Presentation is loading. Please wait.

Presentation is loading. Please wait.

Copyright 2005-07 1 and Privacy Roger Clarke Xamax Consultancy Pty Ltd, Canberra Visiting Professor, Department of Computer Science, A.N.U. and in Cyberspace.

Similar presentations


Presentation on theme: "Copyright 2005-07 1 and Privacy Roger Clarke Xamax Consultancy Pty Ltd, Canberra Visiting Professor, Department of Computer Science, A.N.U. and in Cyberspace."— Presentation transcript:

1 Copyright 2005-07 1 and Privacy Roger Clarke Xamax Consultancy Pty Ltd, Canberra Visiting Professor, Department of Computer Science, A.N.U. and in Cyberspace Law & Policy, U.N.S.W., and in eCommerce at Uni. of Hong Kong http://www.anu.edu.au/people/Roger.Clarke/… …/DV/Googacy-070919 {.html,.ppt} ANU DCS – 19 September 2007

2 Copyright 2005-07 2 Google and Privacy Agenda Privacy Googles Business(es) 1A Search-Engine 2Content-Discovery Services 3Content Services 4Data about Users Privacy Protections Consumer Protection Law Privacy Protection Law Privacy Policy Statements DIY Google Mythology

3 Copyright 2005-07 3 Privacy the interest that individuals have in sustaining a 'personal space', free from interference by other people and organisations Privacy Protection a process of finding appropriate balances between privacy and multiple competing interests

4 Copyright 2005-07 4 Privacy cf. Data Protection Dimensions of privacy interest: The Physical Person Personal Behaviour Personal Communications Personal Data Motivations for protecting privacy: Psychological Social Economic Political

5 Copyright 2005-07 5 Research Your Next Appointment Their Site(s)/Blog(s) Event Programs Committee Minutes Letters to the Editor Postings email-lists fora blogs Logs (e.g. in court) IAPs ISPs own machine Media Reports as subject as reporter as commentator as bystander 'Public Records' Court Reports Little Black Books Commercial Databases Dead Pages, from the Wayback Machine Specialist Sites, e.g. Zoominfo.com, Spock.com

6 Copyright 2005-07 6 Privacy Threats from Open Information Discoverability Data Associations Location Habits Consolidation, e.g. for: Profiling Manipulation Character Assassination Data Quality Problems Out-of-Date Incomplete Acontextual Inaccurate Scurrilous Spurious Second-Round Effects More Data Retention More Data Capture

7 Copyright 2005-07 7 Search Engine Operation

8 Copyright 2005-07 8 Googles Business(es) 1. Content Discovery Services The Largest Coverage (size of the Reference List) The Smartest Precedence Algorithm (the sorting part of the Results Formatter) The Fastest, Simplest, Best? Search-Service (a UI for normal people, not specialists) Multiple Constrained Searches (images, blogs, Froogle) Multiple Extension Services (Answers, Scholar) froo·gle (fru'gal) n. Smart shopping through Google

9 Copyright 2005-07 9 Googles Business(es) 2. Content Services Google Earth Google Base Google Video / YouTube... Google News Google Library / Print...

10 Copyright 2005-07 10 Googles Business(es) 3. Data about Users We are moving to a Google that knows more about you Googles CEO NYT, 10 Feb 2005 Round 1 Search-Terms IP-address(es) Click-Trail Click-Throughs

11 Copyright 2005-07 11 Googles Business(es) 3. Data about Users We are moving to a Google that knows more about you Googles CEO NYT, 10 Feb 2005 Round 1 Search-Terms IP-address(es) Click-Trail Click-Throughs Round 2 Google Accounts: Email-Address as Username A Common Cookie

12 Copyright 2005-07 12 Email – Long-Term Risk Exposures Both Partiess IAPs: IP-address(es) used, disclosing location, trail Authorised / unauthorised disclosure, with/without notification Traffic data retention, message retention Mail-Recipients ISP: Access to, and use of traffic Access to, and use of content Authorised / unauthorised disclosure, with/without notification Message retention after download ISP Mail-Hosting / Webmail Message retention, long-term

13 Copyright 2005-07 13 – Yet More Risk Exposures Gmail Subscribers Targeted Ads based on text from senders => consumer manipulation Correlation with Data from Other Services

