Thu

Mar 15
2007

Tim O'Reilly

Tim O'Reilly

Lauren Weinstein on Google's Privacy Announcement

Lauren Weinstein has a thoughtful response to Google's privacy announcement:

The gist of the announcement is two changes: The obscuration of some IP address bits (currently it appears that this would involve the least-significant octet of IP addresses recorded in the Google user activity logs), and changes to provide for some form of cookie anonymization.

Such an IP address change would allow for identification of any one computer out of a group of 256, rather than the existing ability to identify each computer individually. The actual impact of this change from a privacy standpoint would vary greatly depending on the type of addresses (dynamic vs. static) and the total range of those IP addresses associated with any given organization. Cookie anonymization effectiveness is more difficult to analyze until more information regarding the algorithms to be used become available.

Both of these changes would be applied to data after an 18-24 month period -- during which time data would be retained intact -- unless future government data retention mandates require longer periods. This is in contrast to Google's policy up to this point of maintaining all log data intact on an indefinite basis.

... while these changes can be reasonably viewed as only a first step on the road to the kinds of data retention privacy enhancements ultimately needed, taking that first step at all can be reasonably viewed as an immensely positive sea change to Google's attitude toward this data.

Time will tell if the rest of that privacy road is traversed in due course. It will be a challenging path indeed, especially in a political environment where the pressure to retain data for extremely broad retroactive investigatory purposes is growing at an alarming rate. And as we've seen in the recent revelations regarding the FBI's violations of the PATRIOT Act, the issues are all interrelated, and Google of course must obey these laws....

This is a good example of the kind of tough issue that we need to get our minds around as we move into the Web 2.0 future. Obviously, Google has been reluctant to make this move because they see value in the non-anonymized data. I doubt they've been resisting this move "just because," especially in the face of negative public opinion. My guess is that it helps them give users better search results, and that they have had a good, customer-focused reason for wanting to keep it.

But as Lauren points out, you have to take the long view, and especially in light of the tendencies of government to eventually want this kind of data to be kept, balancing the good vs. potential evils is essential.

This, by the way, is why the Long Now Foundation is important. Like Isaac Asimov's Foundation, they take the long view of events, and try to foresee the consequences of our choices as they will play out over many years. It's a worthwhile reminder. We should always study history, and think about what it means for the future.

tags: web 2.0  | comments: 2   | Sphere It
submit:

 
Previous  |  Next

1 TrackBacks

TrackBack URL for this entry: http://blogs.oreilly.com/cgi-bin/mt/mt-t.cgi/5335

» good vs. potential evil from Black Market Kidneys

Reading Tim O’Reilly’s response to [Lauren Weinstein’s response to Google’s privacy policy change], he mentions that, “balancing the good vs. potential evils is essential” (emphasis mine). I assume by not qualifying ... Read More

Tracked on March 15, 2007 1:04 PM

Comments: 2

  Anon [03.15.07 10:15 AM]

Actually, I would guess that it's very much *just because*. Google processes so many searches that a week's worth of data is probably sufficient to mine for search improvements. What they're saying is that instead of every search you ever did, back to 1997, being traceable to you personally upon presentation of any lawsuit (which can be filed by anyone, not just the police), any FBI letter, any search warrant, instead of that - it'll only be the last two years of your search history that is served up instantly in response to such a request, and more than two years will require some digging and piecing together. This is small comfort.

Cardinal Richelieu wrote, "If one would give me six lines written by the hand of the most honest man, I would find something in them to have him hanged." He recognized that by taking past deeds out of context and stringing them together, highly prejudicial appearances can be created. If I took all of Tim O'Reilly's Google searches and searched them for terroristic phrases, for sex-related phrases, it would be a damning body of evidence.

"O'Reilly searched for "sex" over 500 times! O'Reilly searched for the word "bomb" over 700 times! O'Reilly searched for "kill" over 900 times!" By the time a prosecutor was finished, with years of O'Reilly Google searches to damn him, Tim would look like a combination of Jeffrey Dahmer and Pol Pot.

Think it won't happen? Oh, it will.

  Peter Cranstone [03.15.07 10:36 AM]

You might want to take a look at our privacy solution for Mobile. It allows the customer to control over all of the personal data that they want to share - including the ability to stream real time GPS data directly inside the browser (Pocket Internet Explorer) which can be read by a web server.

Cheers,

Peter

Post A Comment:

 (please be patient, comments may take awhile to post)






Type the characters you see in the picture above.