On Trust and Privacy: Why I No Longer Trust Google

Trust.

It’s a key factor in any successful relationship, whether that relationship is between two people or a person and an organization.

Privacy concerns are ongoing and have been around on the web for a long time. Kee Hinckley wrote about them in 1999. Among privacy advocates, discussions about “do not track” go back at least four years; then in 2010, the FTC endorsed the idea. (As did Mozilla in 2011.) There’s the W3C Platform for Privacy Preferences (P3P), now suspended, and a new W3C tracking protection group.

Although it hasn’t been battered with privacy-related consumer trust headlines as frequently as Facebook (Beacon, 2007, 2007, 2009; privacy settings, 2009, 2009, 2010, 2011, 2011, 2012; tracking, 2011, 2012; FTC settlement, 2011), Google has flirted with trust issues since at least 2004. That’s when Dave Winer warned:

Google today is as dangerous as Microsoft, and I wouldn’t bet on their trustworthyness [sic]… The technology industry is built on a foundation of arrogance and disdain for users. Google is too. You may not have seen it yet, but I have.

In 2007, Google told worried consumers that “the unique ID used by the Google Maps system can’t be connected to any ID for gMail.”

Almost two years ago, Google issued a mea culpa, admitting that it “wrongly collected information people have sent over unencrypted wi-fi networks.” And it had done so for three years.

In 2009, Google rejected South Korea’s real names policy when it came to YouTube accounts because of privacy concerns. Then in 2011, it demanded “real names” for its Google+ network.

Google entered into an FTC consent agreement only 11 months ago, “the first time an FTC settlement order has required a company to implement a comprehensive privacy program to protect the privacy of consumers’ information.” The culprit: Google Buzz.

Less than a month ago, Google announced it was consolidating its 60+ privacy policies into one, effective March 1, 2012. Any previous “no, we can’t/don’t” statements? Null and void. The only “opt out” to across-site tracking is to stop using Google products and services.

“There is no way anyone expected this,” said Jeffrey Chester, executive director of the Center for Digital Democracy, a privacy advocacy group. “There is no way a user can comprehend the implication of Google collecting across platforms for information about your health, political opinions and financial concerns.”

Then last week, we learned that Google engineers systematically and deliberately bypassed Safari’s rejection of third-party tracking cookies, on computers and iPhones, all in the name of making it possible for Google’s PlusOne (+1) system to compete with Facebook. And oh-by-the-way, the work-around allowed Google’s advertising network DoubleClick (with its own checkered privacy past) to set third-party tracking cookies.

This deceit seems to directly contradict the spirit, if not the terms, of  Google’s FTC consent decree:

The settlement requires the company to obtain users’ consent before sharing their information with third parties if Google changes its products or services in a way that results in information sharing that is contrary to any privacy promises made when the user’s information was collected.

Ah. But DoubleClick, while a separate domain, isn’t technically a third party, is it?

However, the deceit clearly contradicts the intent of Google’s customer, who has chosen (explictly or implicitly) to block cookies from third-party sites.

Look. When I set my browsers to reject third-party cookies, I don’t mean “all third party cookies except those in the Google ad network.” I mean all third party cookies.

When I set my browsers to reject third-party cookies, I don’t mean “except when doing so enables Facebook and Google+ integration.” I mean all third party cookies. Period.

When I set my browsers to reject third-party cookies, I don’t mean “but it’s OK to use javascript in place of a cookie.” I mean do not track me. Period.

No means no.

Just like it did in high school.

And just like in high school, the boys at Google (yes, I’m being sexist) seem to have a hard time hearing the word.

I think my worldview is one that is difficult for engineers to grok. Privacy != secrecy. Privacy is me deciding what I share, when I share it and with whom I share it. As danah boyd explained at a W3C conference in 2010, privacy is contextual. Privacy is social, it’s a relationship, it’s not just information. And we “feel as though [our] privacy has been violated when [our] expectations are shattered.”

There’s another issue bubbling below the surface: Google as infrastructure versus Google as a content company. It’s not privacy, per se, but it is big data (and is, thus, related). It’s privileging Google’s own content over that from others, like Twitter or Facebook.

US regulators are reportedly looking into whether Google manipulates its search results to favour its own products and have expanded the investigation to include Google+.

That’s because Google wants to be Facebook. From The Economist (emphasis added):

But there are other, unspoken reasons that Google is keen to make this change. By creating comprehensive profiles of users by combining crumbs of data they leave across its services, the firm is betting it can target more online ads at them more accurately. It also wants to position itself as a comprehensive online portal in order to compete more effectively with Facebook, which is soaking up an ever-increasing amount of web surfers’ time.

Although I don’t believe (don’t want to believe) that Google engineers deliberately set up a loophole for DoubleClick, I do believe that there are systemic cultural conditions — evidenced by Google’s history on privacy and its decision to integrate all properties under one privacy statement — that allowed this to happen.

Until those cultural conditions change, I no longer trust Google to act in a manner that honors its “don’t be evil” policy.

Maybe it is inevitable that large organizations become paternalistic, believing that they know best. Certainly, advertising companies and consumers are engaged in an escalating arms race over data and data collection.

Google, which is both large and an advertising company, has morphed into Microsoft. Dave Winer was right.

Glossary

• Cookie: a text file that can both store and retrieve information about browsing activity; cookies are stored on the client side of a server-client connection. Cookies were created to implement state management in a stateless system; cookies make it possible to have electronic shopping carts and persistent logins.
• Third-party cookie: a cookie that originates from a site other than the one hosting the current web page.
• Flash cookies (local shared objects): files used by Adobe Flash (a common advertising medium) to store tracking data, data that is difficult to delete and that can reinstate a traditional cookie after a user has deleted it.

Further Reading

• Can advertisers learn that ‘no means no’? (2011, pdf)
• EPIC testimony on content extraction (2005)
• Google slammed for latest privacy breach (2012)
• Token Attempt: The Misrepresentation of Website Privacy Policies through the Misuse of P3P Compact Policy Tokens (2010)

:: wiredpen permalink
:: Follow me on Twitter!