Google: Keep user data safe by letting us hoard it forever
Fleischer demands EU trust Google
Google has sought to turn its China crisis to its advantage by arguing it demonstrates why it should be allowed to hang onto search logs indefinitely.
Privacy supremo Peter Fleischer told ComputerWorld in an interview that, "The unprecedented hacking... and the threat of similar such attacks in the future emphasized the importance of internal analysis of logs."
Google has been under particular pressure in Europe to stick a time limit on how long it hangs onto information that can be used to identity searchers.
In 2008 it halved the time it hung onto such info to nine months, a cut that still did not find favour with Eurocrats. It continues to hold data beyond that date, but says it does not hold the full IP address of users, effectively anonymizing the data, but still making it useful to the world's largest ad broker.
Microsoft has upped the ante by lowering the amount of time it hangs onto data about Bing users to six months. Which would be significant if anyone used the service.
"We find it reprehensible that a company would throw away useful data when it holding it poses no privacy threat," Fleischer thundered.
Which illustrates how Google's view of privacy differs from many other people's, and ignores the possibility of the data becoming a privacy (and/or security) threat if it fell into the hands of, say, Chinese hackers.
Fleischer also called for the creation of an EU panel featuring data protection and cyber security experts. This demand will be part of a submission to Europe's Article 29 committee on data protection, in which it will also rule out any further reduction in the amount of time it holds onto data.
This could presumably mean Fleischer spending even more time in Brussels. In December 2008 he was asked to join an EU quango which would advise on future data protection legislation.
Of course, Fleischer's not the only one who believes that the best way to preserve security (and sell a few ads as well) is by hoarding every bit of information a user generates. This is the same principle behind the UK government's Interception Modernisation Program. Except for the ads flogging bit.
We asked Google if it could add anything more to Fleischer's comments, or confirm if he was still serving on the data protection panel. They're still holding onto that data. ®
At last! Now we know...
... exactly what Google's self-serving angle was on this China business. Had to be a catch somewhere - unless you were gullible enough to accept that Google had the slightest interest in human rights or privacy...
About that remark...
I wonder how Schmidt would feel in the following scenario.
Suppose that there was another Eric Schmidt living in Silicon Valley.
Has the exact same name. Different address, phone number, and other personal data of course.
Now suppose that this Eric Schmidt had a certain fancy for little boys and girls. And went to the local library, the same library our CEO goes to and has a library card. (Yes, you do need a library card these days...)
At the library, our second Eric goes online and searches the net for well, er , stuff.
The nanny monitor software alerts the staff, and Eric is busted. He's tossed from the Library, his library card is revoked, and its recorded that he's a potential pedophile.
Now our CEO goes in to the Library to check out a book. Red flags go up all over the place.
After all, Eric Schmidt was just booted and here's our CEO. Sure the address is different, but Eric could have moved. We can't trust all of the data we see. After all, no system is infallible.
As much as he protests, its to no avail.
Of course, being a small town, word gets out. Rumors start.
But hey! Our CEO didn't do anything! Right? So he has nothing to fear.
The point is that Google is pulling data about users from different sources and are matching them up. There will be errors of course, but hey! Don't worry, you have nothing to fear, right?
You did nothing wrong.
There are other scenarios that also show a flaw in his logic.
I mean take Bob down in Engineering. He and his buddies were having an argument over the terms 'Goat Fsck' and 'Cluster Fsck', along with the meaning of 'SNAFU'.
Now these are all technical terms, used by engineers to discuss their projects and why pointy haired executives are making their lives a living hell. (You can replace the s with a u, but I'm trying to keep things clean for the kiddies). So Bob enters them in to Google.
Because of the word fsck, Bob not only gets the definitions, but also ads from Craig's list, and a bunch of Adult Entertainment sites. After all we know that the real reason geeks created the internet was for porn. :-) Yet I digress.
Poor Bob did this on his corporate computer. Shirley Ujest in HR was alerted, and poor Bob got hauled in to her office. No matter how hard he tried to explain that his search wasn't for adult material, but to find out the real meaning of the terms 'goat fsck', 'cluster fsck', and 'SNAFU', Shirley was having none of it. Bob was terminated, for cause, because he was found surfing the net for porn.
So yeah, I guess if you have nothing to hide, you have nothing to fear.
I chose Tux because he looks happy.
So their database was compromised...
...and their solution is to put more data in it?
That can't be right.