still planning to speak out against it. This from the Sopa Strike website
On January 18th, 2012 the internet is going on strike to stop the web censorship bills in Congress! Now is our moment — we need you to do everything you can, whether you have a website or not.
If you, like me, want to support opposition to SOPA and PIPA, you can show your support by joining the Blackout SOPA movement. I’ve included a bunch of links below so you can get caught up on the issues.
WordPress plugin to participate in the SOPA Blackout
This entry was written by Sean Enns, posted on January 16, 2012 at 5:03 pm, filed under Privacy, Social Media. Leave a comment or view the discussion at the permalink.
All this talk about privacy, I didn’t even have a privacy policy on my site.
It’s a massive oversight on my part, something I should have done as soon as I set up a contact form and launched a newsletter signup form. If you collect information from your visitors, it’s never too late to put a policy on your site. If you don’t know where to start, there are plenty online. You could even link to this one, or copy mine and edit it to suit your needs.
Harbour City SEO: Privacy Policy
This entry was written by Sean Enns, posted on January 21, 2010 at 8:15 pm, filed under Privacy and tagged Blog, Harbour City SEO, Reference. Leave a comment or view the discussion at the permalink.
Facebook Connect and Facebook Platform (for developers) are a big part of the strategy that has grown Facebook into a site with 350 million users. That growth seems to be the primary goal of Mark Zuckerberg, rather than taking extra measures to protect the privacy of its userbase.
In an interview with Techcrunch, Zuckerberg answers a question about privacy by saying “People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people. That social norm is just something that has evolved over time.”
If Facebook is to pay its investors, it has to focus on growth and monetization, but neither of those are conducive to improved privacy protection for the users, who have undergone changes to the privacy policy twice in the last year.
It matters to me, I believe strongly in protecting and safeguarding personal information because I’ve seen the lengths people will go to to get it (and what they’ll do with it), but I wonder how much it matters to others who seek a louder voice in the crowd or, in Facebook’s case, a direct link to all the voices.
Here’s the video from USTREAM.
This entry was written by Sean Enns, posted on January 20, 2010 at 10:33 pm, filed under Privacy and tagged Reference. Leave a comment or view the discussion at the permalink.