I saw a talk at defcon by a former google employee named Brian Kennish, author of disconnect.me. He said that google has 3 data sources in particular that, if tied together, would be very worrisome. Those were:
Google Analytics - Every time you visit a page with this javascript, google obviously receives a get request from your IP address
+1 Button - Similar to what facebook is doing, hits for the +1 button, whether you click it or not, are another GET request to google
Your google account - if logged in, they obviously have a ton of information about you.
If I recall correctly, he said that the idea of tying these together came up frequently, but has always been shot down as too invasive. At the time, he said he believed they had no plans to ever do this when he left the company. Doing this would be easy, and would tie nearly all of your browsing activity to your google account. That, to me, is evil.
This update sounds suspiciously like they have gone ahead with this idea. If so, I don't understand how people are ok with this.
Can you actually point to a new part or dropped clause of the new policies that you're objecting to? Or did you just read the blog post and decide to share? Wariness is good, but innuendo does no one any favors (sorry, this sort of post really bugs me).
The analytics team continually repeats exactly out what they do with user data[1], and a two second search found the +1 button privacy policy[2]. Yes, they might be lying, but they probably wouldn't update the privacy policy then, would they?
There are no doubt concerns, but be specific.
Disclosure: I use Analytics on my site and pick apart every morsel of data in there that I can. Sorry.
The purposes for the update are way more simple and common sensical than that.
Until this change, pretty much every product had it's own privacy policy. I think there were something like 70-ish different policies. For both users and people within the company having so many slightly different privacy policies is a complete mess.
As a user, trying to keep straight in your head the subtle difference between gmail's policy and search's policy and the policies for photos, google+, blogger, etc. is probably impossible for most people. It gets even harder when products start interacting in interesting ways. For example, if you share a picture from a Picasa album to G+ contacts, which then generate message in gmail with pointers (or copies) of the picture, which privacy policy applies? If you're in gmail and you chat with someone from you circles, which policy applies?
(Note - I'm not at all interested in debate about whether people like the features I used as examples. I am simply using examples off the topic of my head to try to show some of the problems inherent with having per-product privacy policies when the lines between products is blurring)
The goal is that, by having a single and comprehensive privacy policy that applies to all Google products, it will be easier for users to understand exactly what promises Google is making and not making. It also makes it easier for engineers (like me) that are creating and improving products.
I'm not in a position to make any promises about future policy decisions. So I'm not not comfortable trying to speculate about future plans. I can say that I believe in the character of the current leadership, but beyond that...
As to whether it is done currently? The simple answer is I don't know. I haven't heard anything that would make me think it is, but I don't work close enough to those areas that I necessarily would.
I would be surprised if the things you list are combined in an meaningful way (obviously, if you use analytics, there is a link between your account and your analytics data, the same way there is if you use docs or picasa - but I'm pretty sure that's not what you're asking about :-) )
This update sounds suspiciously like they have gone ahead with this idea. If so, I don't understand how people are ok with this.
I think the privacy policy is trying to say, "when you type a query into Google Search, you may see some of your GMail messages in the results." That could be surprising if you're not aware that it could happen, but generally beneficial and Not Evil (at least in my opinion).
That sounds terrible, although I agree not evil. Although what is evil is they won't let me opt out of them using my email content for their ads in gmail. They say they let you opt out, but they just keep using it.
All of these recent changes has me considering moving away from GMail for mail and to Hotmail. I've already made the search change to Bing (over a year ago). GMail has been miles ahead for years, but over the past year or so Hotmail has almost comletely closed the gap.
Just out of curiosity, does it also upset you that your ISP reads your email in order to filter out spam and verify the DKIM signature?
Ultimately, email that is not encrypted is going to be read and tamperd with in transit. It's an intrinsic quality of SMTP-based electronic email. Might as well get a nice UI and a few gigs of storage out of it :)
Neither email nor spam filtering nor any other kind of filtering should be the job of an ISP. An ISP should be a big, dumb bit pipe, nothing more, nothing less.
That's one way of looking at it, but email without spam filtering is largely useless. There's just too much of it.
Similarly, ISPs filter all sorts of other stuff: forged packets, bogus routes, and so on. The Internet simply would not work without ISP-level filtering. Dumb pipes get clogged too easily.
That's why I use GMail. Its spam filtering is top-notch.
I use Verizon FiOS for internet. It works pretty well. But no way do I want Verizon doing my email. I view it as a conflict of interest. It pisses me off that they also provide TV and continually try to upsell me to it. I'd much rather the whole bandwidth of the fiber be devoted to internet and none to TV.
I don't have a problem with the low-level filtering you mention. That just makes the pipe work better. But I do have a problem with ISPs wanting to morph into more that.