14 Copyright 2005-07 14 – Yet More Risk Exposures Senders to Gmail Addresses Examination of Text Long-Term Retention Consolidation with Other Sources Long-Term Unauthorised Disclosure No notification of disclosures Senders Generally Postings to Lists if even a single subscriber is a Gmail account Forwards to Gmail accounts Forwards to Lists if even a single subscriber is a Gmail account

15 Copyright 2005-07 15

16 Copyright 2005-07 16 EPIC on Gmail No Non-Subscribers Consent to content extraction Unlimited Data Retention Profiling across Google product line Harms expectation of privacy Insufficient privacy policy No data protection on sale of company or change of company policy http://www.epic.org/privacy/… … gmail/faq.html, August 2004 Gmail is a privacy disaster Google is engaging in indefinite data retention Google has publicly stated it will not discuss law enforcement requests for personal information We have no idea how Google responds to law enforcement, nor how many requests have been received private email from EPIC, 8 Dec 2005

17 Copyright 2005-07 17 v. 1 – October 2004 Search Within Your Own Computer A desktop search application that provides full text search over your email, files, music, photos, chats, Gmail, web pages that you've viewed,... (cf. Apples Sherlock 1998, later Spotlight, and many third-party products for Wintel) It allows people to scan their computers for information in the same way that they use Google to search the web http://desktop.google.com/about.html

18 Copyright 2005-07 18 v. 3 – 9 Feb 2006 Search Across Your Computers BUT In order to share your indexed files between your computers, we securely transmit this content to Google Desktop servers located at Google cf. MS Passport data, centralised at Redmond WA http://desktop.google.com/... features.html#searchremote

19 Copyright 2005-07 19 Would you trust this product ??? Terms: http://desktop.google.com.au/mac/install.html Privacy Policy: Protecting users' privacy is very important to Google and the Third Parties. As a condition of downloading and using the Software, you agree to the terms of the Google Pack Privacy Policy..., which may be updated from time to time and without notice. No Read-Me File accompanies the download. There are no explanations as to how to de-install. It appears that the default may be set to Promiscuous: http://desktop.google.com.au/en/mac/gettingstarted.html#prefs shows 'On'

20 Copyright 2005-07 20 – Googles Social Networking Service Requires a Google Account … Is linked to Gmail... Profiles of Members are: Self-Captured Unauthenticated Profiles of People Nominated by Members: Captured by Members, e.g. by upload of their address-books Unauthenticated Without Consent Discloses Traffic Discloses Social Networks of Members and Non-Members

21 Copyright 2005-07 21 Googles Business(es) 3. Data about Users We are moving to a Google that knows more about you - Googles CEO NYT, 10 Feb 2005 Round 3 Gmail Desktop Desktop v.3 Orkut

22 Copyright 2005-07 22 Google as Wireless Internet Access Provider http://www.techworld.com/mobility/... features/index.cfm?featureid=1837 Acceptance of Googles tender confirmed 5 April 2006

23 Copyright 2005-07 23 12 Months Later... WinterGreen Research, Inc. April 2007 Earthlink and San Francisco have finalised a Wi-Fi contract. The contract enables Earthlink to build a citywide wireless services network and Google to provide free Internet access But, 4 Months After That... Blow as two Muni WiFi schemes fail Financial Times, 31 August 2007 The San Francisco scheme … fell apart on Wednesday night after Earthlink, the [ISP], said it was pulling out of a contract to build the citys WiFi networkEarthlink

24 Copyright 2005-07 24 Doubleclick Major Site-Owners let ad-space to DoubleClick DoubleClick gathers data about all traffic to all such sites, resulting in consumer profiles

25 Copyright 2005-07 25 Doubleclick Major Site-Owners let ad-space to DoubleClick DoubleClick gathers data about all traffic to all such sites, resulting in consumer profiles Google AdSense Minor Page-Owners let ad-space to Google Google gathers data about all traffic to all sites that are AdSense affiliates

26 Copyright 2005-07 26 Doubleclick Major Site-Owners let ad-space to DoubleClick DoubleClick gathers data about all traffic to all such sites, resulting in consumer profiles Google AdSense Minor Page-Owners let ad-space to Google Google gathers data about all traffic to all sites that are AdSense affiliates On 13 Apr 2007, Google bought DoubleClick

27 Copyright 2005-07 27 New York Consumer Protection Board http://www.consumer.state.ny.us/pressreleases/2007/may092007.htm the combination of DoubleClick's Internet surfing history generated through consumers' pattern of clicking on specific advertisements, coupled with Google's database of consumers' past searches, will result in the creation of super-profiles, which will make up the world's single largest repository of both personally and non- personally identifiable information. [bigger than Acxiom?!] The Board expressed concern that these profiles expose consumers to the risk of disclosure of their data to third parties, as well as public disclosure as evidence in litigation or through data breaches.

