By now everyone has seen the “this stuff matters” box on Google's search page. The “This stuff matters” message is pretty interesting – it sounds like Google understands our concerns and is taking them seriously. On that basis I expect many people – fearing another 80 page privacy policy – will just move on to get their search result.
But some will actually take the time to follow the link. And what they'll see actually is important.
First, they'll find out that beginning this Thursday Google will amalgamate all the information it has about their activities and postings on all of Google's sites and services into a single account profile. This in spite of the fact that most people put content on those sites and entered queries into Google search pages thinking the information was limited to the specific context in which they were participating.
Second, they'll find out that as customers they have no choice about the matter. Even though in many cases they have helped create the knowledge and content that makes Google successful, their option if they dislike the policy is to completely stop using Google sites by Wednesday February 29th 2012.
Of course all of this is perfectly in keeping with the creepy “Real Names” initiative forced upon us a few months ago. At that time, we were told “Real Names” only applied to “certain Google sites” – like Google+. What a surprise that so little time later, ALL account and profile information from ALL Google properties is being amalgamated under a single privacy and identity policy! As we predicted, Real Names is slithering into the whole fabric of the company's offerings, whether specific sites benefit from what will often be “over-identification” or not.
Happily, one group of people who actually bothered to look into the change were the Attorneys General of the United States. Today they published a cogent and devastating letter that does an admirable job of enumerating the many deeply disturbing implications of Google's latest identity initiative. It begins,
“Google’s new privacy policy is troubling for a number of reasons. On a fundamental level, the policy appears to invade consumer privacy by automatically sharing personal information consumers input into one Google product with all Google products. Consumers have diverse interests and concerns, and may want the information in their Web History to be kept separate from the information they exchange via Gmail. Likewise, consumers may be comfortable with Google knowing their Search queries but not with it knowing their whereabouts, yet the new privacy policy appears to give them no choice in the matter, further invading their privacy. It rings hollow to call their ability to exit the Google products ecosystem a “choice” in an Internet economy where the clear majority of all Internet users use – and frequently rely on – at least one Google product on a regular basis.”
The Attorneys General then go on to discuss the contagion between Google's consumer offerings and their enterprise ones… What does this kind of identity grab mean for companies and governments who have put corporate and state information under Google's stewardship? Can the companies who steward the resources of the World Wide Web change their privacy and other policies in radical and even maniacal ways without regard to the policies in effect when those resources were created? Can they simply tell those who have bought into previous promises to either accept their brave new world or “take a walk”? As the attorneys put it,
“This invasion of privacy will be costly for many users to escape. For users who rely on Google products for their business – a use that Google has actively promoted1 – avoiding this information sharing may mean moving their entire business over to different platforms, reprinting any business cards or letterhead that contained Gmail addresses, re-training employees on web-based sharing and calendar services, and more. The problem is compounded for the many federal, state, and local government agencies that have transitioned to Google Apps for Government at the encouragement of your company, and that now will need to spend taxpayer dollars determining how this change affects the security of their information and whether they need to switch to different platforms.”
I urge everyone to read the letter in full and think deeply about the consequences.
Not long ago, John Fontana suggested we get together to discuss the degree to which the Laws of Identity remain relevant seven years after they were published. I look forward to that conversation. Google's actions show there are still companies who could benefit from reading them. After all, it is clearly breaking three Laws of Identity:
- Law 1: User Control and Consent. Users should never have identity information merged or divulged without their consent.
- Law 2: Minimal Disclosure for a Constrained Use. It is wrong to link all information pertaining to a user across different contexts when it was provided for specific uses.
- Law 4: Directed Identity. Systems should not create unnecessary correlation across different contexts unless people opt to do that. They thus should be able support identitfiers that are limited to specific scopes – as has been the case at Google's sites until now.
And the Attorneys General are onto it…
Here we see Google doing all it can to help realize Big Brother's dream of total surveillance online. What they correctly but misleadingly call a merger of privacy policies would be better termed a merger of identities, to the effect that, if Google has you made in ANY of your accounts with them (e.g. real-names-only Google+), they will, as of March 1st, be tracking you on a real name basis in ALL of your accounts with them.
As far as I can tell, the only time this policy is in place is when you are logged into Google. You can still search anonymously and remain private by not being logged in. That seems like a fairly reasonable off switch to me.
The fact that Google is introducing a new privacy policy aggegating use across services has been displayed to all of us – including people (like me) who are not logged in. Since it is displayed to us, I assume it applies to us.
The annoucement includes a link to a new policy telling us that our use of all Google Services is being combined into a single profile and privacy policy.
Google puts cookies on our machines whether we are logged in or not and thus has no difficulty tracking our use across services when we are not logged in. In other words, the mechanism exists to aggregate profile whether we are logged in or not.
Given Google's statements that they now aggregate usage across services, what makes you think that they do not do so if you are not logged in? I've seen no indication of this, but would love to hear from Google that they do not aggregate if we do not log in.
If anyone can give me info indicating there is no aggregation using cookies, pease let me know.
Kim
Technically Google is asking for consent. This is a major problem, that consumers don't have the time or the legal expertise to properly evaluate what they are consenting to.