I personally love Google and have since the first search I made 7+ years ago. I remember it clearly, I was at my first dot com gig and I made a search for some obscure technical detail. I was shocked that the first result took me to what I was looking for, and it has been my homepage ever since.
Unfortunately I’ve had to turn a blind eye to the serious privacy concerns I’ve had. The functionality they provide is so critical to my job that I have chosen to slightly alter my behavior and then proceed with indifference.
I always configure my browser to not store cookies (the number one feature to choose FireFox over IE); a practice that was instigated when I learned Google sent the same cookie from each machine when a search was made. I use Tor and Privoxy to achieve true anonymity when researching certain topics. I will never use their desktop client.
However, two pieces of good news have come out of the Googleplex in the last few months and I hope this is the start of a trend. The first story appeared mid January when it was reported that Google was resisting certain government subpoenas. With every financial transaction in the US being one step away from public record, phone companies granting the NSA unfettered access to their data, and ISPs supplying information to any ‘legitimate’ group that requests it, this is a breath of fresh air.
The second item came out yesterday on Google’s corporate blog. They announced a new log retention policy that would anonymize the data after an 18 to 24 months period unless they are legally required to retain them. They also said they would look at improving users’ privacy across the board, including services like Google Chat and Google Desktop.
This announcement was a change in corporate policy, rather than a detailed technical plan. We can probably expect the specifics in the near future. Their current stated intention is to change parts of the IP address and the cookie. Unless they completely strip the logs of the IP and cookie, then it will never truly be anonymous, but I think they will change it to the point that the data could never be used in a court of law.
It’s not perfect, but it’s better than nothing. They weren’t facing any possible government sanctions for eroding users’ privacy; in fact the exact opposite is true. They did this on their own accord. I don’t know whether to praise or expect this kind of behavior from a company whose motto is “Don’t be evil”, but for today, I say praise.
The world will be a completely different place 10 to 20 years from now. I am always infuriated by people who claim they have nothing to hide, so they have no privacy concerns. Privacy is a vital element of the human condition. I hate to imagine the political spectrum in 20 years. If they can find a drunk driving arrest from the 70’s now, what will they be able to dig up with your search, email, phone, and financial data at the fingertips of the established power base. Just because we use this data now to optimize search engines or hunt for terrorists, does not preclude malicious usage in the future, on a scale we can not imagine…
non facias malum ut inde fiat bonum
-Eric Marvets