Feeds

UK data watchdog 'looking into' Google+ mission creep

Google + Profiles – pseudonyms = privacy headache?

5 things you didn’t know about cloud backup

Updated: Exclusive Blighty's Information Commissioner's Office is currently "looking into" Google's recent ID verification rejig, The Register has learned.

A spokeswoman confirmed to us yesterday that no formal investigation is yet underway, but the ICO is nonetheless using official man-hours probing Mountain View's recent changes to its profiles and username sign-ups.

Google, in the meantime, has clarified its position on the Chocolate Factory's newly installed common name profiles policy that has been created to place its social network project, Google+, at centre stage within its online estate.

The company's product veep Bradley Horowitz responded to recent criticism levelled against Google's identity verification tweaks, which in the next few days will lead to the mass deletion of private profiles for the firm's products.

Meanwhile, the Google ID screws have been tightened elsewhere. For example, wannabe Gmail users are now required to insert their real names when creating an account* are asked to verify their account sign-ups by providing phone numbers to Mountain View.

In effect, pseudonyms are no longer welcome at Mountain View, despite recent marketing-motivated comments during the Arab Spring uprising that suggested otherwise. YouTube used as a revolutionary tool? Not so much. And arguably not at all any more, given the sudden banishment of anonymous users from the video-sharing service.

Horowitz did little to move on from the debate/row brewing over Google's latest efforts to grab more data from some of its unwitting users, who largely sign up to the company's products for free, thereby becoming the product – whether they realise it or not.

He naturally published his comments about ID ownership on Google+, after an earlier discussion on the changes between serial tech blogger Robert Scoble and Vic Gundotra, Google's engineering veep.

Horowitz was keen to point out that Google+ remained a work-in-progress, and claimed feedback would be heard. He also spoke of the need to be "transparent" about the common name policy tweaks. It's a debate, he said, that would continue for some time.

The Google products man then stuck firmly to Google+ territory. After all, it's a new landing page for the company, so the logic seemed to follow that a change in ID-handling within that tech was perfectly acceptable. Facebook, of course, has long insisted that individuals provide their real names to access the site.

"We've noticed that many violations of the Google+ common name policy were in fact well-intentioned and inadvertent and for these users our process can be frustrating and disappointing," admitted Horowitz.

"So we're currently making a number of improvements to this process – specifically regarding how we notify these users that they're not in compliance with Google+ policies and how we communicate the remedies available to them."

In other words, nothing's going to change about the policy, but Google will better inform its "test field-only" userbase.

Before users are suspended for having a name not consistent with the one on their passport, birth certificate, CV or other official document, Google will give them the chance to correct it, otherwise those individuals can expect to be locked out of Google+.

And here's the money shot: "[W]e're looking at ways to improve the signup process to reduce the likelihood that users get themselves into a state that will later result in review."

Horowitz then skates over the fact that people sometimes use either their real name or an anonymous handle depending on how they want to present themselves online. This can sometimes involve serious political or personal reasons, a lengthy list of which is provided by the Geek Feminism blog here.

"We've noticed that some people are using their profile name to show off nicknames, maiden names and personal descriptions," he wrote. "While the profile name doesn't accommodate this, we want to support your friends finding you by these alternate names and give you a prominent way of displaying this info in Google+.

"If you add nicknames, maiden names, etc to the 'Other names' portion of your G+ profile, those with permission to view those fields can search for you using that term."

Irony alert! Horowitz is a fan of the pseudonym, indeed he uses the name "elatable" on Twitter and elsewhere.

But, as with Facebook, there's no wiggle room for people who want to keep their anon ID entirely separate from their real name within Google+.

And perhaps that's as it should be for a site that screams "SOCIAL". For many the true disappointment is the sudden impact Google's efforts to create a social graph have apparently had on the rest of its online empire.

Horowitz said he wanted to "debunk myths" about what some see as a downright creepy ID verification shift at Mountain View, by saying his company "aspired" to have "great solutions" for the likes of "teenagers" and "disadvantaged populations".

But such an aspiration clearly isn't good at yielding revenues, as Google's money-shy YouTube has demonstrated only too well.

He added that other Google accounts would not suffer the same suspension state as Google+, if an individual violates the firm's common name policy.

In other words, Gmail, Calendar, Blogger, etc all remain active. The one thing he failed to mention: New sign-ups to these services won't be able to do so anonymously anymore* are increasingly required to link back to a central Google email account.

It's unsurprising, then, to see the UK's information commissioner's ears prick up.

We asked his office to specifically consider, courtesy of one disgruntled Reg reader, if Google's Profile service in its current state constituted a so-called "Directory of Subscribers" under the Privacy and Electronic Communications (EC Directive) Regulations 2003.

Brussels commissioner Viviane Reding previously indicated to this author that the likes of Google and Facebook had "nowhere to hide" on such data issues, given that the US-based firms have clear business interests in Europe.

Notably, last weekend Google began more strictly applying its anti-private profile policy to its online estate. The result was that some users of its Google+ project were unceremoniously dumped. And an outcry has already begun ... ®

Corrections

*This story was corrected on 2 August to clarify Google's current verification requirements for some of its services.

Secure remote control for conventional and virtual desktops

More from The Register

next story
One HUNDRED FAMOUS LADIES exposed NUDE online
Celebrity women victimised as Apple iCloud accounts reportedly popped
Rubbish WPS config sees WiFi router keys popped in seconds
Another day, another way in to your home router
Goog says patch⁵⁰ your Chrome
64-bit browser loads cat vids FIFTEEN PERCENT faster!
NIST to sysadmins: clean up your SSH mess
Too many keys, too badly managed
Scratched PC-dispatch patch patched, hatched in batch rematch
Windows security update fixed after triggering blue screens (and screams) of death
Researchers camouflage haxxor traps with fake application traffic
Honeypots sweetened to resemble actual workloads, complete with 'secure' logins
Attack flogged through shiny-clicky social media buttons
66,000 users popped by malicious Flash fudging add-on
New Snowden leak: How NSA shared 850-billion-plus metadata records
'Federated search' spaffed info all over Five Eyes chums
Three quarters of South Korea popped in online gaming raids
Records used to plunder game items, sold off to low lifes
prev story

Whitepapers

Endpoint data privacy in the cloud is easier than you think
Innovations in encryption and storage resolve issues of data privacy and key requirements for companies to look for in a solution.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Advanced data protection for your virtualized environments
Find a natural fit for optimizing protection for the often resource-constrained data protection process found in virtual environments.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Next gen security for virtualised datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.