Feeds

UK data watchdog 'looking into' Google+ mission creep

Google + Profiles – pseudonyms = privacy headache?

Using blade systems to cut costs and sharpen efficiencies

Updated: Exclusive Blighty's Information Commissioner's Office is currently "looking into" Google's recent ID verification rejig, The Register has learned.

A spokeswoman confirmed to us yesterday that no formal investigation is yet underway, but the ICO is nonetheless using official man-hours probing Mountain View's recent changes to its profiles and username sign-ups.

Google, in the meantime, has clarified its position on the Chocolate Factory's newly installed common name profiles policy that has been created to place its social network project, Google+, at centre stage within its online estate.

The company's product veep Bradley Horowitz responded to recent criticism levelled against Google's identity verification tweaks, which in the next few days will lead to the mass deletion of private profiles for the firm's products.

Meanwhile, the Google ID screws have been tightened elsewhere. For example, wannabe Gmail users are now required to insert their real names when creating an account* are asked to verify their account sign-ups by providing phone numbers to Mountain View.

In effect, pseudonyms are no longer welcome at Mountain View, despite recent marketing-motivated comments during the Arab Spring uprising that suggested otherwise. YouTube used as a revolutionary tool? Not so much. And arguably not at all any more, given the sudden banishment of anonymous users from the video-sharing service.

Horowitz did little to move on from the debate/row brewing over Google's latest efforts to grab more data from some of its unwitting users, who largely sign up to the company's products for free, thereby becoming the product – whether they realise it or not.

He naturally published his comments about ID ownership on Google+, after an earlier discussion on the changes between serial tech blogger Robert Scoble and Vic Gundotra, Google's engineering veep.

Horowitz was keen to point out that Google+ remained a work-in-progress, and claimed feedback would be heard. He also spoke of the need to be "transparent" about the common name policy tweaks. It's a debate, he said, that would continue for some time.

The Google products man then stuck firmly to Google+ territory. After all, it's a new landing page for the company, so the logic seemed to follow that a change in ID-handling within that tech was perfectly acceptable. Facebook, of course, has long insisted that individuals provide their real names to access the site.

"We've noticed that many violations of the Google+ common name policy were in fact well-intentioned and inadvertent and for these users our process can be frustrating and disappointing," admitted Horowitz.

"So we're currently making a number of improvements to this process – specifically regarding how we notify these users that they're not in compliance with Google+ policies and how we communicate the remedies available to them."

In other words, nothing's going to change about the policy, but Google will better inform its "test field-only" userbase.

Before users are suspended for having a name not consistent with the one on their passport, birth certificate, CV or other official document, Google will give them the chance to correct it, otherwise those individuals can expect to be locked out of Google+.

And here's the money shot: "[W]e're looking at ways to improve the signup process to reduce the likelihood that users get themselves into a state that will later result in review."

Horowitz then skates over the fact that people sometimes use either their real name or an anonymous handle depending on how they want to present themselves online. This can sometimes involve serious political or personal reasons, a lengthy list of which is provided by the Geek Feminism blog here.

"We've noticed that some people are using their profile name to show off nicknames, maiden names and personal descriptions," he wrote. "While the profile name doesn't accommodate this, we want to support your friends finding you by these alternate names and give you a prominent way of displaying this info in Google+.

"If you add nicknames, maiden names, etc to the 'Other names' portion of your G+ profile, those with permission to view those fields can search for you using that term."

Irony alert! Horowitz is a fan of the pseudonym, indeed he uses the name "elatable" on Twitter and elsewhere.

But, as with Facebook, there's no wiggle room for people who want to keep their anon ID entirely separate from their real name within Google+.

And perhaps that's as it should be for a site that screams "SOCIAL". For many the true disappointment is the sudden impact Google's efforts to create a social graph have apparently had on the rest of its online empire.

Horowitz said he wanted to "debunk myths" about what some see as a downright creepy ID verification shift at Mountain View, by saying his company "aspired" to have "great solutions" for the likes of "teenagers" and "disadvantaged populations".

But such an aspiration clearly isn't good at yielding revenues, as Google's money-shy YouTube has demonstrated only too well.

He added that other Google accounts would not suffer the same suspension state as Google+, if an individual violates the firm's common name policy.

In other words, Gmail, Calendar, Blogger, etc all remain active. The one thing he failed to mention: New sign-ups to these services won't be able to do so anonymously anymore* are increasingly required to link back to a central Google email account.

It's unsurprising, then, to see the UK's information commissioner's ears prick up.

We asked his office to specifically consider, courtesy of one disgruntled Reg reader, if Google's Profile service in its current state constituted a so-called "Directory of Subscribers" under the Privacy and Electronic Communications (EC Directive) Regulations 2003.

Brussels commissioner Viviane Reding previously indicated to this author that the likes of Google and Facebook had "nowhere to hide" on such data issues, given that the US-based firms have clear business interests in Europe.

Notably, last weekend Google began more strictly applying its anti-private profile policy to its online estate. The result was that some users of its Google+ project were unceremoniously dumped. And an outcry has already begun ... ®

Corrections

*This story was corrected on 2 August to clarify Google's current verification requirements for some of its services.

Boost IT visibility and business value

More from The Register

next story
Secure microkernel that uses maths to be 'bug free' goes open source
Hacker-repelling, drone-protecting code will soon be yours to tweak as you see fit
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
Roll out the welcome mat to hackers and crackers
Security chap pens guide to bug bounty programs that won't fail like Yahoo!'s
HIDDEN packet sniffer spy tech in MILLIONS of iPhones, iPads – expert
Don't panic though – Apple's backdoor is not wide open to all, guru tells us
Researcher sat on critical IE bugs for THREE YEARS
VUPEN waited for Pwn2Own cash while IE's sandbox leaked
Four fake Google haxbots hit YOUR WEBSITE every day
Goog the perfect ruse to slip into SEO orfice
Putin: Crack Tor for me and I'll make you a MILLIONAIRE
Russian Interior Ministry offers big pile o' roubles for busting pro-privacy browser
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.