Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

FTC To Monitor Google's Privacy Practices For 20 Years

Soulskill posted about 3 years ago | from the settling-in-for-a-long-stakeout dept.

Google 51

Rambo Tribble writes "As reported in TPM, the Federal Trade Commission has reached an agreement (PDF) with Google that will include the agency monitoring the company's privacy practices for the next 20 years. Whither, Facebook?" Oddly enough, another article details a surge in government requests for user information from Google. In a blog post, the company explained that they wanted to provide more transparency with regard to government requests, and have updated their Government Requests tool to do so.

Sorry! There are no comments related to the filter you selected.

So which is less evil? (1)

jellomizer (103300) | about 3 years ago | (#37835392)

Please choose one of the following...
a) Post all information about government request so everyone knows the government is suspicious of you.
b) Keep all request private so we don't know the government is suspicious of you.

Re:So which is less evil? (-1, Troll)

TechLA (2482532) | about 3 years ago | (#37835414)

Taking pictures of everything, analytics (on most of the internet), business practices that mostly were about targeting people with ads and monetarizing their services with that.

Google got really good at it too. Their own advertisement were always kind of soft, but still visible and used everywhere on their sites like YouTube. Their image of "do no evil" catched a lots of geeks and so on.

Well, eventually they got caught. And I wrote about their practices on Slashdot for a really, really long time. And was modded troll. Go figure :P

Re:So which is less evil? (1)

Hotweed Music (2017854) | about 3 years ago | (#37835652)

they got caught

Yawn.....

Re:So which is less evil? (0)

Anonymous Coward | about 3 years ago | (#37835726)

Did you just claim analytics are evil? As is an advertising company having the business practice of targeting people with advertisemnets and monetarizing [sic] their services? Yea, you were modded troll for a reason, and that reason is there's still no "fucking retarded" moderation option.

Re:So which is less evil? (2)

Sarten-X (1102295) | about 3 years ago | (#37835940)

Would you have the same objection to an individual person taking a single picture in public, or a store salesman recommending a product that fits your needs? Does it matter that the guy taking a picture of your house is a Google employee, rather than a random person from the next town over? On a more global scale, does it matter that somebody in Tunisia can now know what color your front door is? Google, like many companies that are now assaulted for "violating privacy" like it was some innate right, just did often what is perfectly fine to do rarely.

What I would consider evil are actions like buying up competitors, only to shut them down to preserve one's own market share. I find it wrong to knowingly mislead people into investing in something that will never bring a return. It offends me to see people (including executives, managers, and shareholders of a company) attacked because they provide a service for a profit.

Doing something neutral extensively is not evil.

Re:So which is less evil? (1)

CraftyJack (1031736) | about 3 years ago | (#37836392)

It offends me to see people (including executives, managers, and shareholders of a company) attacked because they provide a service for a profit.

Your post is best read in the voice of Jack Donaghy.

Re:So which is less evil? (1)

Sarten-X (1102295) | about 3 years ago | (#37836644)

I'm afraid I'm not familiar, but if it helps, many of my posts are written with the following set of people in mind:

  1. A half-crazed high school teacher, who is amazed by the manifestations of physics everywhere: "Convection in a glass of water! That's ahMAZing!"
  2. An irritated middle-aged middle-class middle-manager, who is mostly ambivalent about things that piss others off, because there's better and worse things in the world, and thinks that too many complaints are utterly pointless and stupid: "Yes, I know that restaurant was your favorite because of its particular 'atmosphere', but that 'atmosphere' was the putrid odor of rotting flesh which scared away customers."
  3. A grumpy 80-year-old widower who knows now how little he knew back when he knew everything, and has realized that he can't take care of the world, so he'll take care of his lawn, while trying unsuccessfully to prevent others from falling into the same situation: "Hey you kids! Get off my lawn! Go read a book!"

The preceding post was written mostly from the perspective of person number two.

Re:So which is less evil? (1)

Anthony Mouse (1927662) | about 3 years ago | (#37840220)

I'm afraid I'm not familiar

FYI [youtube.com]

Re:So which is less evil? (0)

Anonymous Coward | about 3 years ago | (#37836584)

You fail to recognize that doing something often instead of rarely can greatly change the nature of what is being done. Example: taking a picture when I happen to be somewhere in public would be considered innocent under most circumstances, following me around and taking pictures everywhere I go is stalking.

