Google’s growth makes privacy advocates wary
November 3, 2008
NEW YORK — Perhaps the biggest threat to Google Inc.’s increasing dominance of Internet search and advertising is the rising fear, justified or not, that Google’s broadening reach is giving it unchecked power.
This scrutiny goes deeper than the skeptical eye that lawmakers and the Justice Department have given to Google’s proposed ad partnership with Yahoo Inc. Many objections to that deal are financial, and surround whether Google and Yahoo could unfairly drive up online ad prices.
A bigger long-term concern for Google could be criticisms over something less tangible — privacy. Increasingly, as Google burrows deeper into everyday computing, its product announcements are prompting questions about its ability to gather more potentially sensitive personal information from users.
Why does Google log the details of search queries for so long? What does it do with the information? Does it combine data from the search engine with information it collects through other avenues — such as its recently released Web browser, Chrome?
Data gathered through most of the company’s services “disappears into a black hole once it hits the Googleplex,” said Simon Davies, director of London-based Privacy International, referring to Google’s headquarters. “It’s impossible to track that information.”
Google — whose corporate motto is “Don’t Be Evil” — generally sees such concerns as misinformed. For instance, the company says it stores the queries made through its popular search engine primarily so it can improve the service.
But whether the criticisms are valid or not, they are likely indicative of the battles Google will face as it, like Microsoft Corp. in the 1990s, moves from world-wowing startup to the heart of the technology establishment.
The September release of Chrome illuminated the budding conflicts.
To Google, the new browser is a platform on which future Web-based software applications might run most efficiently. It also is a sign that Google understands its growing power, since launching a browser is a direct challenge to Microsoft.
In other circles, Chrome provoked suspicion. One group, Santa Monica, Calif.-based Consumer Watchdog, argues that the browser crosses a new line.
In a mid-October letter to Google directors, Consumer Watchdog said it had “serious privacy concerns” about the browser and the transfer of users’ data through Google’s services without giving people what it sees as “appropriate transparency and control.”
One of Consumer Watchdog’s complaints surrounds Chrome’s navigation bar, which can be used to enter a Web site address or a search query. The group points out that as users type in the navigation bar, Chrome relays their keystrokes to Google even before they click “Enter” to finalize the command.
“The company is literally having this unnoticed conversation with itself about you and your information,” Consumer Watchdog President Jamie Court said.
This “conversation” stems from the “Google Suggest” feature, which is built into the browser and other Google products, including its basic Internet search engine.
“Google Suggest” sends Google searches as you type, in hopes of anticipating your desires. So if you’re keying in “Electoral College 2008 election,” Google will offer multiple search queries along the way. First you’d be given results related to the term “electoral,” then ones on the Electoral College in general, and finally you’d get links pertaining to Tuesday’s presidential vote.
This is what worries Consumer Watchdog: Say you key in something that could be embarrassing or deeply personal, but reconsider before you press “Enter.” The autosuggest feature still sends this phrase to Google’s servers, tied to your computer’s numeric Internet Protocol (IP) address.
Brian Rakowski, the product manager for Chrome, said Consumer Watchdog’s fears stemmed from confusion about the role a Google Web browser plays.
“There was some concern that, given a very naive way of how browsers work, you may think, ‘Now I’m using a Google browser — Google must know everything on their servers about me,'” he said.
Rakowski said queries sent to Google through the autosuggest feature do include data like a user’s IP address and the time at which the queries were made. But Google logs just 2 percent of the information brought in through “Google Suggest,” in order to improve the feature, Rakowski said, and anonymizes this data within 24 hours. The anonymization is accomplished by stripping off the last four digits of the IP address associated with the query.
“You’re flying blind without that information, so we have to collect a little bit,” he said. “But we’re really (collecting) the bare minimum we can to provide that service.”
The autosuggest function can be shut off in the browser or when using Google’s search engine through its home page, but it is not immediately evident how to do so.
One way is through Chrome’s “incognito” tab, which turns off the autosuggest feature and lets users surf the Web without revealing their activities to people who have access to the same computer. However, Consumer Watchdog objects to the design of “incognito.” The group claims the feature makes users feel that their Web surfing is totally private, while in fact Google is still sending some information back and forth between users’ PCs and the company’s servers.
Google takes issue with that complaint, too. The “incognito” function lets users surf without leaving a trail of pages visited or “cookie” data-tracking files behind, but can’t entirely cloak someone’s Internet activity from the outside world.
“We try to be very upfront with users when they enter this mode about what it provides and what it doesn’t provide,” Rakowski said.
Although Chrome is new, Consumer Watchdog is not waiting to see whether it gets too little use to worry about. In October, Court’s group wrote U.S. Attorney General Michael Mukasey to caution him about Google’s plans to sell ads for Yahoo, saying that its fears about Google’s market power have been exacerbated by Chrome’s release.
“It’s about having a monopoly over our personal information, which, if it falls into the wrong hands, could be used in a very dangerous way against us,” Court said.
Google’s senior product counsel, Michael Yang, said the company is not using any data from Chrome to make improvements to its ad services.
But that doesn’t mollify privacy critics, who fear Google might start doing that someday to best capitalize on its vast audience. Some 650 million people use Google’s search engine and panoply of Web services.
“The way Google has fashioned Chrome, it’s a digital Trojan horse to collect even more masses of consumer data for Google’s digital advertising business,” said Jeff Chester, executive director for the Center for Digital Democracy, a consumer rights organization.
For now, at least, Google is planning to adopt just one change suggested by Consumer Watchdog. When users spell a Web site’s address incorrectly, Chrome sends a request to Google to help determine the actual site the user is trying to visit. This happens even when users are surfing “incognito,” and Rakowski said it was an oversight.
“It’s something we’re prioritizing now that we want to fix,” he said.
This is not to say that Google is avoiding other privacy-related changes. In July, the company began linking to its privacy policy on its home page. It also recently began its anonymization of the data it stores through the “Google Suggest” feature.
But one other privacy-related move might say more about how Google is perceived than anything.
In September, to placate European Union data protection officials, Google said it would maintain its search logs — which track search queries and the IP addresses they came from — for nine months instead of 18, as it had been doing. After that time, Google will alter IP addresses to mask their source. (That probably won’t provide true anonymity, since an aggregated list of search queries over time will likely reveal clues about who made them.)
Google hoped the move would win it favor. After all, Microsoft waits 18 months before it anonymizes its search engine logs, and Yahoo does so after 13.
Even so, the EU’s justice and home affairs commissioner said Google should shorten its logs further, to six months. Davies, of Privacy International, says the change from 18 to nine months was “not meaningful.”
Court says that with all its products, Google has more opportunities than its peers to capture personal information without users realizing it.
“Google’s founders may say, ‘We’re going to protect that information,’ but no other company,” he said, “is positioned to exploit that information in the way Google is.”