28 Copyright 2005-07 28 Current Regulatory Investigations http://www.epic.org/privacy/ftc/google/ US Federal Trade Commission http://www.internetnews.com/bus-news/article.php/3680266 EU Directorate on Competition http://ec.europa.eu/comm/competition/index_en.html Aust Competition and Consumer Commission http://www.accc.gov.au/content/index.phtml/itemId/788097 EU Data Protection Commissioners http://ec.europa.eu/justice_home/fsj/privacy/news/docs/pr_21_06_07_en.pdf

29 Copyright 2005-07 29 Googles Business(es) 3. Data about Users We are moving to a Google that knows more about you - Googles CEO NYT, 10 Feb 2005 Round 3 Gmail Desktop Desktop v.3 Orkut Round 4 Google as Wireless IAP Gratis (i.e. ad-funded) Ad Syndication (AdSense) Consolidation of the Consumer Profiles held by DoubleClick and Google

30 Copyright 2005-07 30 Googles Business(es) 3. Data about Users We are moving to a Google that knows more about you - Googles CEO NYT, 10 Feb 2005 Round 3 Gmail Desktop Desktop v.3 Orkut Round 4 Google as Wireless IAP Gratis (i.e. ad-funded) Ad Syndication (AdSense) Consolidation of the Consumer Profiles held by DoubleClick and Google Round 5 Psych profiles from online gaming Face Recognition in Image Search Street View Facebook profiles...

31 Copyright 2005-07 31 Google and Privacy Agenda Privacy Googles Business(es) 1A Search-Engine 2Content-Discovery Services 3Content Services 4Data about Users Privacy Protections Consumer Protection Law Privacy Protection Law Privacy Policy Statements DIY Google Mythology

32 Copyright 2005-07 32 A Normative Template for Terms of Contract for Consumer Transactions http://www.anu.edu.au/people/Roger.Clarke/EC/ICEC06.html#TNT Information Terms Security Choice Consent Recourse Redress

33 Copyright 2005-07 33 The Normative Template for Marketer-Consumer Communications Information Terms Security Choice Consent Recourse Redress Recourse Enquiry and Complaints Process accessibility prompt acknowledgement copy into the consumer's email-archive responsiveness to enquiry or complaint acknowledgement resolution Restitution product quality shortfalls own products and services third-party products and services fulfilment quality shortfalls payment errors External Complaints Mechanisms information provided about them prompt and appropriate communications with regulators

34 Copyright 2005-07 34 Googles Challenges to Consumer Law Consumer Benefits Enormous Gratis But there is consideration: acceptance of advertising, including intrusive attention-grabbing devices (blink, popups) Terms: Non-Negotiable Non-Transparent Changeable at whim Not Version-Managed Recourse All-But Non-Existent No sign of recovery of lost consumer protections WSIS 2005, IGF are vacuous

35 Copyright 2005-07 35 Information Privacy The interest an individual has in controlling, or at least significantly influencing, the handling of data about themselves Regulation: Data Protection Law, enforced by a Regulator [EU, Others – ???] Co-Regulation: Privacy Policy Statements, enforced by a Regulator e.g. through Trade Practices Law [US – ??] Self-Regulation: Privacy Policy Statements without enforcement [US actual] Achieved Through

36 Copyright 2005-07 36 28th International Data Protection and Privacy Commissioners' Conference London, United Kingdom – 2 and 3 November 2006 Resolution on Privacy Protection and Search Engines http://www.bfdi.bund.de/cln_029/nn_533554/SharedDocs/Publikationen/EN/InternationalDS/Conferen ceOfInternationalDataProtectionCommissioners2006- ResolutionSearchEngines,templateId=raw,property=publicationFile.pdf/ConferenceOfInternationalDat aProtectionCommissioners2006-ResolutionSearchEngines.pdf … providers of search engines … shall not record any information about the search that can be linked to users or about the search engine users themselves. After the end of a search session, no data that can be linked to an individual user should be kept stored unless the user has given his explicit, informed consent to have data necessary to provide a service stored (e.g. for use in future searches)