Re:So which is less evil? (1)

Sarten-X (1102295) | about 3 years ago | (#37836792)

If stalking is "taking pictures everywhere you go", then I can take pictures for an hour, record notes for an hour, draw cartoons of your actions for an hour, then dictate into a recorder for an hour, and I'm fine, right? Or four separate people can do each action on their own, and they're all fine, right?

The nature of what's being done determines the nature of what's being done. Google isn't installing taps on your network. They aren't recording your house continuously. They aren't doing anything to single you out or work around any attempts to hide yourself (more or less). They aren't seeking you out in any way. You are instructing you computer to talk to Google, and somehow it's expected that Google should forget everything that happens? If you don't want Google to know about you, poison your online identity with misinformation, and configure your firewall to block all traffic to Google's servers. In other words, go back inside your house and don't worry about the photographer down the street. He doesn't really care about you.

Re:So which is less evil? (1)

ceoyoyo (59147) | about 3 years ago | (#37836654)

How about if your local supermarket owner sells your shopping list to the highest bidder?

Google sending cars out to take pictures is fantastic. Google collecting information about everyone to sell advertising needs careful scrutiny.

Re:So which is less evil? (3, Interesting)

Sarten-X (1102295) | about 3 years ago | (#37837084)

You mean like they do all the time with the "preferred shopper" cards and such? The ones where they aggregate the data, correlate milk sales with cookie sales, and offer promotions to correspond with buyer habits to maximize order efficiency and therefore profits? I like them. They make things cheap right when I'm about to buy them. Yes, sometimes the brands change, but I'm not particularly loyal to brands, so I really don't mind that.

If I may take the liberty of bring up literature, I would like to compare this situation to Aldous Huxley's novel Brave New World. In short, civilization is optimized to make people happy. Needs are provided for, and people are manipulated into being whatever is needed of them for the good of society. The underlying evil in the society is simply that there is no way out. A rebel who does not want to be a part of the massive self-improving system cannot live a life on their own.

Coming back to the grocery store analogy, it is perfectly possible to opt out of the system. Pay with cash, and do not use any identification cards. Likewise, you can opt out of using Google's services by blocking traffic to their servers and refusing to do business with their partners. I do agree that any entity that wants to collect significant information about someone should be subject to increased scrutiny, but the extreme privacy-above-all view is just as bad as a devil-may-care attitude.

Re:So which is less evil? (2)

tlhIngan (30335) | about 3 years ago | (#37837532)

Likewise, you can opt out of using Google's services by blocking traffic to their servers and refusing to do business with their partners.

You also forgot to "forgo the smartphone". A lot of apps (Android especially, but also iOS) use AdMob, which is owned and operated by Google now. (Ironically, it was Apple's iAds that let the DoJ to approve Google's purchase of AdMob - and iAd's failure could spell antitrust issues ("Even APPLE couldn't compete against Google") over it). AdMob is a company specializing in in-app advertising. and able to tell which app, and other usage statistics.

Plus, location awareness on Android sends tracking data to Google, but at least that's epecified.

Best to stick with a dumb phone though.

Re:So which is less evil? (1)

bws111 (1216812) | about 3 years ago | (#37836746)

Do I mind if an individual takes a picture of my house? No.
Do I mind if he posts it on the internet for the world to see? Probably not.
Do I mind if he posts it on the internet along with my address and GPS coordinates? Hmm, not so sure I am ok with this.
Do I mind if he posts it on the internet along with my address, GPS coordinates, and name? Hey! WTF are you doing?

Each one of those things by itself may not be a problem, but the more information you aggregate the more of a problem it is. And Google seems intent on aggregating every bit of information they can get.

Re:So which is less evil? (1)

LateArthurDent (1403947) | about 3 years ago | (#37839586)

Do I mind if an individual takes a picture of my house? No.
Do I mind if he posts it on the internet for the world to see? Probably not.
Do I mind if he posts it on the internet along with my address and GPS coordinates? Hmm, not so sure I am ok with this.
Do I mind if he posts it on the internet along with my address, GPS coordinates, and name? Hey! WTF are you doing?

