Privacy in a Information Driven World
In the Internet world today there is one company that is becoming synonymous with it; that corporation is Google. Now a household name, with statements to “just go Google it!” it is by far the number one search engine on the World Wide Web. That being said, many do not realize just how much Google affects their daily life and can expose the little anonymity they thought they once had. The United States Fourth Amendment protects our right “to be secure in their persons, house, papers, and affects, against unreasonable searches and seizures…” but with no fine lined Cyber Law, our privacy is shafted.
Whether it is Google’s use of HTTP cookies or their revealing images through their map service, Google has access to more information then we ever imagined it could. The first thought of the word “cookie” might make one think of a treat to enjoy while relaxing, but in the World Wide Web it is the furthest thing from it. A HTTP cookie is a small piece of text stored on a computer by a web browser. This text contains bits of the user’s data including shopping cart contents, user preferences, as well as tracking all of their web browsing habits (“Google, Privacy.”, 2007). Since most web pages are accessed through a search engine, it only makes sense that Google has the most access to a users web habits as a whole.
Take a moment to consider the many years of search queries, the websites visited from those queries, and the emails both received and sent from their computer. Most users’ consider Internet use as an anonymous version of themselves, when in fact Google has been watching them all along. According to Google’s privacy policy, it does not make users’ IP addresses anonymous until after 9 months and cookies after 18 months. These cookies also don’t expire until the year 2038. (“Gmail Privacy Page,”, 2004)
It has also been noted in Google’s privacy policy that “Google may share cookie information among its other services for the purpose of providing you a better experience.” (Privacy FAQ, 2009) Google claims to not cross-reference their cookies from each of their services, although they have noted it may be something they might eventually look into. Co-founder Larry Page has said “It might be really useful for us to know that information. I’d hate to rule anything like that out” (“Privacy Concerns Raised,” 2004) .
Google explains that by storing users’ search engine data logs, they are improving the user’s search results as well as maintaining the security of their systems. When accessing a email through Gmail, a user will notice advertisements targeted at what text is written in their email. When accessing a Gmail email discussing Christmas gifts, sponsored ads are provided giving links to Tiffany & Co. along with many other companies helping the users’ in their search of a gift. Although it has claimed to be automated, one can only imagine what would happen if this information wasn’t filtered through. (Orlowski, 2004)
Gmail users also have an easier option to archive an email instead of deleting it. With one-gigabyte of storage, you are able to keep all emails easily searchable for an unlimited amount of time. Even when deleted, they can be kept indefinitely at the Google headquarters. By having this information held for long periods of time, they have the ability of someday creating profiles on a user. Although it is illegal now, it may not be in the future. One might question if it is worth it, knowing that any and all information they have stored could be released to the world at a moment’s notice with enough probable cause. Even users who use other email services are victim to their keyword pulls by sending an email to a Gmail user (“Gmail Privacy Page”).
Google also recently acquired YouTube in hopes to continue to improve the World Wide Web of its usefulness. “The YouTube team has built an exciting and powerful media platform that complements Google’s mission to organize the world’s information and make it universally accessible and useful,” said Eric Schmidt, Chief Executive Officer of Google. “Our community has played a vital role in changing the way that people consume media, creating a new clip culture. By joining forces with Google, we can benefit from its global reach and technology leadership to deliver a more comprehensive entertainment experience for our users and to create new opportunities for our partners,” said Chad Hurley, CEO and Co-Founder of YouTube. (“Google To Acquire,”, 2009).
Google’s Street View option on Maps has also received many public complaints due to the imagery taken in public locations. This feature was created to enable users to discover and plan activities relevant to a location. The images are acquired by a camera at car level and at times are deemed inappropriate, portraying illegal activity and even showing arrests. Until recently, no attempts were made at face blurring (Vaas, 2007) (Knight, 2009)
Google has made a monopoly figuring out ways to target a user even when they are on different computers using IP addresses. By signing up for their services, Google can access a users information at different locations. These separate IP address can potentially be traced to a users workplace, school campus, and vacation locations. Also, by signing on to many of their products, they acquire information such as a user’s name and date of birth (“Google, Privacy,”).
“If you have an account, we may share the information submitted under your account among all of our services in order to provide you with a seamless experience and to improve the quality of our service” (Google FAQ) Knowing this information along with your search queries makes for one interesting sell through Google’s advertising program: AdWords (“Google, Privacy,”). This program gives user’s the capability of targeting consumers by demographic, age, race, and income paired along with the keyword for which they are searching for.
The imaginable risks concerning Google’s access to some of our most private information are endless. The growth of Google in the past 11 years is enough proof of where it might be taken in another decade. Just because a user is searching for an item using a search service, their privacy rights have now been forfeited. By virtually agreeing to these policies a user is increasing the potential for their privacy to be abused in the future. The paragraphs above list only some of the issues that are at times in violation of our Fourth Amendment rights. Although Google asks a user to accept their cookies, along with their privacy policy, it is still logging their Internet habits from that point on. Their claims to protect the user’s data is often challenged with court orders to release information as well as to track a user live.
