news


EPIC questions Google’s security credentials

Google Crosshairs

The Electronic Privacy Information Centre (EPIC) has filed a complaint with the Federal Trade Commission (FTC) asking the body to investigate Google’s tracking algorithms.

According to EPIC, Google not only collects information about users in the digital world, but also in the physical. Using such tools as Store Sales Measurements, Google is able to figure out whether you use your device to research a product before going in to purchase IRL. It’s a way for advertisers to figure out whether their online promotions are actually working.

While this does sound very daunting, Google of course guarantees the data is modelled and anonymized meaning it would be ‘impossible’ for a hacker to link anything back to an individual users, but EPIC has called this into question. Essentially it wants Google to prove its security credentials, but the search giant has refused to do so do date.

The complaint is built on a lack of transparency from Google:

“Google claims that it can preserve consumer privacy while correlating advertising impressions with store purchases, but Google refuses to reveal – or allow independent testing of – the technique that would make this possible,” the complaint reads. “The privacy of millions of consumers thus depends on a secret, proprietary algorithm.”

There are few companies in the world which you would have a great amount of confidence in from a cyber security perspective today. This is not because they are incompetent, but simply because the hackers are that good. The number of breaches in recent months just proves that this is a battle the technology industry is losing. That said, Google is probably one of the most technologically gifted companies on the plant; if anyone has a chance of protecting privacy, it is Google.

However, Google is potentially shooting itself in the foot here.

For most people, Google is a useful search engine. They don’t care how it makes money, and most would probably assume the sponsored adverts at the top of the page are enough. The number of ways which the internet giant monetizes the user is truly baffling, and would shock some people. Should such techniques, which are accepted and envied by the rest of the tech industry, come to light for the general public it could be a major PR disaster.

How Joe Blogg on the street would react to the terms and conditions, which effectively allows Google to keep permanent tabs on the user, is unknown, but a smart cookie might gamble on it not being good. The general public is happy to live in ignorance here (we’re not suggesting this a good thing BTW), but as long as free services are available they are generally happy to just accept them. Digging deeper might uncover some unpleasant truths which would remove a convenience of life.

Should EPIC get its wish and a full blown investigation is launched into the security activities of the internet search monster, the nitty gritty details of how Google does business will hit the headlines. It could be a disaster.

Now this is just a complaint for the moment. It’s a privacy group trying to push an investigation, which happens all the time; it might turn into nothing. That said, EPIC has a successful track record of encouraging the FTC into investigations. Previous complaints have led to investigations into Facebook’s privacy preferences and the launch of Google Buzz, as well as complaints against AskEraser (search histories that are not deleted) and Snapchat (images that do not ‘vanish’). It’s a privacy champion which has some serious wins.

Google should be held accountable, it should be investigated and it should be forced to demonstrate its security credentials. Too many people rely on the service and place confidence in the brand with personal and sensitive information. But forcing EPIC to go down the official route could end up in a drawn out and very public forensic examination of activities. Considering how much the general public doesn’t know about Google, this could be a worrying path. Tread carefully Googlers; there could be some serious backlash down the road.


Leave a comment

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Polls

How have open source groups influenced the development of virtualization in telecoms?

Loading ... Loading ...