The Times Comment page: I'm not nuts: they really are out to get you
Google knows a lot more about your personal life than you think. Oh, and so do hackers and the State... By David Rowan
Self-avowal is invariably the toughest of the 12 recovery steps. So here, gratifyingly, let me publicly confess: I Was A Guardian Journalist. Having submitted to a searching personal moral inventory, I admit, to God and myself, to having swallowed the entire liberal schtick, from the presumption of corporate irresponsibility to the grinding paranoia about Big Brother surveillance. It is therefore disconcerting, just as I was finally re-integrating into mainstream society, to find Google's fight with the US Justice Department provoking an almighty storm over web users' fast-eroding privacy rights. At the risk of relapsing, may I now convince you that they really are out to get us?
Google, under increased assault lately over its perceived arrogance, finds its halo suddenly burnished by refusing to hand Washington a week's worth of anonymised search data. While not quite David vs Goliath - Google still happens to be history's fastest-growing company - its refusal to bow to a government subpoena has played well against the shameless complaisance of Microsoft, AOL and Yahoo!, and has sent the blogosphere into paroxysms of cheer for honouring its refusal to be "evil". A more credible explanation for the stand-off is the commercial risk that shareholders may identify in submitting to political interference. If you happen to be running a $120 billion business, the share price matters more than the approval of a few libertarian bloggers.
The truth is that Google can never be trusted to protect your personal information. As ever more aspects of our lives are conducted through electronic databases, it is safe only to assume that your internet search history, your email trail, even some of your physical movements are being logged by organisations that care little about your privacy. As your data trail grows, its value increases to any hacker or petty bureaucrat who is motivated to trawl. That may not bother you in these early days of the great digital adventure. But how exposed will you be in the future, when your every historic web search and e-mail indiscretion has been linked to all those other error-strewn databases, so that your indelible electronic trail affects your employment prospects, your insurance rates, perhaps your ability to travel unimpeded to foreign lands?
Consider the unfeasibly detailed profiles that Google even today can build of its regular users. If you search casually for information about medications or a particular sexual proclivity, your interests are matched to your computer using a cookie set to expire in 2038. Deleting cookies - lines of code deposited in your PC - may not protect you: searches may also be matched to your PC's particular internet protocol address, which can if necessary be used to locate you via your service provider. Should you log in to Google to collect your webmail or personalise your home page, the central servers will accumulate another potentially vast tranche of data traceable back to you. As the company is so vague about its time limits for storing personal information, you may wish to assume that it keeps it for ever.
Personal search histories are already exciting law enforcement. At a North Carolina murder trial last November, prosecutors presented the defendant's alleged Google searches for the words "neck" and "snap" as evidence of his premeditation. It can be only a matter of time before Charles Clarke proposes "pre-crime" units, as foreseen in Minority Report, that would monitor citizens for potentially unsociable thoughts. That would certainly match the ambition of Larry Page, Google's co-founder, to index all information everywhere: as he told Reuters a couple of years ago, he was excited about having users' brains "augmented" by Google so that "you (would) think about something and your cell phone could whisper the answer into your ear".
Those with nothing to hide, I hear you retort, have no reason to fear data leakage. Perhaps, but imagine the interest your online profile - from family photos to blog posts - could provide business rivals, vengeful ex-lovers or medical insurers. The more data that Google and other web companies gather, the greater its commercial value to those willing to compromise you for a buck. If Delhi call-centre workers can make cash selling customer bank details, and police civilians can profit from flogging newspapers celebrity tips from the Police National Computer, how much more would a red-top newspaper have paid to obtain Mark Oaten's online interests?
If the Justice Department subpoena prompts a wider debate about digital privacy, it will come at a valuable moment for British citizens too. As the Government rushes to track us on databases covering ID cards, medical records, children's development, even real-time movements of our cars by number-plate recognition, we need to question the data security of their systems, their propensity to propagate inaccurate and often damaging personal histories, and the pernicious tendency for information collected for one purpose to be quietly extended to others completely unrelated. Most of all, we have to consider how prepared we are to tolerate the malicious uses to which our private information will inevitably be put. Whether it is 40 million credit card accounts hacked last summer, or the Merseyside council CCTV operators caught training their camera on a woman's bathroom, the bad guys will inevitably get through.
So no, I shall no longer apologise for refusing a lifestyle-revealing Tesco loyalty card, for registering my radio-tagged Oyster smartcard under a false name and address, and for juggling half a dozen internet search engines to confound their attempts to profile me. Dismiss me as an eccentric if you must. Though when you do e-mail to trash me, I'd appreciate your not using your Googlemail account.
