Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google And Privacy

Posted by michael on from the going-all-google-eyed dept.

SubtleNuance writes "A recent Cnet Article details the privacy concerns raised by Google's new browser Plug-In. Google's browser addon will "tell us what site you're visiting which it does by sending us the URL.". The site makes its intentions more clear than most by stating "you may be sending information about the sites you visit to Google" in its click through agreement during install. This type of software (broswer-search-plugin) isn't exactly in high use amongst the /. im sure, but what does this say about the leading technology companies on the Web - and the compromise associated with profit making in the dot-com era." Sounds to me like Google is making a good effort with what is inherently a privacy-invading product.

6 of 12 comments (clear)

  1. not a big deal... by nakaduct · · Score: 3
    "tell us what site you're visiting which it does by sending us the URL.".

    How else would the plug-in tell them? Send a fax?

    More seriously, I was looking at some proxy logs recently, and it's eerie how much you can tell about a person by the URLs they visit. This may seem obvious, but seeing it in action is spooky.

    You see them looking at, say, Sony Mobile ES, Rockford-Fosgate, and Audiocontrol, and conclude they're shopping for a car stereo.

    Then they visit their bank, and maybe their credit card vendor, and then go on to visit some less-prestigious manufacturers, and now you know more about the state of their finances than you did before.

    Fortunately, Google has done their best to warn you. After the click-through, you get a popup that reads (in big red type):

    PLEASE READ THIS CAREFULLY
    IT'S NOT THE USUAL YADA YADA
    .. then you get a chance to opt-out of their advanced features. I couldn't tell for sure, but it also appears that they only send the URL for pages whose rank you've requested, even when the advanced goop is turned on.

    This story would be better-titled "Google offers useful service based on current URL, and explains the drawbacks in plain English." That might not generate the page hits that /. is counting on.

    cheers,
    mike

  2. Definitely not a big deal... by Cyclopatra · · Score: 2
    • You can turn off the features that send your browsing habits to Google.
    • They have a separate toolbar privacy policy
    • You aren't asked for a single piece of information during the install. Not your email address, not your name, nada.

    Unless someone cares to believe that they're using your IP against a database given them by little green men to pull down your SSN and measurements, I don't see what the privacy flap is about.

    --
    "We can't all, and some of us don't." -- Eeyore
  3. If you don't want to use the plugin... by frankie · · Score: 2

    ...or if you use any OS + browser combination other than Windows + IE. Someone in a topic several months ago posted this javascript, and now I use it all the time. Save it as a browser bookmark.

    javascript:q=document.getSelection();if(!q){void(q =prompt('Enter%20text%20to%20search%20using%20Goog le.',''))};if(q)location.href='http://www.google.c om/search?client=googlet&q='+escape(q)

    Note that the first part will search based on any highlighted text in your browser window, which might send a document.referrer to Google depending on how your browser is configured. IMO, that's a fair price to use a great search engine.

  4. On a related note... by mat+catastrophe · · Score: 2
    I noticed last night on my dialup account that clicking on search results from alltheweb.com first sends an http:// request back to that server, before connecting to the server that has the hit you want to see.

    Also, alltheweb doesn't seem to have any privacy statement on the site at all....

    Now, I am not naive enough to have an expectation of privacy online, and i don't think that anyone else should, either. And, I know that - legally, at any rate - there isn't much that a company has to tell us about what they do. So, where does that leave us? If you have concerns about your privacy then you should either get and stay offline or collaborate with others to identify and combat the worst offenders.

    Rant off.

    --
    sig not found
  5. Privacy threat? by yibyab · · Score: 2
    I wish journalists would stop going to Jason Catlett and Marc Rottenberg for "authoritative comments" on non-issues like these. This is not a privacy worry...
    • Google has done the best job I've seen of disclosing the fact that you must expose your surfing habits to use its tool. It's not just the same old "yada yada" as they say.
    • You have a clear choice. Use the tool or don't. No one's making you install it or sneaking it in as OEM. You don't have some inalienable right to use the Google bar without having be "intrusive".
    • If Google could invent a way to perform the service without "invading your privacy", I'm sure they would do it. Think you can? Do it and go make a bundle.
    • When I installed it, at no time was I asked for any personally identifiable information. No registration. So how, pray tell, would Google know who it is that's aggregrating this URL history?
    • Oh, there's that GUID. Well, I suppose a GUID is Google's digital psuedonym for me and it let's the Web-based application distinguishing me from all the rest of you humps...but it doesn't identity me personally?
    • Could Google track me down with an IP address, figure out who I am, or assemble a complete dossier on me? I suppose. If I get any hint that Google is doing this, especially after promising that they wouldn't, you can bet I'll be looking to collect some punitive damages.
    • In the meantime, what data is there to sell to marketers that "I own" and would amount to my privacy being invaded? Nothing, nada. I'll be sniffing those packets to make sure nothing more than my URL and typical HTTP headers are leaking out (i.e. form entry data).
    Look world. The Web is mostly public. When you contact a Web server, you are negotiating a communication transaction. If you expect to be a ghost, you don't understand the medium. Being noticed, characterized and tracked isn't necessarily any more of a privacy invasion than walking into Walmart and having a clerk recognize you from yesterday and notice that you are still wearing the same shirt. Let's be reasonable or else when there really is a privacy threat, we won't be taken seriously.
    --

    Mambo dogface in the banana patch
  6. The next standard in online privacy by Masem · · Score: 2
    We're still a ways away from having a good online privacy protection act here in the states, but at least there have been strides to pave the way for this. The first one was to have privacy policies explicitly stated.

    But as this CNet article points out, even though you may know if a program reports back to a company, you do not specifically know what is being sent back. I think we (as in the global web community) to start asking these sites to at least explicitly state if they are sending back any identifiable information, or if they are only sending back anonymous data. For example, the Google case, I'd trust google to say that they don't send any identity back and avoid sending back URLs that might have a similar case. But other such people, I would not trust as far if they just say "We do not collect personal information about you." -- that leaves the door open for information about your COMPUTER or the application specifically. Sure, there are cases when I DO want to be identified (online shopping, for example), but even then, it should be explicitly stated even if redudant as to get consistancy across the entire e-commerce web.

    --
    "Pinky, you've left the lens cap of your mind on again." - P&TB
    "I can see my house from here!" - ST: