Google as the defender of privacy

If you are a regular reader of this blog at all, you know that I am fascinated by search engines and by Google. [You can read this... or this... or this.] And it is fascinating to think of Google as the defender of privacy. There have always been questions about Google's belief in protecting the privacy of its users. [See also this post.]

So this brouhaha over the Justice Department seeking Google's data is all the more fascinating.

First off, mega kudos to the San Jose Mercury News for breaking the story yesterday. Everybody else was following it -- and most folks have it on their front pages today. [Here are stories from the NYT, WP and LAT , which put it on their front pages of their Friday editions.]

Here is the way the SJMN's Good Morning Silicon Valley blog recapped the story yesterday:

What if we promise not to show the records to Karl Rove? [GMSV, 1.19.2006]

If you don't regularly anonymize your Google cookie and purge your personalized search history, now might be a good time to start (then again, in this day and age, why bother?). The Department of Justice on Wednesday asked a federal judge to order Google to comply with a subpoena issued last year for search records stored in its databases. The DOJ argues that the information it has requested, which includes one million random Web addresses and records of all Google searches from a one-week period, is essential to its upcoming defense of the constitutionality of the Child Online Protection Act (think of the children!). Google has so far refused to comply with the subpoena, saying the release of such information would violate the privacy of its users. "Google is not a party to this lawsuit, and the demand for the information is overreaching,'' Nicole Wong, an associate general counsel for Google, told The Mercury News. "[We plan to fight the government's effort] "vigorously.''

Here's hoping the company prevails. The release of such records sets a truly unsettling precedent. And if the goverment's claim that other, unspecified search engines have already agreed to release similar information proves true, we have already lost our footing on a very slippery, very dangerous slope. Said privacy advocate Lauren Weinstein, "It's interesting and disappointing that other search engines would provide this material. It's what we've been worried about all along. The fact that Google is refusing the subpoena...my initial reaction is three cheers for Google. But there is a sidebar to this. Part of the reason these problems come up is because this data is being retained in the first place.''

UPDATE: A nice quip from Danny Sullivan at Search Engine Watch.
Here's a thought. If you want to measure how much porn is showing up in searches, try searching for it yourself rather than issuing privacy alarm sounding subpoenas. It would certainly be more accurate.

Thankfully, we weren't bound by a "Do no evil" clause in our company charter [GMSV, 1.20.2006]

Google saw the Bush administration's request for its search records as "overbroad, unduly burdensome, vague and intended to harass." Yahoo, Microsoft and AOL, mmmm, not so much. A Justice Department spokesman on Thursday confirmed that those three companies were also subpoenaed in late August as part of the administration's effort to resuscitate the Child Online Protection Act, legislation torpedoed by the Supreme Court two years ago on grounds that it violates our right to free speech and is unconstitutional. All of them complied with requests for search data. And today, all of them are doing their damndest to put a positive spin on their cooperation.

"We complied with the request on a limited basis and didn't provide any personally identifiable information," Yahoo said in a statement, adding, "We are rigorous defenders of our users' privacy. We did not provide any personal information in response to the Department of Justice's subpoena." A Microsoft statement said, in part, "We did comply with their request for data in regards to helping protect children in a way that ensured we also protected the privacy of our customers. We were able to share aggregated query data (not search results) that did not include any personally identifiable information.'' AOL took a similar tack. "We gave the DOJ a generic list of aggregate and anonymous search terms from a roughly one-day period," the company said in a statement. "This did not include search results nor any personally-identifiable information and therefore there were absolutely no privacy implications." It's great to hear Yahoo, Microsoft and AOL give at least lip service to the sanctity of personal information, but really this is more about inappropriate uses of subpoena power than it is about privacy. The demands the government is making of Google and other search engines set a very dangerous precedent, the kind of exploratory intrusion that needs to be challenged even if it's launched under a "save the kids from porn" banner.

As we move our data to the servers at Amazon.com, Hotmail.com, Yahoo.com, and Gmail.com, we are making an implicit bargain, one that the public at large is either entirely content with, or, more likely, one that most have not taken much to heart.

That bargain is this: We trust you to not do evil things with our information. We trust that you will keep it secure, free from unlawful government or private search and seizure, and under our control at all times. We understand that you might use our data in aggregate to provide us better and more useful services, but we trust that you will not identify individuals personally through our data, nor use our personal data in a manner that would violate our own sense of privacy and freedom.

That's a pretty large helping of trust we're asking companies to ladle onto their corporate plate. And I'm not sure either we or they are entirely sure what to do with the implications of such a transfer. Just thinking about these implications makes a reasonable person's head hurt.