Online Safety

Current privacy investigations of Google deserve to be much more comprehensive than just Google's latest StreetView wardriving scandal, given that:

Google's long-time cavalier approach to privacy and security are catching up to the company as its latest wardriving privacy scandal, appears to be spiraling out of the control of Google's legendary PR machine. 

First, the House Energy and Commerce Committee sent Google a tough investigative letter on its wanton wardriving of the U.S. The most problematic question for Google got to the root of Google's privacy scandals: "What is Google's process to ensure that data collection associated with new products and services offered by the company is adequately controlled?" This line of inquiry makes it clear this is not just a probe of this privacy incident, but of Google's systemic weaknesses in internal/management controls concerning privacy.

Google's wanton "wardriving," i.e. detecting, accessing, and recording residential WiFi networks in 30 countries for over three years, was not simply a "mistake," "inadvertent," or an "accident" as the Google's PR machine has spun it. The evidence to the contrary is overwhelming to anyone who bothers to examine it closely. 

• Google's wanton wardriving was either: gross incompetence/negligence or wrongdoing. 
  • Government investigators must determine for themselves via subpoena, whether or not anyone at Google, in a supervisory or management position, knew that this private "payload" data was being collected, and whether or not this private data had been accessed, copied, analyzed, or used by Google in any way.

The case for why Google's wanton wardriving is more than just a "mistake."        

I.  Identifying the questionable practice: "Wardriving"

Google's latest privacide admission -- that all of Google's roving StreetView vehicles around the world have been recording some of people's WiFi traffic/web behavior since 2007 -- should prompt privacy officials and the media to ask the simple question: why does Google serially keep having privacy scandals?

Simply Google will continue to have privacy scandals because Google has deep systemic privacy flaws and vulnerabilities -- by design.

• At core Google philosophically believes in "publicacy" that the world is a better place with more openness/transparency rather than closed systems or private/proprietary information.
• Thus Google has a publicacy mission, culture, business model, and no serious of effective system of management and internal controls to protect people's privacy.    

1.  Publicacy Mission: Google's infamous publicacy mission is to "organize the world's information and make it universally accessible and useful." It is their mission to collect whatever information they can, where ever they can, whenever they can without regard to whether it is private or proprietary information. As Google's repeated privacy flaps prove, they believe it is more efficient to ask for forgiveness than for permission.   

Google's latest privacy-killing act of privacide is "Google's roving Street View spycam," which is not only taking pictures, but is also scanning to log WiFi network addresses and unique Media Access Control (Mac)addresses per Andrew Orlowski's excellent scoop at the Register.

Well informed reports (that Google will not deny), that hackers breached Google's most sensitive software code, the Gaia password system, surface titanic security flaws at Google.     

Why Google is too big not to fail. 

1.  "Bigtable" Storage design: How Google stores and accesses "all the world's information" in and from its data centers is: "'Bigtable:' a Distributed Storage System for Structured Data." It is Google's innovation to maximize scalability, speed and cost efficiency -- not security, privacy, or accountability. Simply, Bigtable is an "all eggs in one basket" approach to information storage and access.

The abrupt change, that Google's CEO Eric Schmidt will no longer be accountable to shareholders on Google's earnings calls, should prompt investors to ask why? 

• Google claimed that they wanted to put more focus on Google's strong financials, but they did not disclose any more than Google's usual barest of minimum of information to investors.  
• The most obvious reason for this abrupt change is the literal explosion of real franchise liabilities and risk overhangs to Google that reared their ugly heads this past quarter. 
  • Had CEO Schmidt been available to answer investor questions, Google's exploding liabilities could have dominated the Q&A and the investment narrative coming out of the earnings call.

What has changed, and what Google has been not been open about, is the very serious ripening of three different types of going-forward franchise risks (antitrust, privacy/security, and intellectual property) that cumulatively herald a de facto change in Google eras: from the roaring "Growth Decade" of 2000-2009, to the more unpredictable "Liability Decade" of 2010- 2019.

For skeptics of Google's need for more transparency and accountability, consider the latest disturbing example of Google Chrome not asking tens of millions of Internet users for their permission to gain wide open access to their computers and content -- when it clearly should ask for permission -- like every other Internet browser provider does.    

Per ComputerWorld's article: "Google's Chrome now silently auto-updates Flash Player." 

• "Unlike other browsers, Chrome updates itself automatically in the background without asking for permission or prompting users that security fixes or new features are available." 
• "Google uses a unique approach, they don't ask users [for permission to update], they just do it" said Peter Betlem, Senior Director of Flash Player Engineering.  

What this means is that unlike all other browsers or Google competitors, Google does not believe it needs permission from users to gain wide open access to users' entire computer software and all its private contents.

Ever since Google announced it suffered a cyber-attack from China, Google's legendary PR machine has gone into overdrive, opportunistically framing the conflict as a good versus evil story, and positioning Google as the Internet's benign superpower defending free expresssion, and as a new kind of business that puts morality before money.   

• Google understands it is easy to politically demonize China, because China's pervasive censorship and trampling of fundamental freedoms and human rights offend all freedom-loving people.

However, those willing to look behind the curtain of Google's self-serving political rhetoric here, will discover that many of the attributes that offend so many people about China, Google shares to an unfortunate extent.

• Let's review four significant strategic similarities between Google and China -- brought to you in Google's own words.

First, Google's leadership, like China, has affirmatively chosen to not be democratically accountable.

Yale University has postponed its adoption of Gmail in part because of concerns that Google will/can not tell Yale where or in what country their private information/data will be stored -- per Yale Daily News.

• "Google stores every piece of data in three centers randomly chosen from the many it operates worldwide in order to guard the company’s ability to recover lost information — but that also makes the data subject to the vagaries of foreign laws and governments, [Yale computer science professor Michael] Fischer said. He added that Google was not willing to provide [Yale] ITS with a list of countries to which the University’s data could be sent, but only a list of about 15 countries to which the data would not be sent."

It appears that Google continues to organize information for the benefit of Google's own engineering efficiency, simplicity and convenience -- without regard to what is best or safest for its users.

• WHERE users private data is stored by Google has immense implications for users' privacy, security and whether or not their private data/communications are vulnerable to subpoena, with or without their knowledge.  

This is further evidence of Google's cavalier approach to privacy and security of users.