If your ISP offers you email service and you take advantage of it, you aren't asking it to just be a big dumb pipe.
ISPs do nothing of the sort when you get your email through third-party providers like gmail, which people obviously do not want to just be a big dumb pipe, since the entire purpose of using gmail is as a email service.
Put another way: The person you're replying to was using the term "ISP" loosely, and you're using it very narrowly. There was a time when your ISP was almost always your email provider, and third-party services and self-hosting were extremely rare.
Disregarding all the other discussions going around about Google, I think this is a great approach to get the user to know the TOS, I hope many more companies follow this path.
In fact, now that I think of it, it is the first time I have fully read a TOS agreement (as a user), I thought it was simple and clear, though IANAL and I'm not sure about the legal implications.
Devoid of the proper context, it's amusing to think about your post in terms of the uncertain legal implications of users actually reading and understanding the TOS.
The reputation of "legalese" is really a cultural artifact we forgot to forget.
Back when Men were Men and the masses were somewhere between illiterate and "see spot run", the man on the street wouldn't have had much chance of understanding legal documents in the first place.
Later on, in the English world, the continued use of a lot of Latin also served to alienate people.
There have been explicit efforts to bring legal language back to the real world, and these days it's really no worse than any other professional jargon. Try reading through, say, the New England Journal of Medicine.
(If this weren't Hacker News, I'd tell you to go try reading a programming language reference manual, but you probably wouldn't have any trouble with that.)
Of late, I've paid attention to how many letters I must type into "google" before it generates an auto-completed phrase I'm searching for.
I am profoundly impressed by how little typing is required. It certainly feels like communicating with an artificial intelligence.
This feels like value created on a giant scale.
My father was one of the first computer programmers: starting sometime around the late 50's, he wrote code in a language called octal, using vacuum tubes and wires. One of his first projects was to write a routine to calculate square roots.
Fifty years later, a computer knows that when I type "toc", I'm probably looking for the "Tournament of Champions Squash Tournament" presently being held in Grand Central Station. Remarkable.
I've been seeing this new development being characterized as Google's "evil" moment, but I'm not convinced. I thought it was more evil when they changed account creation last week to require both a Gmail and G+ account. That's bad for users. This doesn't seem that way to me.
I think the "evil moment" is more about the new "Search Plus Your World". Every big social site that doesn't let Google index (and therefore, display) their content has called SPYW "evil", in that it "pollutes" Google Search results with content from Google+, Youtube, and other Google sites, instead of using stuff from Facebook, Twitter, etc. (who, as mentioned above, do not let Google see their content). The whole thing reeks of "You can't see my data, Google, but I DEMAND to be in your search results anyways".
The new privacy policy is only incidental, and, as nknight mentions here [1], it is probably motivated by government regulation as much as it is Google's focus on integration.
There's data, and there's data. I distinctly remember that Google used to have an "Instant feed" on Google News (I may remember the name wrong), where it showed relevant results from Twitter in real-time. They don't do that anymore, because Twitter no longer allows Google access to the real-time data. Google now has to crawl for it, which takes much longer and completely destroys any semblance of immediacy. They had to take the feature down (or, in any case, I can't find it after about 15 minutes of searching).
Facebook has always hid as much data as they could. Searching for "site:facebook.com" in Google does, as you say, return about 7.5 billion results. Glancing through the first few pages, a majority seem to be from various organizations whose profiles are left completely open to the public.
I'm not contesting that Google has some data from Twitter and Facebook (though on rereading my post, it does sound like I am saying that). Rather, I am saying that Google no longer has accurate, up-to-date information on a majority of profiles from Twitter and Facebook.
If a majority of the data from a site is not complete, then Google has no choice but to penalize those pages in its results, because it has no way of guaranteeing that those results are relevant. It used to be able to do this with Twitter, but one side or the other let that deal fall through (I don't know which side is most responsible, but I heard, from here and other places, that Twitter was the primary culprit). It never had an information sharing deal with Facebook.
What Twitter and Facebook are getting pissy about is that Google is refusing to send Twitter and Facebook pages to the top of the results page. They want this done, no questions asked. Google cannot in good conscience do this, because they do not have enough data to make accurate relevancy predictions. Google also cannot use Twitter and Facebook data in the Search Plus Your World results, because they have absolutely no access to Twitter and Facebook's social graphs.
So, yes. Google has incomplete and outdated data from several billion pages from each site. It does not have enough data to guarantee relevancy, and so chooses to penalize those pages it does have, thus making Twitter and Facebook upset.
Do you really want individual tweets showing up in Google's main search results? Google doesn't seem to individually index Google+ posts, either - there's only 15 million search results for "site:plus.google.com".