Each one of those things by itself may not be a problem, but the more information you aggregate the more of a problem it is. And Google seems intent on aggregating every bit of information they can get.

Actually, no. The only thing that is relevant is the method by which the information was acquired. Whether I like my picture taken and posted on the net is irrelevant. Was the picture taken in a public place? If so, if I don't like it, that's my problem, I don't have the right to demand others to stop taking pictures in public places. Was it taken from my living room? You need my permission.

The same applies for all the other stuff including GPS coordinates, address, and name. How did they get the info? Was it public information, scraped from info you made public yourself? Well, then they have a right to the info. Did they ask your bank for information? Then that's not cool.

Re:So which is less evil? (0)

Anonymous Coward | about 3 years ago | (#37838254)

> like it was some innate right

Funny, in many civilized nations it is an innate right.

Re:So which is less evil? (1)

LordLimecat (1103839) | about 3 years ago | (#37839802)

Funny, in many civilized nations it is an innate right.

What we have here, is a failure to understand the word "innate".

Re:So which is less evil? (1)

geminidomino (614729) | more than 2 years ago | (#37843640)

Not to mention some extremely loose application of "civilized."

Re:So which is less evil? (2)

DJRumpy (1345787) | about 3 years ago | (#37839178)

Actually to go through your examples, many people dislike pictures of them taken if they are somewhere in which they don't want to be observed. Given the pervasiveness of Google as a search tool, email, docs, chat, and social network, that's a lot of data to entrust a company with who's sole purpose is to sell such data for profit. Given that, I don't think most care if their house is photographed (a few but I'd consider them a minority). Others were more concerned about the automated photos that caught people doing things that they may not particularly have wanted on the web and accessible to millions/billions of people.
Regarding the salesmen, you actually go to a salesmen when you want to buy something, not when you want something taken from you and sold, or if you want to trade something of value for something else. Not a great example. The pictures of a house from a street are a non-issue to me and I would think to most except for a few prudes.

I think the storing of wireless information was more relevant. At some point someone had to look at such data, see that they were collecting info they shouldn't be, and stopped the practice, or better yet, set proper parameters on what to collect beforehand. It was irresponsible on Google's part. Something I would expect of a startup, not a company of Googles size and experience. It would extremely tempting to abuse such data to for a company based in data mining.

In Google's case it's far more likely that they have their hands on so much personal info, ranging from common web use, to location info, search info, interests, email, contacts, items you purchase, sites you visit or browse with any frequency, where you shop, sexual interests, dirty web habits, etc.

If Google is not doing anything wrong they they have absolutely nothing to fear, but blind faith that a corporation will always do the right thing is foolish, especially when you invest such faith in a for-profit company who's sole purpose is to sell your data.

Re:So which is less evil? (2)

DJRumpy (1345787) | about 3 years ago | (#37839322)

One more thing, although I hate replying to my own posts; it appears that Google Buzz is what prompted this.

The FTC case was prompted by the now-defunct Google Buzz social networking service. Google tried to tack Buzz onto Gmail users’ e-mail accounts, enabling them to provide status updates and to share photos and videos, but it created an uproar when it made users’ Gmail contacts public by default.

The commission charged that Google engaged in unfair and deceptive practices in 2010 when it launched Google Buzz by leading users of its Gmail system to believe that they could easily opt-out of the social network. The controls that would enable them to do that were ineffective, the FTC charged at the time.

Also the tools that Google created to enable users to limit the sharing of users’ personal information were confusing and difficult to find, the agency alleged.

In its complaint, the FTC said that Google had enrolled some Gmail users in Google Buzz even after the users had clicked on a tab to decline to use the service, and that the identities of people that Gmail account holders most frequently communicated with were made public by default. Worse, when users tried to get out of the service, they weren’t fully removed.

In short, Google badly handled the data they did have, they implemented infrastructure without protecting user data, misled users to believe that they could easily opt out, and failed to inform them as to what data would be shared.

Basically they fucked up, and badly. All this will do is have a review/audit of their privacy practices. The government has always had access to tools to request user data form Google and this doesn't change that at all. This is strictly relating to an audit of their privacy practices and policies. Given their fumbles recently, I think it's warranted.

Re:So which is less evil? (0)

Anonymous Coward | about 3 years ago | (#37836536)

Welcome to the Internet. Pretty much every "free" online service that features ads will run this way. That advertising revenue goes to sites that host ads and actually does allow companies to selectively target good candidates for their business, otherwise you are randomly advertising to how many billions of people?

Go back to your cave, we are still not listening to you.

Re:So which is less evil? (0)

Anonymous Coward | about 3 years ago | (#37839234)

Just don't bother answering the parent, we are sending all of our traffic through US government servers for the next 20 years.

Yours truly,
Google

Oh please! (1)

countertrolling (1585477) | about 3 years ago | (#37835394)

Where are they going to find the money to do that? Are they going to trace every cable and wireless signal into the hidden closet where they keep all their drives? And when are we going to start monitoring the government?

Re:Oh please! (0)

Anonymous Coward | about 3 years ago | (#37835454)

The government is using this ruse to extract personal data from Google for it's own purposes. It'll save the government millions of dollars by having this private business do all the farming for them. Win - Win for both parties. Lose for the rest of us.

Re:Oh please! (1)

Synerg1y (2169962) | about 3 years ago | (#37836382)

Since when does google actually validate your data? I can create a fake account off a proxy, and then what?

It's all of YOUR fault for providing google with all your personal information, google just gave you the means. Look at the hacker stories in the news, it's always people with REAL online accounts that they use their REAL accounts to commit crimes with. If your outside a house with a can of gasoline and a match and the house is burning down, is it the houses fault?

Re:Oh please! (0)

Anonymous Coward | about 3 years ago | (#37836422)

Sorry but The Onion clearly stated that it was Facebook doing that: http://www.theonion.com/video/cias-facebook-program-dramatically-cut-agencys-cos,19753/

Re:Oh please! (1)

bws111 (1216812) | about 3 years ago | (#37836488)

What are you talking about? It is a once every two year audit of privacy practices, probably not unlike audits for SOX compliance, ISO 9000 compliance, etc.

What is your privacy policy?
Do users have to opt-in to services that reveal private information? Show me the records of who opted in and who didn't.
How do you protect users data? Show me how that is implemented.
How do you ensure privacy is protected when new apps are developed? Here is random app 'x' - show me the privacy controls.

That sort of thing.

20 years of?.. (1)

m1ndcrash (2158084) | about 3 years ago | (#37835490)

Monitoring google's privacy policies or having access to private data? :/

Third Party Fourth Amendment Loophole (0)

Anonymous Coward | about 3 years ago | (#37835598)

That's all they needed to say.

Humans are so interesting sometimes. (0)

Anonymous Coward | about 3 years ago | (#37835684)

If the Government ran google+ and/or facebook, everyone would be outraged that politicians had access to your personal network and going's on.

Private entities with going concern over their own capitalization have it instead, with no government oversight. Despite the precisely targeted marketing that comes from it and (essentially) the tailored web experience that happens from it, people are ok with this.

Government asks to see if everything is kosher with the privacy agreements, and it becomes news.

Net Neutrality is a fine idea and we should all strive to ensure it. But the monopolization of social networking leads down almost the same scary path of a commercially crafted internet experience. The existence of these databases give companies insight into exactly what should be targeted at you to get you to spend money on them. I'm not saying there's an easy solution, and this post probably smacks of paranoia. It's just funny that we're OK with companies manipulating us, but not the government.

Re:Humans are so interesting sometimes. (0)

Anonymous Coward | about 3 years ago | (#37836472)

"people are ok with this."

SOME people are OK with this. I stopped using google many years ago when it became clear that they will gather and keep all the information they possibly can about everyone forever.

The risk of google forming secret police is much smaller than the govt, but they can facilitate or directly engage in other abuses just as well.

Is Google required..? (0)

Anonymous Coward | about 3 years ago | (#37835842)

Is Google required to tell users when they have fulfilled a government request for user data / information?

Re:Is Google required..? (2)

Lockyy (2486084) | about 3 years ago | (#37835942)

Could go with the tactic of emailing everyone who has had information requested an email that states that they are required by law to not inform anyone who has had their information requested. And ONLY emailing the people who have had it requested.

Extremely slow news day (1)

PCM2 (4486) | about 3 years ago | (#37836192)

A quick (and ironic?) Google search would have revealed that these terms were reached and disclosed this past March. [infoworld.com]

Why pick on Google? (1)

msobkow (48369) | about 3 years ago | (#37836492)

Every internet/media company should be subject to the same legal standards of privacy as the others, and all companies should be monitored for compliance.

Canada has had federal laws regarding information privacy since 1985. http://laws-lois.justice.gc.ca/eng/acts/P-21/index.html [justice.gc.ca]

It's probably due for some updating, but there is legislation in place that these companies are required to abide by if they want to serve the Canadian market.

Re:Why pick on Google? (0)

Anonymous Coward | about 3 years ago | (#37836684)

...and all companies should be monitored for compliance.

That's a lot of monitoring, and I think many people would say that it's intrusive and unwarranted.

But back to your post title... Google wasn't picked on. The FTC received thousands of complaints, so they investigated. What they found was that

Google had violated its own privacy policy by using its users’ personal information in a way that they had not consented to even though Google had said they would ask for permission first.

Re:Why pick on Google? (1)

msobkow (48369) | about 3 years ago | (#37838994)

Monitoring doesn't have to be intrusive. It can be as simple as providing an Ombudsman to receive complaints, and mandating automatic duplication of complaints registered through corporate web forms and email to that Ombudsmen. As long as the Ombudsman has teeth.

Re:Why pick on Google? (1)

msobkow (48369) | about 3 years ago | (#37839008)

I'm talking about a government Ombudsman, of course, not a shill paid by the corporation.

What about Facebook? (0)

Anonymous Coward | about 3 years ago | (#37836498)

Seems they could use same.

But will they watch Visa & MasterCard's practi (1)

Fencepost (107992) | about 3 years ago | (#37836944)

Given what's being listed elsewhere on the front page regarding advertising based on your purchasing history I'd like to know who's going to be monitoring the privacy practices of the credit card companies.

Re:But will they watch Visa & MasterCard's pra (0)

Anonymous Coward | more than 2 years ago | (#37840894)

Sadly, the disreputable practices of credit card companies are most likely fully authorized by cardholder agreements.

Of course the REAL question is: (1)

aix tom (902140) | about 3 years ago | (#37837140)

Will Google still be around in 20 years?

I bet 10 Euro on "no".

( If I calculated the odds correctly, that could win me 100,000 Euro in 20 years. Which might be enough for a coffee and a bagel, POSSIBLY with jam, if I calculated the odds for the Euro collapsing correct )

20 Years? (1)

Kamiza Ikioi (893310) | about 3 years ago | (#37837252)

In pre-Internet years, that's like going back to the founding of Western Union and saying you'll watch them for the next 200 years, as if anything done today will really be relevant then. Even the concept of privacy will radically change by then. Also by then, Google could be the next Yahoo used-to-be by then. Anyone wanna buy a company with the FTC's hand up its ass?

Sounds Good (1)

izomiac (815208) | about 3 years ago | (#37837866)

Personally, I can't recall Google doing anything too egregious with user data, and they seem to be able to secure it, so I've been comfortable enough using their services. The FTC, while a bureaucracy that may have a bark worse than its bite, seems to at least be trying to do good with net neutrality and such. Letting the FTC vet anything that passes Google's own muster seems like a major win for consumers, and subsequently Google, as this should instill a bit more trust.

Ask for a Google monitor person a year from now (1)

bryan1945 (301828) | about 3 years ago | (#37837972)

and see how many there are....

(Crickets)

Who's paying the bill for FTC monitoring? (1)

L3370 (1421413) | about 3 years ago | (#37838858)

Is google paying for time, resources and labor to monitor for the next 20 years, or is this tax dollars at work?

