Is Google violating our privacy?
YES
KARIN RIIS JORGENSEN, EPA
GOOGLE is in the dog-house as far as we and many other privacy campaigners are concerned. The internet giant is guilty of playing fast and loose with people’s privacy. It has been found capturing people’s WiFi information, including private emails, bank information, and passwords in the course of its Street View service. The service, originally focused on photographing curbside views, was already being attacked for photographing individuals and their properties without consent. This latest transgression, however, of collecting private data directly from people’s WiFi connections, is more than people can stand.
So what is going on? Google, in its drive to collect any and all information that exists, wanted to map all WiFi networks it would encounter with its Street View project. They decided to use programming code and aerials that not only mapped the networks, but also collected data streaming over unencrypted networks, and retained it.
This may not be terribly concerning for students at Stanford University in Google’s back yard, where the technology was first tested – but it is clearly concerning for European citizens. After all, our banking information, personal conversations, and passwords are supposed to be protected from wiretapping. Google is not excused from this law.
Recently the Australian authorities clamped down on the company, accusing it of being in possible breach of privacy law. The Australian case comes after countless complaints in Europe.
And all Google says, when confronted with the evidence, is: “Sorry, it was a mistake. We promise to not do it again, and we will delete all that information.” This hardly seems to be an appropriate response.
Google had an opportunity to file a patent in the US for technology that would have prevented it from collecting private information. Considering that an American start-up, Skyhook, had been doing the same WiFi mapping for far longer, it would seem there were options available that could have prevented it collecting private data.
The company’s chief executive, Eric Schmidt, famously said, “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place”?
This statement fails to acknowledge the fact that the core of a liberal democracy is the ability for one’s life to remain private – covering everything from who one votes for to what we say over the phone. Otherwise, we are guilty until proven innocent.
This is not good enough. Google’s leaders should promote privacy as it grows as a company. As long as Google delays taking up the role of a champion for privacy, it will risk seeing itself increasingly at odds with its customer base and clashing with domestic authorities. The evidence: the hostile reaction in countries such as the UK, Australia, New Zealand and Germany over the company’s Street View project. The Italian Data Protection Authority even singled Google out in its annual report, citing the company’s persistent hostility towards the very standards the Authority is meant to protect.
Technological innovation must protect privacy, not attack it. The right to privacy is sacrosanct. Protecing people’s identity is not censorship, but a fundamental right. And respecting privacy should be considered an asset, not an obstacle. Rather than expecting uninformed users to dig around to find an opt-out option from its data sharing, the firm should put individual privacy at the centre of all its policies and pledge to protect it above all else.
• European Privacy Association (EPA) is an advocate for privacy and data protection at the European level. The EPA website is at www.europeanprivacyassociation.eu
• Karin Riis Jorgensen is the chair of the EPA.
NO
PETER BARRON, GOOGLE
AT Google, we’re in the business of connecting people to information. Sometimes that’s through our search engine, which helps hundreds of millions of people find useful results every day. Sometimes that means helping people manage their own information through products like Gmail and Picasa web albums. And in all of this we work hard to make sure that appropriate controls are in place to protect people’s private information.
In May, one of the data protection authorities in Germany asked us for a detailed breakdown of the WiFi data we collect for use in location-based products like Google Maps. That request prompted us to re-examine everything we collect –?and during our review we discovered that we had mistakenly included code in our software that collected samples of what’s known as payload data ?– that is information sent over an unsecured network. We have never used this data in any Google product, and our priority is now to delete it, but this was a serious mistake for which we have apologised.
As soon as we became aware of the problem, we grounded our Street View cars and isolated the data. In recent weeks we have been reaching out to the Data Protection Authorities in the relevant countries, and we’re working with them to answer their questions and have the data deleted in the appropriate manner.
Maintaining people’s trust is crucial to everything we do. We asked a third party to review what happened in this case and internally we are currently reviewing our procedures to make sure they are sufficiently robust to address these kinds of problems in the future. In addition, given the concerns raised, we have decided that it’s best to stop our Street View cars collecting any WiFi network data.
Privacy is a priority for Google. We handle large amounts of data every day and we have an excellent record in keeping that data safe. We know that the only thing that keeps people coming back to Google is their trust in our products, so users’ privacy is and will remain of the utmost importance.
• Peter Barron is Google UK’s head of communications.