You are here What else does Google secretly track? Top 10 questions for privacy investigators to ask
Submitted by Scott Cleland on Wed, 2010-06-02 12:34
Current privacy investigations of Google deserve to be much more comprehensive than just Google's latest StreetView wardriving scandal, given that:
- Google tracks much more private information than most users are aware of, e.g. it tracks ~99% of all Internet users click paths cumulatively via the overlapping tracking of Google Analytics, Adsense, DoubleClick, Toolbar, Chrome, Android and Google cookies;
- Google collects many more personal identifiers than just the wardriving WiFi/SSID/MAC addresses under scrutiny, i.e. it also collects: IP addresses, email addresses, phone/mobile/SMS numbers, voiceprints, faceprints, fingerprints, mail addresses, credit card numbers, Social Security numbers, Passport numbers, drivers license numbers, license plate numbers, and other personally identifiable information.
- Hackers recently stole Google's most sensitive security/privacy code for its entire password system, putting most all Google stored private information at risk;
- Google had another major privacy breakdown recently in rolling out Google Buzz where Google exposed people's private email lists; and
- Google's CEO recently appeared to be putting the blame on users for having private information that needs to be protected, by saying on CNBC: "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place."
Questions privacy investigators should ask Google:
- What are all the types of private and personally identifiable information that Google tracks? Stores? And/or analyzes?
- Does Google have the capability to aggregate all the private information that Google collects on an individual Internet user, or groups of users, across platforms, products and services?
- Are Internet users aware of, or notified, that private information are being collected on them? If not, why not?
- What is the risk a user's private information could be accessed by law enforcement? By national security services? Or by hackers? Please rank user privacy invasion risk by country of origin.
- Can Google cross-reference all the private information Google collects with the specific disclosures indicating that they are being collected?
- Is all the world's private information that Google collects all stored together and co-mingled in Google's "Bigtable" omni-database?
- Are the storage of private data of EU residents segregated from non-EU residents private data? If not, why not? Is all EU private data stored in EU-based data centers? If not, why not?
- What private data was stolen or is at risk of being stolen after the recent security breach where Google's password system computer code was stolen by hackers?
- How are non-registered users of Google services, who interact with Gmail, Voice, and Docs users, notified that their comments/private information are being recorded, stored and analyzed by Google?
- Does Google have a simple one-click, opt-out, do-not-track option for a user to not be tracked or to not be profiled by Google at all? If not, why not?
The simple point here, is that the recently-discovered unauthorized tracking of people's WiFi-related information by Google, is only the tip of the iceberg of private information that Google collects on Internet users without their knowledge or meaningful permission.
»
|