Unfortunately, Cyber Law is still in its beginning stages, and there are many privacy issues to sort out. If IP addresses from illegal mp3 downloads are being subpoenaed, why shouldn’t our emails? The question always comes back to, how can I protect myself? “If we make any significant changes to this policy, we will notify you by posting a notice regarding changes on the Gmail login page.” notes one of Gmail’s first privacy policies (Google Privacy, 2004). Once again this is a fine line, violating Fourth Amendment expectations. If Google is permitted to automate our email, and save indefinitely for possible later use, what privacy really remains?
Congress passed the Computer Fraud and Abuse Act in 1984 to reduce the risk of computer security hackers from gaining administrative control of a user’s computer. Over the years the Patriot Act has increased the penalties due to the growth of the World Wide Web. Criminal offenses include: knowingly accessing a computer without authorization to obtain financial records, information from a government agency, as well as information from a protected computer that involves foreign communication. Among many other things it also protects us by criminalizing transmission of information that can causes damage that results in physical injury, a threat to public health or safety, as well as a loss of one or more persons during any one-year period aggregating at least $5,000 in value (“Fraud and related activity,”, 2009).
The Electronic Communications Privacy Act of 1986 carries many criticisms that I have noted Google fully takes advantage of.
Title I of the ECPA protects wire, oral, and electronic communications while in transit. It sets down requirements for search warrants that are more stringent than in other settings. Title II of the ECPA, the Stored Communications Act (SCA) protects communication held in electronic storage, most notably messages stored on computers. Its protections are weaker than those of Title I, however, and do not impose heightened standards for warrants. Title III prohibits the use of pen register and/or trap and trace devices to record dialing, routing, addressing, and signaling information used in the process of transmitting wire or electronic communications without a search warrant. (”Electronic Communications”, 2009)
The Stored Communications Act, 18 U.S.C. §§ 2701 to 2712, was passed by congress in 1986 as a part of the Electronic Communications Privacy Act. This act addresses the issues with third party ISP storing your online habits. By agreeing to a services privacy policy, you in some ways forfeit your Fourth Amendment rights by using their services. Only a subpoena and prior notice is needed to use an ISP to fetch your information via email or on your server. (”Stored Communications”, 2009)
Theofel v. Farey-Jones, 2003 U.S. App. Lexis 17963 decided that using a civil subpoena which is “patently unlawful”, “bad faith” “massively overboard” and “at least gross negligence” to gain access to stored email is a break of the Computer Fraud and Abuse Act as well as the Stored Communications Act (“Computer Fraud”, 2009).
The court also rejects the defendants’ claim – accepted by the trial court – that the Computer Fraud and Abuse Act “does not apply to unauthorized access of a third party’s computer.” The court finds that the statute’s language contradicts this reasoning. The statute offers a remedy to “any person” who suffers loss due to violations of the statute, not just the owner of the computer where the messages were stored. (Gelman, 2003)
This lawsuit opens up the flaws behind Gmail tracking unsubscribed users that email their subscribed users. Much like Theofel v. Farey-Jones case, past communication was and is presently stored for extended periods of time. While Farey-Jones held the information without cause, Google claims it is to improve the service provided to the user.
In 2008, a New York judge ordered that Google hand over personal information of every person who has ever watched a video on YouTube.com. This came to light because of recent allegations that copyrighting in encouraged on Google’s video sharing website. Although Google fought the order stating that it was prohibitive, the court rejected the adjudication (Johnson, 2008). This case stirred up YouTube users, in fear that their information would not be in another’s hands. Luckily in this case, Google continued to fight for their protection. Viacom compromised with Google, letting them make their users IP addresses, and user information anonymous before delivering the information to Viacom. (”Google must divulge”, 2008)
Fact is, the World Wide Web is changing so fast that Cyber Law cannot keep up. Because the Internet is so highly accessible, the complexities of legal issues surrounding a users privacy online will continue to pile up without much resolve to its users. Although Google users have been mostly protected in the past, how can they be assured they will continue to stay that way?
Due to the complexity issues within the World Wide Web, specifically privacy, it is difficult to protect all users of their rights. Current laws allow users to abuse copyright laws and can protect them using the First Amendment. Also, violations can be made internationally therefore separate laws and codes might not be in the user or corporations favor. A person’s location is difficult to pin down in multiple locations as well as the actual identity of the user is sometimes entirely independent. (Cyberlaw, 2009)
Cyberspace radically undermines the relationship between legally significant (online) phenomena and physical location. The rise of the global computer network is destroying the link between geographical location and: (1) the power of local governments to assert control over online behavior; (2) the effects of online behavior on individuals or things; (3) the legitimacy of the efforts of a local sovereign to enforce rules applicable to global phenomena; and (4) the ability of physical location to give notice of which sets of rules apply (Johnson, Post, 1996).