(The Times Op-ed page, January 24 2006)
Self-avowal is invariably the toughest of the 12 recovery steps. So here, gratifyingly, let me publicly confess: I Was A Guardian Journalist. Having submitted to a searching personal moral inventory, I admit, to God and myself, to having swallowed the entire liberal schtick, from the presumption of corporate irresponsibility to the grinding paranoia about Big Brother surveillance. It is therefore disconcerting, just as I was finally re-integrating into mainstream society, to find Google's fight with the US Justice Department provoking an almighty storm over web users' fast-eroding privacy rights. At the risk of relapsing, may I now convince you that they really are out to get us?
Google, under increased assault lately over its perceived arrogance, finds its halo suddenly burnished by refusing to hand Washington a week's worth of anonymised search data. While not quite David vs Goliath - Google still happens to be history's fastest-growing company - its refusal to bow to a government subpoena has played well against the shameless complaisance of Microsoft, AOL and Yahoo!, and has sent the blogosphere into paroxysms of cheer for honouring its refusal to be "evil". A more credible explanation for the stand-off is the commercial risk that shareholders may identify in submitting to political interference. If you happen to be running a $120 billion business, the share price matters more than the approval of a few libertarian bloggers.
The truth is that Google can never be trusted to protect your personal information. As ever more aspects of our lives are conducted through electronic databases, it is safe only to assume that your internet search history, your email trail, even some of your physical movements are being logged by organisations that care little about your privacy. As your data trail grows, its value increases to any hacker or petty bureaucrat who is motivated to trawl. That may not bother you in these early days of the great digital adventure. But how exposed will you be in the future, when your every historic web search and e-mail indiscretion has been linked to all those other error-strewn databases, so that your indelible electronic trail affects your employment prospects, your insurance rates, perhaps your ability to travel unimpeded to foreign lands?
Consider the unfeasibly detailed profiles that Google even today can build of its regular users. If you search casually for information about medications or a particular sexual proclivity, your interests are matched to your computer using a cookie set to expire in 2038. Deleting cookies - lines of code deposited in your PC - may not protect you: searches may also be matched to your PC's particular internet protocol address, which can if necessary be used to locate you via your service provider. Should you log in to Google to collect your webmail or personalise your home page, the central servers will accumulate another potentially vast tranche of data traceable back to you. As the company is so vague about its time limits for storing personal information, you may wish to assume that it keeps it for ever.
Personal search histories are already exciting law enforcement. At a North Carolina murder trial last November, prosecutors presented the defendant's alleged Google searches for the words "neck" and "snap" as evidence of his premeditation. It can be only a matter of time before Charles Clarke proposes "pre-crime" units, as foreseen in Minority Report, that would monitor citizens for potentially unsociable thoughts. That would certainly match the ambition of Larry Page, Google's co-founder, to index all information everywhere: as he told Reuters a couple of years ago, he was excited about having users' brains "augmented" by Google so that "you (would) think about something and your cell phone could whisper the answer into your ear".
Those with nothing to hide, I hear you retort, have no reason to fear data leakage. Perhaps, but imagine the interest your online profile - from family photos to blog posts - could provide business rivals, vengeful ex-lovers or medical insurers. The more data that Google and other web companies gather, the greater its commercial value to those willing to compromise you for a buck. If Delhi call-centre workers can make cash selling customer bank details, and police civilians can profit from flogging newspapers celebrity tips from the Police National Computer, how much more would a red-top newspaper have paid to obtain Mark Oaten's online interests?
If the Justice Department subpoena prompts a wider debate about digital privacy, it will come at a valuable moment for British citizens too. As the Government rushes to track us on databases covering ID cards, medical records, children's development, even real-time movements of our cars by number-plate recognition, we need to question the data security of their systems, their propensity to propagate inaccurate and often damaging personal histories, and the pernicious tendency for information collected for one purpose to be quietly extended to others completely unrelated. Most of all, we have to consider how prepared we are to tolerate the malicious uses to which our private information will inevitably be put. Whether it is 40 million credit card accounts hacked last summer, or the Merseyside council CCTV operators caught training their camera on a woman's bathroom, the bad guys will inevitably get through.
So no, I shall no longer apologise for refusing a lifestyle-revealing Tesco loyalty card, for registering my radio-tagged Oyster smartcard under a false name and address, and for juggling half a dozen internet search engines to confound their attempts to profile me. Dismiss me as an eccentric if you must. Though when you do e-mail to trash me, I'd appreciate your not using your Googlemail account.
(The Times Op-ed page, January 24 2006)
<< Home