You are here

Internet Security

Why Google's Privacy Controls are a Joke -- Lessons for FTC/FCC

Google's latest privacy controls are a bad joke, certainly not sufficient to warrant the FTC completely absolving serial privacy violator Google from all responsibility in the Google WiSpy Affair, especially given that other law enforcement bodies have found misrepresentation of facts and violation of users' privacy.

 

  • Hopefully, the FCC's investigation of Google WiSpy will not look the other way like the FTC apparently did, when a Fortune 200 company with the industry's longest privacy violation rap sheet, was caught red-handed violating millions of Americans' privacy and found to have misrepresented facts and misled investigators, got off without any FTC sanction, oversight or accountability whatsoever.

 

Why are Google's latest privacy controls insufficient?

First, Google's leadership is clearly not publicly supportive of more privacy controls, but openly skeptical and defiant that Google does not need to alter its approach to innovation to better protect privacy and security.

Google's mandatory location profiling/tracking

Google won't allow you to opt-out of their location tracking for search, we learn from CNET's Chris Matyszczyk's outstanding post "How Google stops you hiding your location."

  • Kudos to Mr. Matyszczyk for spotlighting this latest "creepy line" Google default mandate.

What does this mean?

First, it means that Google has not learned much from its serial privacy problems, like Google setting a default that everyone's house should be included in StreetView photographing and Spi-Fi signal recording, and everyone that signed up for Google Buzz by default should share their Gmail addresses with the public.

Second, it means that Google profiles and tracks your location by default and that you can't opt out from Google knowing where you are, you can only select what local setting Google will use to customize your search results.

 

Why is the FTC AWOL on Google Privacy?

Congress needs to conduct oversight hearings to learn why the FTC is apparently giving Google special treatment, and more specifically why the FTC inexplicably dropped its Google StreetView spi-fi privacy probe without any charges, before it even learned all the facts, and without any accountability mechanism in place to protect consumers or prevent repeat violations.

Google's wanton wardriving in 33 countries for over three years secretly recording people's WiFi transmissions, including full emails and passwords, arguably is the single broadest privacy breach in the Internet era. And the FTC did nothing. And the FTC sees no need for any further action. Amazing.

What's wrong with this picture? A lot. A better question might be what's right with the FTC-Google privacy enforcement picture?

 

Google: Transparency for thee but not for me

In another Google fit of no-self-awareness, Google has launched a new web tool that they call the "transparency report" in order to promote transparency as "a deterrent to censorship," per a Google spokeswoman in the NYT's Bits Blog.

While I applaud the tool and Google's effort to promote transparency as a deterrent to censorship, the effort appears disingenuous because of Google's double standard that others must submit to transparency, but not Google.

Google's tool will have "a map that shows every time a government has asked Google to take down or hand over information, and what percentage of the time Google has complied," per the NYT's Bits Blog."

 

If transparency is good:

Big Brother Inc. Implications of Google Getting No-Bid U.S. Spy Contract

The top U.S. spy agency for mapping announced a no-bid digital mapping contract with Google on August 19th. However, after media inquiries, the agency modified the contract's no-bid format, but made clear "the agency's intention to award the contract to Google without entertaining competitive bids" -- per a Fox News story by James Rosen.

 

  • Wow. There are large and broad implications of this remarkable new development for: privacy, security, antitrust, Google's international business, and Government oversight.
  • The fact that this was announced in late August, when precious few are paying attention, should heighten everyone's Big Brother Inc. antennae.

Has anyone in a position of authority or oversight even begun to think through the irony and stupidity of contracting out the Nation's most sensitive intelligence gathering and analysis function to a company that has:

Why Privacy Is an Antitrust Issue & Why Google is its Poster Child

The fateful policy decision by the FTC/DOJ to exclude privacy as a factor in antitrust enforcement has fostered a perverse market dynamic where many online advertising companies now effectively compete on the basis of who can most take advantage of consumer privacy fastest, rather than compete on the basis of who can best protect consumer privacy. 

  • Consumers' online privacy Waterloo was the FTC's failure in its 2007 review of Google-DoubleClick to fundamentally understand the online advertising business model, i.e. that consumers are not the "customer" of online advertising, but the "product" that Google and DoubleClick effectively sell to advertisers and publishers.
  • In getting it wrong that consumers are the real "customer" in Google's online advertising brokering-triangle of advertisers, publishers and users, when users don't pay Google at all, the FTC fundamentally misunderstood consumers' real interests.
  • The FTC unwittingly aimed the worst part of this business model's privacy arbitrage at consumers' vulnerabilities rather than aiming it at protecting consumers' privacy. 

This analysis will show: 

  • The implications of exempting privacy from antitrust enforcement;
  • Why privacy is an antitrust issue;
  • How consumers are harmed by exempting privacy from antitrust enforcement; and
  • In conclusion, how Google has become the "poster child" of this problem.  

I.   Implications of exempting privacy from antitrust enforcement.   

37 States now investigating Google StreetView snooping

37 States are now involved in a "powerful multi-state investigation" of "Google's Streetview snooping" per a press release from investigation leader, Connecticut Attorney General Richard Blumenthal, who released a new follow-up letter to Google asking for more information and clarification of its representations to date. 

The letter shows the investigation is very serious. Its prosecutorial exactness strongly suggests that investigators believe Google has not been forthright in its answers to date and that it could be covering up material information to the investigation. 

  • Several questions in the letter also indicate that the investigators are seriously concerned about the integrity and completeness of Google's systems of internal controls and supervision to ensure the safety and privacy of consumers. 

What appears to be the most problematic line of inquiry is whether or not Google tested this software before it was used in public to collect private information on consumers. 

Google China License: What's the rest of the story?

In an exceptionally uncharacteristic low-key PR manner for Google, Google announced on its blog in one sentence that China renewed its license to operate in China.

  • "Update July 9:
    We are very pleased that the government has renewed our ICP license and we look forward to continuing to provide web search and local products to our users in China."

What's the rest of the story here?

Google and China have been at loggerheads with one another in one of the highest-of-profile international standoffs between a private company and a superpower in modern history, since Google publicly accused China in January blogpost of being complicit in a hack of Google that resulted in the theft of Google's intellectual property, (which John Markoff of the New York Times reported was the extremely sensitive computer code for Google's password control system.) 

What is the quid pro quo here?

Google's Wanton WarDriving Scandal: Fallout & Cover-up

Google's wanton "wardriving," i.e. detecting, accessing, and recording residential WiFi networks in 30 countries for over three years, was not simply a "mistake," "inadvertent," or an "accident" as the Google's PR machine has spun it. The evidence to the contrary is overwhelming to anyone who bothers to examine it closely. 

  • Google's wanton wardriving was either: gross incompetence/negligence or wrongdoing
    • Government investigators must determine for themselves via subpoena, whether or not anyone at Google, in a supervisory or management position, knew that this private "payload" data was being collected, and whether or not this private data had been accessed, copied, analyzed, or used by Google in any way.

The case for why Google's wanton wardriving is more than just a "mistake."        

I.  Identifying the questionable practice: "Wardriving"

Questions for Google on its Latest Act of Privacide -- Part XXI Privacy vs. Publicacy series

Google's latest privacy-killing act of privacide is "Google's roving Street View spycam," which is not only taking pictures, but is also scanning to log WiFi network addresses and unique Media Access Control (Mac)addresses per Andrew Orlowski's excellent scoop at the Register.

Pages

Q&A One Pager Debunking Net Neutrality Myths