I'd imagine keeping tabs on a company as expansive as google is expensive. I don't know who to be mad at; the government for intervening, or google for being a burden to the taxpayer.

If the FTC thinks google isn't playing nice with privacy, FINE them to cover the costs. If they aren't doing something wrong or worthy of penalty, get out of their business and let them run.

Re:Who's paying the bill for FTC monitoring? (2)

swillden (191260) | about 3 years ago | (#37840446)

Well, what the FTC discovered when they investigated was that Google had stepped over the line, but had already recognized it and put policies in place to address the issues, policies which exceeded what the FTC would have imposed. That being the case they couldn't really justify a lot of fines or any significant interventions, so they fell back on "okay, we'll watch you for 20 years".

As for who's paying, I don't know, but I doubt it costs that much. They don't really have to monitor everything Google does, they just have to monitor Google's policies, which is easy to do, and to randomly spot check policy compliance. Honestly, I doubt they really even need to do that... Google is full of geeks so there are lots and lots of internal watch dogs, and Google is a very bottom-up organization where it's really easy for any employee with a pointed question to get attention from the very top -- and to spread his or her complaints widely if Larry doesn't address them.

Google's privacy errors weren't a result of evil plans, they were a result of people not paying attention to the issue. Now, it's a big deal, and would be even without the FTC oversight, because Google had its nose publicly rubbed in some privacy mistakes.

These days every design document is required to have a privacy impact analysis, and there are pretty stringent requirements for having things reviewed by the privacy office. In addition to that, there are mandatory privacy training courses for all new hires, mandatory annual privacy education for all employees, an annual privacy week with many privacy education, analysis and review events held throughout the week and a direct communication channel for any employees to report privacy concerns to the privacy office, who acts aggressively on them. And even without that, any Googler who's really worried can always just call the FTC. So, no, I don't think the FTC has to spend a lot of money on monitoring.

Note that none of this privacy focus means that Google will stop trying to collect information about people. Rather the focus is on (a) ensuring that information is only used in ways that the users have agreed to (though the agreement is often implicit), (b) providing users with control of their data, including visibility into what Google collects about them, the ability to export it and/or delete it, and to opt out if they prefer (see google.com/privacy, and especially google.com/privacy/tools) and (c) ensuring that data does not leak (necessary for (a)). Google's hope is that they can provide you with so much value in exchange for your data that you'll want to give it to them, and that you'll trust them to manage it responsibly.

(Disclaimer: I am a Google Engineer. I'm not in PR, I don't work in the privacy office or make privacy policy decisions -- though as an engineer with an extensive security and cryptography background much of what I do is related to privacy assurance -- and I'm not speaking for the company, or disclosing anything that isn't already public information. I'll also say that as someone who's always been a bit of a security and privacy zealot, including making it the primary focus of my 20-year software career, I'm personally quite impressed with the way Google handles privacy issues. In the 15 years I worked as a security and privacy consultant I saw huge problems at nearly every company I worked with, on an almost daily basis, while in the 8 months I've been with Google I've yet to see a bad decision. Further, I have full confidence that if I ever do see a bad decision my complaints will be heard. Compared to the banks I consulted for, who were paying $300 per hour to hear my opinions and then proceeded to completely ignore them, Google is privacy/security geek nirvana.)

YOU FAIl IT (-1)

Anonymous Coward | about 3 years ago | (#37840386)

somehow (1)

superwiz (655733) | more than 2 years ago | (#37842420)

I trust Google more than I trust FTC. At least Google has competition. FTC will sway whichever way the bought and paid for regulators will sway. What if we get another one like Michael Power as FTC chair? He famously said that he doesn't need to hire engineers because he can ask a CEO of any tech company what he needs to know.

Re:somehow (1)

superwiz (655733) | more than 2 years ago | (#37842434)

Sorry, Michael Powel was a chair of FCC. But the gist doesn't change.

hmm (1)

amalek (615708) | more than 2 years ago | (#37843520)

Id suspect its little more than a PR exercise for Google. They can now hold up their hands and say "hey, were working with auditors for two decades in making sure we do no evil". How things change.
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?