Online privacy concerns experts

Stanford and Bay Area Internet privacy researchers and analysts are cautious about recent government calls for online privacy legislation and expressed concern about the possible direction of consumer privacy rights at Google.

 

Researchers at the Stanford Center for Internet and Society (CIS) commented on President Obama’s recently proposed Federal Consumer Privacy Bill of Rights and on new developments at Google, most notably the company’s March 1 privacy policy consolidation and reports that Google was bypassing Safari’s default privacy settings and tracking users through cookies.

(AUBRIE LEE/The Stanford Daily)

 

CIS student fellow Jonathan Mayer, who published the initial report about Google and Safari, said that Google’s new policy highlights a growing corporate concern over online consumer privacy. According to Mayer, a second year graduate student in law and computer science, the policy changes have already garnered international criticism and raised questions about the company’s relationship with its consumers.

 

“Privacy is right now undergoing the renaissance that computer security underwent a decade ago,” Mayer said. “It wasn’t until, give or take, the last five to 10 years ago that people really started to put their entire lives online.”

 

Mayer said that concerns for privacy protection have grown steadily, as consumers post more personal information online, and as advertising corporations determine practices for using this information.

 

Aleecia McDonald, a CIS resident fellow specializing in Internet privacy, said in an email to The Daily, “there has been a steady procession of problems, including privacy problems from what were once highly trusted brands and companies.”

 

“Government and press are responding to the same underlying issues that companies are not respecting users’ choice and control over data pertaining to them,” McDonald said.

 

Google privacy changes

 

According to Mayer, the only two things that have substantially changed with Google’s privacy policy are that Google is now able to use web search history with all the other data it collects, and that it now has access to YouTube data.

 

Otherwise, Mayer said that the policy is still too open-ended and raises concerns of liability.

 

“One real issue about moving towards an open-ended privacy policy is let’s say they do mess up, or move in a direction that’s less consumer friendly, now there’s not a lot to hold them to,” Mayer said.

 

Mayer added while Google has maintained a good reputation–with the exception of particular issues regarding data collection, as in the Safari case–there is still value in being able to hold companies responsible for privacy matters.

 

Lee Tien ‘79, senior staff attorney at the Electronic Frontier Foundation (EFF), said in an email to The Daily that Google only partly succeeded in alleviating privacy concerns.

 

“The short story is that Google did a good thing in terms of transparency by explaining what they were doing, but did a poor job of explaining what was new and different,” Tien said.

 

Mayer said that there is a current debate over Google’s legal liability with regards to the Safari incident, as well as whether the Federal Trade Commission (FTC) would need to enforce Google’s statement on its website, advising Safari users that disabling Safari cookies would mean disabling Google cookies as well.

 

Federal action

 

On Feb. 23, the Obama Administration unveiled a Federal Consumer Privacy Bill of Rights aimed precisely at the issues raised in conversations about Google’s practices.

 

McDonald said it is merely a coincidence that Mayer’s report was published just before the federal announcement.

 

While EFF is in favor of the federal formulation, legislation must now be created since it is currently only a statement of rights, Tien said.

 

McDonald agreed that the legislation would most likely only happen in a second Obama term, but for now the Do Not Track (DNT) policy–which allows users to opt out of being tracked on major browsers and other online corporations with access to consumer information–is the most reliable form of privacy policy enforcement for companies like Google.

 

Tien said the EFF gives Google credit for agreeing to implement “Do Not Track” into the Chrome browser by the end of the year.

 

Mayer predicted that DNT will serve as a political football in coming weeks, “given that it’s the furthest along of all the attempts at making a multi-stakeholder, good-faith effort at a solution to a consumer privacy problem.”

 

Mayer’s current research looks into how the advertising industry plans to adopt the DNT technology, as well as how he foresees this being an unsuccessful strategy, he said.

 

Regardless, Mayer said he has high hopes for Do Not Track’s future as currently the most reliable form of enforcement.

 

“Initiatives like DNT are going to be the standard bearers into a new generation where government does place some demands on companies’ interaction with personal information,” Mayer said.

About Ileana Najarro

Ileana Najarro is the Managing Editor of News at The Stanford Daily. She previously worked as a News Desk Editor and Staff Writer.
  • Philippe Buc

    Of course Google should be liable. And if not found liable in the US, will be found liable in Europe by the EU. Since when is it allowed to purloin data in people´s private machines? Many in Silicon Valley have too long considered itself immune from the law, as if this were a simple case of innocent student plagiarism…