37 Copyright 2005-07 37 A Privacy Statement Template http://www.anu.edu.au/people/Roger.Clarke/DV/PST-051219.html Data Collection Data Security Data Use Data Disclosure Data Retention and Destruction Access by You to Your Personal Data Information about Data Handling Practices Handling of Enquiries, General Concerns and Complaints Enforcement Changes to These Privacy Undertakings Definitions

38 Copyright 2005-07 38 Googles Privacy Statement http://www.anu.edu.au/people/Roger.Clarke/DV/PST-Google.html Cookies not RFC2964-compliant Cookies and Login (with Email- Address as Username) enable the consolidation of a very substantial amount of identified personal data, without informed consent Purposes of Use and Disclosure vague but very extensive Storage in Data Havens (such as the USA) Non-Consensual Use and Disclosure (presumption of consent, i.e. opt-out) Extraneous Disclosures not notified to the individual concerned No Information provided about Data- Handling Policies and Practices No Assurances whatsoever re: Access by the Data Subject [new WebHistory feature?] Data Quality Data Correction or Deletion Data Relevance Data Retention, Destruction No Consultation with Privacy Advocacy Organisations Deficient Complaint-Handling Procedures The Undertakings are Void in the event of merger, acquisition or sale of assets The Undertakings are Unenforced, and Probably Unenforceable

39 Copyright 2005-07 39 Paranoia http://www.google-watch.org/

40 Copyright 2005-07 40 DIY Privacy-Protection http://www.freenet.org.nz/misc/google-privacy.html A simple HOWTO for stopping Google from logging your search history. In summary, the solution is to : clear all long-lasting cookies set your browser to not keep cookies between restarts divert all google requests out through an anonymous proxy BUT ALSO !!! Frequently re-start Dont register Dont use DeskTop, Gmail, … Dont send to Gmail accounts...

41 Copyright 2005-07 41 Google Mythology: Do No Evil Two variants are evident on the web-site: (1)number 6 of 'Ten things Google has found to be true': "you can make money without doing evil". But that statement is descriptive, not normative (2)"Our informal corporate motto is 'Don't be evil' " But that statement is part of a Code of Conduct communicated to investors, not customers, and is in any case completely non-binding There is an relevant corollary: "You can make money without doing evil; but you can make more money by doing evil" Given the legal obligations of corporations, the epithet actually implies that evil should be done

42 Copyright 2005-07 42 Google Mythology: "Protecting users' privacy is very important to Google" World's-Worst Privacy Policy stance "We will remove IP-addresses after 18 mths" (They don't need them beyond 18 seconds) "We will auto-delete cookies 2 yrs after last visit" (Gobbledygook. They're remote from them … And there's no need for long-term cookies at all. It's better to block cookies, auto-delete cookies, delete cookies, and/or use a nymous proxy-server) Argues at UNESCO for standardisation on the world's weakest code. (The APEC code was designed by privacy-hostile USA with Australian help, using privacy-hostile Asia as the excuse)

43 Copyright 2005-07 43 Google and Privacy Recapitulation Privacy Googles Business(es) 1A Search-Engine 2Content-Discovery Services 3Content Services 4Data about Users Privacy Protections Consumer Protection Law Privacy Protection Law Privacy Policy Statements DIY Google Mythology

44 Copyright 2005-07 44

45 Copyright 2005-07 45 and Privacy Roger Clarke Xamax Consultancy Pty Ltd, Canberra Visiting Professor, Department of Computer Science, A.N.U. and in Cyberspace Law & Policy, U.N.S.W., and in eCommerce at Uni. of Hong Kong http://www.anu.edu.au/people/Roger.Clarke/… …/DV/Googacy-070919 {.html,.ppt} ANU DCS – 19 September 2007


Download ppt "Copyright 2005-07 1 and Privacy Roger Clarke Xamax Consultancy Pty Ltd, Canberra Visiting Professor, Department of Computer Science, A.N.U. and in Cyberspace."

Similar presentations


Ads by Google