Modernizing Authentication — What It Takes to Transform Secure Access
That may be true in a lot of cases, but it doesn't seem to have been truethe other week. That's when the world learned that, when it comes to hardquestions about privacy, Google's corporate policy is exactly theopposite of the officer's motto -- run and hide.
In some sense, that lawman's admonishment would make a good motto for thedesigners of Google's massive and ubiquitous Internet indexing.
Google takes great pride in its corporate mission, which is ''to organizethe world's information and make it universally accessible and useful''. In meeting that mission, the company has built what has become theworld's most popular search engine, powered by a huge index of Websites.https://o1.qnsr.com/log/p.gif?;n=203;c=204634421;s=15939;x=7936;f=201702151714490;u=j;z=TIMESTAMP;a=20304455;e=i However, for privacy and security experts, Google's mission statement isthe stuff of nightmares.
The privacy implications of indexing every scrap of information you canfind and making it keyword searchable raises many thorny questions --questions that many experts have long been asking difficult questionsabout.
But whenever Google is questioned about these issues, the company'sstandard response has been that they're merely organizing informationthat is already publicly available, so worrying about these questions isnot their responsibility. They also point to their corporate PrivacyPolicy, which promises to keep your information protected. The problem isthe policy actually is pretty vague about your ability to control whatinformation about you appears in Google's databases.
As one of those privacy experts who regularly gives Google grief overmany issues, the wide reach of their Internet search capabilities is onethat I really have never had much trouble with. Yes, the privacy issuesare significant. But given the nature of the search engine business, andthe other legal and technical recourses available to aggrieved parties, Isee the privacy impacts of Google's indexing as largely an unfortunateby-product of an otherwise indispensable service.
So you can imagine my surprise when I learned last week that Google hasamended its position on the privacy implications of its searches.
Their new stance? If their search engine turns up too much of yourprivate information, it's still not their responsibility, unless youhappen to be the CEO of Google. In that case, anyone who looks up theCEO's personal information is a despicable abuser of privacy who won'tget their phone calls returned for an entire year!
Google's object lesson in hypocrisy began last month when a reporter forthe technology news Website CNET wrote a story summarizing the manyprivacy questions posed by Google's existing and new businesses. Thearticle discussed the privacy and security implications of the company'smassive data gathering methods and the risks posed by hackers, corruptemployees, or overzealous investigators, who will undoubtedly try to gettheir grubby hands on that data.
To illustrate a central point of the article, the writer did a little''Googling'' about Google's CEO, Eric Schmidt, and reported a few benignfacts that she found. Those included his estimated net worth, his wife'sname, what town he lives in, and various other innocuous personal newsitems culled by Google's own search engine from blogs, news articles, andgossip columns.
Now that the privacy-invading power of Google's search engine was beingturned on its own leader, company officials were suddenly horrified. No,they weren't horrified by how easily the reporter found the information.Rather, they were aghast that the reporter had the impudence to actuallytell readers what she'd found.
Not content to be hoisted by their own petard, Google executives then decided to make a true spectacle and promptly set their hair on fire.
According to a variety of news reports, soon after the CNET article appeared,a Google public relations person called to complain to an editorabout this outrageous abuse of Schmidt's privacy. The editor was, notsurprisingly, astounded by the hypocrisy of Google's tantrum. Hereportedly pointed out that all of the information was publicly availableand was indeed found using Google's own search engine.
The executives at Google didn't like having their own namby-pamby excusesthrown back in their faces, so Google's PR flack soon called back to saythe company had decided to ban its employees from talking to anyCNET reporter for a period of one year.
Let there be no mistake, this wasn't Google simply acting out in childishfashion against one reporter or one news outlet. Google was putting therest of the media on notice that if any other reporters had the temerityto point out the emperor had no clothes, they too could expect the silenttreatment.
Thankfully, while today's political reporters seem to be afflicted withchronic spinelessness, reporters covering the high-tech beat have clearlybeen taking their calcium tablets. Laughing at the threat of the silenttreatment, news outlets were soon teeming with stories about Google'sarrogance, hypocrisy, and their fumbling attempts at grade-schoolbullying tactics.
The deep irony of this story is certainly embarrassing, or entertaining,depending on your perspective. But the more important story is that, evenafter its hissy-fit, Google still doesn't have a compelling, or evencoherent, answer to the privacy questions raised in that or anysubsequent article.
Google's snit certainly doesn't reflect well on the way the youthfulcompany -- which in the eyes of many analysts still can do no wrong -- canbe expected to handle future adversity.
What's increasingly clear to me, however, is that as long a Google'sstrategy on privacy issues is akin to the child who plugs his ears andsings, 'La-la-la-la, I-can't-hear-you!', it is only a matter of timebefore Google suffers a privacy train wreck.
And based on the ugliness of last week's conniption, when ''the big one''hits Google, it won't be pretty.