Seeing as these issues continue to become more complex, a solution is in great need. In David Johnson and David Post’s essay “Law and Borders –The Rise of Law in Cyberspace”, they present a solution to some of these issues. Since the World Wide Web allows data transmission between users who are not aware of the geographical location of one another, the laws that may be broken are entirely separate if in different states or countries. The only viable solution presented is that the World Wide Web must manage its own separate rules and regulations. In summary, Johnson and Post explain that by each user being accountable for their own Internet usage, adhering to a specific set of rules, it will eliminate many of the legal qualms we now experience. (Cyberlaw)
Fact is, if you don’t want others to see what you are doing, chances are you should not be doing it. It would be naïve to believe that the World Wide Web would not take on the same mentality as any other media field in means of targeting their audience. Although Google has the capabilities to abuse your first and fourth amendment rights, they remain to stay true to their “do no evil” policy (Orlowski) and fight for their users rights if deemed necessary. If it weren’t for Google indexing users data, it would not be as useful and common as it is today.
If the World Wide Web were to take on its own government, each user would be held accountable for its actions. Privacy conflicts would be avoided seeing as a user would now be specified as a person and legal actions would be equal, whether international or not (Cyberlaw). There is no such thing as anonymity amongst unlawful actions, if specific laws were to become violated; the Internet law could allow for discovery just as any other law without violation to their privacy rights that are now active on the World Wide Web.
References
Archive: Privacy Policy (2009, Jan 27) (n.d.) Retrieved December 3, 2009 from Google website: http://www.google.com/privacy_archive.html
Computer Fraud and Abuse Act. (n.d.). In Wikipedia. Retrieved December 3, 2009, from http://en.wikipedia.org/wiki/Computer_Fraud_and_Abuse_Act
Cyber Law. (n.d.). In Wikipedia. Retrieved December 4, 2009 from http://en.wikipedia.org/wiki/Cyberlaw
Electronic Communications Privacy Act (n.d.). In Wikipedia. Retrieved December 3, 2009, from http://en.wikipedia.org/wiki/Electronic_Communications_Privacy_Act
“Fraud and related activity in connection with computers” Title 18 U.S.Code, Sec. 1030. (2009, Jan 5)
Gelman, L. Ninth Circuit Court of Appeals: Stored Communications Act and Computer Fraud and Abuse Act Provide Cause of Action for Plaintiff. (2003, Sept 22) Retrieved December 3, 2009, from Stanford website: http://cyberlaw.stanford.edu/packets001500.shtml
Gmail Privacy Page (2004, August 28) (n.d.). Retrieved December 1, 2009, from Electronic Privacy Information Center website: http://epic.org/privacy/gmail/faq.html#1
Google must divulge YouTube log. (2008, July 3) (n.d.). Retrieved December 3, 2009 from BBC website: http://news.bbc.co.uk/2/hi/technology/7488009.stm
Google To Acquire YouTube for $1.65 Billion in Stock (2006, October 9) (n.d.). Retrieved December 3. 2009, from Google Press Center website: http://www.google.com/press/pressrel/google_youtube.html
Google, Privacy, and You (2007, June 30) (n.d.). Retrieved December 3, 2009, from Modern Life website: http://modernl.com/article/google-privacy-and-you
Johnson, B. Viacom lawsuit: Google told to hand over all YouTube user details. (2008, July 4) Retrieved December 3, 2009, from The Guardian website: http://www.guardian.co.uk/technology/2008/jul/04/youtube.google
Johnson, D., Post, D. Law and Borders–The Rise of Law in Cyberspace. (1996) Retrieved December 9, 2009, from Temple University website: http://www.temple.edu/lawschool/dpost/Borders.html
Knight, S. All-seeing Google Street View prompts privacy fears. (2007, June 1) Retrieved December 1, 2009, from Times Online website: http://technology.timesonline.co.uk/tol/news/tech_and_web/article1870995.ece
Orlowski, A. (2004, April 3). Google mail is evil – privacy advocates Retrieved December 2, 2009, from Financial News website: http://www.theregister.co.uk/2004/04/03/google_mail_is_evil_privacy/
Privacy Concerns Raised Over Google Services. (2004, April 24) (n.d.). Retrieved December 1, 2009, from C4.net website: http://www.c4.net/Index.cfm?Method=NewsStories.NewsStory&NewsStory_ID=293
Privacy FAQ (2009) (n.d.)..Retrieved December 3. 2009, from Google Privacy Center website: http://www.google.com/privacy_faq.html#toc-protect
Stored Communications Act (n.d.). In Wikipedia. Retrieved December 3, 2009, from http://en.wikipedia.org/wiki/Stored_Communications_Act
Vaas, L. (2007, June 12) Privacy Group Flunks Google. Retrieved December 1, 2009, from eWeek.com website: http://www.eweek.com/c/a/Security/Privacy-Group-Flunks-Google/