Feeds

UK data watchdog 'looking into' Google+ mission creep

Google + Profiles – pseudonyms = privacy headache?

Providing a secure and efficient Helpdesk

Updated: Exclusive Blighty's Information Commissioner's Office is currently "looking into" Google's recent ID verification rejig, The Register has learned.

A spokeswoman confirmed to us yesterday that no formal investigation is yet underway, but the ICO is nonetheless using official man-hours probing Mountain View's recent changes to its profiles and username sign-ups.

Google, in the meantime, has clarified its position on the Chocolate Factory's newly installed common name profiles policy that has been created to place its social network project, Google+, at centre stage within its online estate.

The company's product veep Bradley Horowitz responded to recent criticism levelled against Google's identity verification tweaks, which in the next few days will lead to the mass deletion of private profiles for the firm's products.

Meanwhile, the Google ID screws have been tightened elsewhere. For example, wannabe Gmail users are now required to insert their real names when creating an account* are asked to verify their account sign-ups by providing phone numbers to Mountain View.

In effect, pseudonyms are no longer welcome at Mountain View, despite recent marketing-motivated comments during the Arab Spring uprising that suggested otherwise. YouTube used as a revolutionary tool? Not so much. And arguably not at all any more, given the sudden banishment of anonymous users from the video-sharing service.

Horowitz did little to move on from the debate/row brewing over Google's latest efforts to grab more data from some of its unwitting users, who largely sign up to the company's products for free, thereby becoming the product – whether they realise it or not.

He naturally published his comments about ID ownership on Google+, after an earlier discussion on the changes between serial tech blogger Robert Scoble and Vic Gundotra, Google's engineering veep.

Horowitz was keen to point out that Google+ remained a work-in-progress, and claimed feedback would be heard. He also spoke of the need to be "transparent" about the common name policy tweaks. It's a debate, he said, that would continue for some time.

The Google products man then stuck firmly to Google+ territory. After all, it's a new landing page for the company, so the logic seemed to follow that a change in ID-handling within that tech was perfectly acceptable. Facebook, of course, has long insisted that individuals provide their real names to access the site.

"We've noticed that many violations of the Google+ common name policy were in fact well-intentioned and inadvertent and for these users our process can be frustrating and disappointing," admitted Horowitz.

"So we're currently making a number of improvements to this process – specifically regarding how we notify these users that they're not in compliance with Google+ policies and how we communicate the remedies available to them."

In other words, nothing's going to change about the policy, but Google will better inform its "test field-only" userbase.

Before users are suspended for having a name not consistent with the one on their passport, birth certificate, CV or other official document, Google will give them the chance to correct it, otherwise those individuals can expect to be locked out of Google+.

And here's the money shot: "[W]e're looking at ways to improve the signup process to reduce the likelihood that users get themselves into a state that will later result in review."

Horowitz then skates over the fact that people sometimes use either their real name or an anonymous handle depending on how they want to present themselves online. This can sometimes involve serious political or personal reasons, a lengthy list of which is provided by the Geek Feminism blog here.

"We've noticed that some people are using their profile name to show off nicknames, maiden names and personal descriptions," he wrote. "While the profile name doesn't accommodate this, we want to support your friends finding you by these alternate names and give you a prominent way of displaying this info in Google+.

"If you add nicknames, maiden names, etc to the 'Other names' portion of your G+ profile, those with permission to view those fields can search for you using that term."

Irony alert! Horowitz is a fan of the pseudonym, indeed he uses the name "elatable" on Twitter and elsewhere.

But, as with Facebook, there's no wiggle room for people who want to keep their anon ID entirely separate from their real name within Google+.

And perhaps that's as it should be for a site that screams "SOCIAL". For many the true disappointment is the sudden impact Google's efforts to create a social graph have apparently had on the rest of its online empire.

Horowitz said he wanted to "debunk myths" about what some see as a downright creepy ID verification shift at Mountain View, by saying his company "aspired" to have "great solutions" for the likes of "teenagers" and "disadvantaged populations".

But such an aspiration clearly isn't good at yielding revenues, as Google's money-shy YouTube has demonstrated only too well.

He added that other Google accounts would not suffer the same suspension state as Google+, if an individual violates the firm's common name policy.

In other words, Gmail, Calendar, Blogger, etc all remain active. The one thing he failed to mention: New sign-ups to these services won't be able to do so anonymously anymore* are increasingly required to link back to a central Google email account.

It's unsurprising, then, to see the UK's information commissioner's ears prick up.

We asked his office to specifically consider, courtesy of one disgruntled Reg reader, if Google's Profile service in its current state constituted a so-called "Directory of Subscribers" under the Privacy and Electronic Communications (EC Directive) Regulations 2003.

Brussels commissioner Viviane Reding previously indicated to this author that the likes of Google and Facebook had "nowhere to hide" on such data issues, given that the US-based firms have clear business interests in Europe.

Notably, last weekend Google began more strictly applying its anti-private profile policy to its online estate. The result was that some users of its Google+ project were unceremoniously dumped. And an outcry has already begun ... ®

Corrections

*This story was corrected on 2 August to clarify Google's current verification requirements for some of its services.

New hybrid storage solutions

More from The Register

next story
Google recommends pronounceable passwords
Super Chrome goes into battle with Mr Mxyzptlk
Infosec geniuses hack a Canon PRINTER and install DOOM
Internet of Stuff securo-cockups strike yet again
Reddit wipes clean leaked celeb nudie pics, tells users to zip it
Now we've had all THAT TRAFFIC, we 'deplore' this theft
Apple Pay is a tidy payday for Apple with 0.15% cut, sources say
Cupertino slurps 15 cents from every $100 purchase
YouTube, Amazon and Yahoo! caught in malvertising mess
Cisco says 'Kyle and Stan' attack is spreading through compromised ad networks
TorrentLocker unpicked: Crypto coding shocker defeats extortionists
Lousy XOR opens door into which victims can shove a foot
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.