Despite growing public concern, companies such as Google and Facebook continue to demonstrate an insatiable desire to gather and market our personal information to advertisers. Today, these companies are even able to manage our online identities by creating the equivalent of an ID card for the Internet.
Google's ex-CEO and current executive chairman Eric Schmidt is known for making Orwellian pronouncements about his company’s ambitions. Some of his statements are so absurd they illicit reactions such as, ‘Did he really say that?’ or, ‘Surely, he must have been joking!’
But Schmidt is not known for his sense of humour. When he said: “Google’s policy is to get right up to the creepy line and not cross it”, it’s safe to assume he meant it and was unaware of the disturbing implications of his words.
Likewise, when Schmidt said: “Most people don’t want Google to answer their questions... they want Google to tell them what they should be doing next”, his messianic belief in Google’s benevolent influence on all our lives was undoubtedly sincere.
Schmidt’s statements are an open admission that Google wants to control the lives and identities of all who use the world’s most popular search engine. This ultimate goal was expressed in the most Orwellian of his ejaculations: “With your permission you give us more information about you, about your friends, and we can improve the quality of our searches… We don’t need you to type at all. We know where you are. We know where you’ve been. We can more or less know what you’re thinking about.”
With this last assertion, Schmidt shot way over the creepy line. But in a sense he’s right about Google’s reach into our lives. There’s little doubt that Google, and its major rival, Facebook, are incredibly efficient gatherers of personal data. Even if you try to remain incognito, they track you using cookies, anonymous identifiers, web bugs and your IP address. If you use the same name and account on many different sites you assist web advertisers – of which Google is by far the biggest – to profile you and serve you the most appropriate advertisements.
“The internet has changed our notions of privacy because we are sharing data on an unprecedented scale,” said Dr Joss Wright, a researcher into internet privacy with the Oxford Internet Institute.
“A Facebook comment, or picture, spreads rapidly to the whole world and we’re not psychologically built to deal with that. The Internet is like an elephant. It never forgets.”
To illustrate the new implications for privacy, Wright describes a scenario involving a 55-year-old company CEO who is about to meet a client for an important business meeting.
“The client Googles the CEO’s name and finds a picture of him as a 17-year-old student with a vodka in his hand and a traffic cone on his head. This changes his perception of the CEO. To prevent this, he would have to consciously delete all his photos from the web, but the transferrable nature of digital files makes this hard, especially for celebrities.”
The hypothetical situation is an example of why privacy is a contextual matter, according to Wright.
“One of my favourite definitions of privacy is ‘control over the presentation of self’. Eric Schmidt totally misunderstood this when he said, ‘if you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place’.
“But privacy is not about what you should not be doing, but more about self-presentation in a given context. I don’t want delegates at a computer science conference seeing a video of me making baby noises to my two-year child just before I give a speech. It’s not that I have anything to hide, but it’s about wanting control over my personal integrity. We have different social registers for different parts of our lives. Google wants to believe there is just one you, but I talk to my university colleagues, or kids, or parents, in different ways.”
An even more alarming aspect to the data analysis is the capacity of computers to draw accurate inferences. “They use the information to target adverts more precisely, but the use of blind algorithms has human consequences,” said Wright. “Research has shown they can tell a person’s sexuality from consumer choices. In a case in England, a gay 17-year-old was targeted by adverts for homosexual dating sites on the family computer. His parents threw him out and he ended up homeless.”
The story is reminiscent of a recent story in the US, where the superstore Target figured out that a daughter was pregnant before her father knew. The store began sending out coupons for baby food and clothing to the family home after logging pregnancy patterns in her purchases. Clearly, a computer programme does not realise that pregnancy can be a sensitive, private issue and the girl might wish to choose her own moment to reveal her secret.
“The desire to target you with advertising is not malicious. It’s borne of commercial necessities. But when you’re not paying for the service ‘you’re not the customer you’re the product’. Facebook and Google are just giant corporations trying to sell us stuff. We use their service for free, but they are dealing in a currency we are not aware of which is our personal data,” said Wright.
In their insatiable desire to grasp more data, Google and Facebook have repeatedly run into opposition from civil rights groups and privacy campaigners.
One of the first major cases involving Google followed the introduction of Buzz, a sharing tool for Gmail users, which automatically included their e-mail contacts in the network. It provoked widespread criticism that Google had invaded the privacy of users and failed to understand that e-mail contacts were not necessarily friends.
Google quickly changed the service so it did not automatically connect people. It later settled with the US Federal Trade Commission over charges of deceptive privacy practices related to Buzz and agreed to 20 years of audits.
But Google’s most egregious abuse of privacy came in 2010 when it launched its Street View service. In preparation for the launch, Google sent its cars around the world from 2006-2010 to photograph streets and neighbourhoods. But Google didn’t just take pictures with cameras. The vehicles were also equipped with antenna that hoovered up about 600 gigabytes of data from users of public wifi stations in 30 countries.
The data contained a huge amount of private information, including snippets of e-mails, photographs, passwords, phone numbers, medical records passwords, chat messages, postings on websites and social networks.
At first Google insisted the data collection was an accident, then it changed tune and blamed a rogue engineer. But in 2011 it emerged that the Google engineer behind the technology had advised colleagues that internal privacy lawyers should authorise its use.
But the US Federal Communications Commission, which fined Google US$15,000 over the affair, said legal advice was never taken. Eventually, Google apologised, saying they were “acutely aware we failed badly here”, in terms of privacy protection.
“The Google Street Car episode was a perfect example of ‘system creep’, which is when technology is used for a purpose other than the original intention,” said Wright. “Google didn’t ask whether it could capture the data because it thought it wouldn’t get caught and if it did, it wouldn’t pay much of a fine.
“To stop this kind of thing happening we need much stronger regulations. Google’s biggest fine was just €100,000 in France, a drop in the ocean compared to their US$100 billion annual profit. Some of the new EU guidelines suggest taking 1 or 2 per cent of annual income as a fine, which would change their behaviour swiftly,” he said.