As a general rule, you should ignore all editorializing in press releases that spin something as a benefit, especially where your rights or data are involved. If they are trying to screw you, they are going to be spinning it. I am not saying they are or are not doing this in this case (though I am very concerned), but the goal is never to "make things more simple."
Google did not sit around and pay a group of people to simplify their policies. In fact, it's insulting to users' intelligence that they state this as the primary motivator. This change is to enable something much bigger. Just like when facebook makes "sharing more simple".
My reading of the privacy policy is that Google isn't asking for any new rights here, they're just being explicit about what they plan to do with data they collect from you. For some people, the explicit enumeration will make them say, "whoa, time to get out of here!" And that's what Google wants; they don't want to surprise their users with features that may make users feel unsafe online. (Remember, Google tries to keep customers by providing great products, not by locking them in. If you want to stop using Google Reader, or whatever, you can export your data to a usually-standard file format, and join a competing service instead. That's pretty awesome, considering they make no money when you stop using their service.]
You can chalk this up as "evil", but it's just the opposite. Google makes search results better when they can track you, so they want you to know that you're being tracked and how to opt out. Yes, tracking is scary and the ideal situation would be not tracking anyone ever. But that's how pre-Google search engines worked and those search engines barely worked at all. So I don't see how Google can provide a search engine without keeping some of your data around. They know this and want you to know, too.
What you should be afraid of are the companies that try to disguise what they do with your data. Someone is selling my name and address to companies trying to sell me credit cards and aluminium siding. I doubt it's Google.
"new Privacy Policy makes clear that, if you’re signed in, we may combine information you've provided from one service with information from other services"
Google, you were nice enough to provide a toggle button to turn off the personal search feature. Now, could you be nice enough to provide an option to opt-out of this combined-information utopia of yours? I don't want to participate in this combined information experiment.
There is so much talk about SPYW and its evil implications. If google just adds a new tab , saying social search , wont that solve the problems. And if twitter wants to share its tweets , fine , lets get twitter on board as well. And I dont think facebook will let google access its data , and it might still say its evil.
It's actually longer than the "existing" policy, but covers a lot more of Google's services under one umbrella.
In any case, a TOS is basically governed by ordinary contract law, which allows for a much more generalized, principles-based document.
Privacy policies are increasingly governed by regulatory requirements, and those requirements are increasingly demanding a fair bit of specificity, so you're seeing an inevitable and likely permanent state of affairs.
I can't be the only person who assumed Google already shared data between it's properties, right? I don't go into the grocery store and assume what I buy in produce is hidden from what I buy in the deli.
In fact, I want this. I use Google services for their convenience and function. If the things I share on Google+ or the videos I view on youtube alter the ads I see, it probably makes them far more relevant. And it's honestly about 1 time in 500 I don't get what I was looking for in the top 10 results in a regular search, even when logged in.
> I don't go into the grocery store and assume what I buy in produce is hidden from what I buy in the deli.
You probably don't talk to the shop assistant in produce about your medical problems and then ask the deli staff about life insurance.
You probably don't book a four night away break in produce and then meet a friend (who happens to be a divorce lawyer) in the deli, where the staff know all about what he does for a living.
You probably don't discuss homosexual relationships in produce and then call your boss, Colonel Gaybasher, from the deli's payphone.
One of the most valuable things about privacy is that it lets us compartmentalise our lives. That helps people we know by not inflicting parts of our lives they don't care about on them. It also helps us, by allowing us to explore and develop one aspect of our lives with people we trust to help us, without allowing others who we don't trust to know about it or interfere with the rest of our lives as a result. One specific example of the latter idea is that maintaining privacy means someone who is trying to assess us doesn't get incomplete information that they consider relevant and then jump to conclusions based on getting the wrong idea.
The likes of Google and Facebook are now so ubiquitous that the complete destruction of that privacy for millions of people is a profit-seeking executive's sneeze away from happening. It's bad enough that they rely on this sort of perma-snooping on their own users on their own sites for their own advertising. It's downright creepy that they are abusing the nature of the Internet and the ignorance of most people about that nature to spy on people visiting other sites as well.
Google Analytics - Every time you visit a page with this javascript, google obviously receives a get request from your IP address
+1 Button - Similar to what facebook is doing, hits for the +1 button, whether you click it or not, are another GET request to google
Your google account - if logged in, they obviously have a ton of information about you.
If I recall correctly, he said that the idea of tying these together came up frequently, but has always been shot down as too invasive. At the time, he said he believed they had no plans to ever do this when he left the company. Doing this would be easy, and would tie nearly all of your browsing activity to your google account. That, to me, is evil.
This update sounds suspiciously like they have gone ahead with this idea. If so, I don't understand how people are ok with this.