Saturday, 8 May 2010

Google & privacy - response to privacy chiefs, PbD, StreetView, IP anonymisation

Google have replied to the letter from privacy regulators in Canada, France, Germany, Ireland, Israel, Italy, Netherlands, New Zealand, Spain and UK criticising Google's actions in relation to Buzz and Streetview - see Google's response letter. (Again, interestingly hosted on Scribd rather than their own Google Docs)

Google said they're "keenly aware of the trust that our users place in our services, and of our responsibility to protect their privacy. As part of this responsibility, we are committed to being transparent with our users about the information that we collect when they use our products and services, why we collect it and how we use it to improve their experience."

They recited the 5 privacy principles underlying their approach to privacy and user information across Google products (principles spoofed so well by Privacy International - my thoughts on them are in the same blog post).

Google also pointed out their efforts and tools to assist user understanding of their privacy practices to promote transparency -

    • Google Privacy Center,
    • frequently asked questions,
    • blogs on privacy issues
      • oddly enough there's no RSS/Atom newsfeed available for that page, so here's the Google privacy blogs feed URL I generated through Google Reader
    • videos on privacy,
    • their Google Dashboard to empower users to view and control their information (even the infamous Buzz) stored in their Google Account, now 6 months old
      • the letter said "on average, around 100,000 unique visitors a day check it out, 85 percent for the first time." It would be useful not just to know how many people are "checking it out", but that they can and are actually making use of it to change privacy preferences to what they as users want (not just to one of the increasingly limited range of options the provider chooses to made available - here I have in mind more Facebook's recent changes!)
      • privacy advocate and security expert Moxie Marlinspike put that better, making the point that Dashboard may in fact be antithetical to privacy - it 'only shows some of the information that are most obviously connected to a Web user. “[Dashboard's use] requires that you have an account [with Google], be logged in while using the services and maintain a persistent cookie. It’s a brilliant move on their part.”'
    • their Data Liberation Front team "whose singular goal is to make it easier for users to move their data in and out of Google products… because we believe users should use Google products for their quality, not because of their inability to remove their data."
      • that's not really a privacy point, is it? Data portability yes, and avoiding lock-in too, those are good for providing incentives to use Google - but they still need to assure us that our data will be kept secure and private!

Google acknowledged they don't "get everything 100% right — that is why we acted so quickly on Google Buzz following the user feedback we received, and said they "expressed their commitment "to ensuring that privacy is designed into our products at every stage of the development cycle. Respecting privacy is part of every Googler's job. We also have a team of seasoned privacy professionals, including legal, policy, security and engineering experts, to help guide the development of responsible privacy policies across Google"

Google also said they want to "continue working with [privacy / data protection regulator] offices and to benefit from your guidance in the future as we build privacy into new, innovative products for our users."

Google's stated commitment to privacy by design sounds good, but of course what really matters is to what extent worthy words are translated into actual action.

Google's recent revelations that its Street View vans & cars were collecting info on wifi networks as well as street photos might be seen as a step in the direction of better transparency, and so too (at least as regards government actions) Google's publication of info on government requests for data on individuals or to take down or block sites, plus their blogs about openness.

On the other hand there have been accusations that Google weren't very transparent in saying that they anonymize users' IP addresses after 9 months, when in fact they just "obfuscate" IP addresses.

Quite apart from transparency, it's vital that Google as a minimum builds into their internal procedures, as standard, a set-in-stone requirement that all new products or services like Buzz (or indeed modifications) must be vetted in advance for privacy & data protection as well as other legal issues, before they are unleashed on the wider public.

Look what happened with Google's Chrome browser, for instance, where there was a huge fuss in the blogosphere over Google Chrome's terms of service whereby apparently Google claimed a perpetual licence to use any content published or displayed by users through the browser!

It seems to me that actually that was probably just a case of no one from Legal having had a chance to properly tailor Google's boilerplate terms of service to suit a web browser product (as opposed to a web service) before it was launched - but that failure brought Google a lot of bad publicity.

Hopefully Google will have taken on board the lessons from the Chrome TOS and Buzz incidents and embed considerations of legal issues (and consultation with regulators where possible) into their business processes - including the promised privacy by design.

©WH. This work is licensed under a Creative Commons Attribution Non-Commercial Share-Alike England 2.0 Licence. Please attribute to WH, Tech and Law, and link to the original blog post page. Moral rights asserted.