Slashdot Mirror
Finding Fault With Google's Privacy Policy
orenh writes "Viacom has recently obtained a court order that requires Google to hand over a complete list of every video watched by YouTube users. These logs will include the login names and IP addresses of the users. Google are now asking Viacom if they can anonymize the logs before turning them over; Viacom hasn't responded yet. But this privacy nightmare could have been greatly reduced if Google had anonymized the data in advance. Google's privacy policy states that they keep personally identifiable information for 18 months. There is no real reason to do so; Google can achieve everything they need even if they anonymize their search logs after just one month, and it's time users told them to do so."
US Courts are going to be brought to their knees as Viacom files 100 million copyright infringement lawsuits. On a side note, they will also be able to sell the information so that the government knows who likes to watch communist or anti-government videos.
...why keep identifiable logs in the first place?
In soviet America, corporations tube you!
The problem is that we I.T. people are Data Hoarders. Even if the data isn't useful today, or at all useful into the foreseeable future, we still hang on to it. And we save every detail we can just to prove how clever we are to have been able to discover it in the first place. (Note: P2P program writers are the same, and that's how Media Sentry can tell you so much about filesharers they discover on the Internet right down to the full directory paths of files.) Now if storage wasn't so d@mn cheap we wouldn't have this habit, but Moore's Law applied to disc drives means we no longer have to store 2-digit years and have Y2K problems. We have these problems now instead.
This is why the RIAA is able to use IP addresses combined with timestamps to identify ISP account holders. It doesn't identify any actual copyright infringers, but they don't care as long as they have somebody to sue. If these logs were deleted after 3 days this whole RIAA mess would have been a non-starter.
We just have this compulsion to hang onto everything because we can, and perhaps with the faint hope that somewhere down the line we'll be able to show extreme cleverness to our PHB's when they ask some inane question like, "Duh, how many unique IP addresses have accessed our website since 1991?" and we'll be able to say, "Give me 10 minute and I'll let you know (wag tail)."
Chances are that Google themselves has never had to follow-up on an IP address to identify a user for anyone except the Chinese government and/or the NSA, neither of which are our friends. The first poster who asks why they keep this at all, let alone weren't anonymizing it long ago has it right. This is hardly the first time Google has had to turn over access records so they certainly know that it can and will happen.
Don't be evil at Google seems to mean don't destroy data you never needed in the first place in the event that some government we want to keep as our friend might want it. But now we find out that more than just governments can get to it with baseless suits and moronic judges.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
Google clearly should have anticipated this. Governments have requested/required info on individual users before, as has been posted many times to /. For some countries, Google even moved user data off-shore, to protect it. Privacy advocates warned of this problem happening.
Google's rule is 'don't be evil', as long as it doesn't interfere with business.
But the problem isn't Google, it's us. We keep using Google, though we knew about the risks and problems. The day a company risks significant revenue over privacy, is the day they will pay attention to it.
We have met the enemy and he is us.
http://en.wikipedia.org/wiki/Pogo_(comics)#.22We_have_met_the_enemy.....22
This is the scary thing about the direction things are going in the world, with the Internet in particular. The Internet was supposed to be the vast equalizer, but instead, with all kinds of clueless governments and corporate overlords who dream up ways to take advantage of people, the Internet is turning into another tool for the powerful to control the masses. This example with Viacom and YouTube is one good example. It's obvious to me that they obtained the court order to get the information on every YouTube video watched for only one reason: To count how many videos they claim violate their copyrights, add up how many times each of these videos was watched, and show the court, "You see?! Our priceless valuable intellectual property, so valuable in fact that without it, the Universe would cease to exist, has been illegally watched 9,578,739,458,797,245,858,274 times on YouTube. This is irrefutable proof that because YouTube exists, we have lost 9,578,739,458,797,245,858,274 sales of our products at $19.95 each, so our damages due to Google's obviously ill intent come to $19,109,585,220,300,000,000,000,000.95 USD." Never mind that their sales over their entire existence as a company have never reached one percent of that. Now who knows how the privacy implications will affect users beyond that. Once they get all of Google's assets to cover their huge damages, they'll probably track down each and every user and sue them too, a la the RIAA and SCO. A bigger issue than privacy to look at is what happens when a company whose business model is outdated and falling apart turns to lawsuits instead of figuring out new and innovative ways to stay in business, much like how a bully in school beats up kids one tenth his size instead of making friends and getting a life.
McCain/Palin '08. Now THAT's hope and change!
That didn't mean much to one European BitTorrent tracker site who was ordered by U.S. judges to turn over all access logs where the site didn't even keep logs to start with. The judge said in his infinite wisdom that because the data existed in RAM at some instant that the logs were required to be created and then turned over.
While I respect the USA law within the USA, I despise when judges attempt, often with too much success, to enforce it outside of the USA. And not just data laws. We enforce US sex laws in other countries to criminalize behavior completely legal there. This Is Wrong!
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
...if you don't have a Google login name. Google search works just fine without one. It even works fine without any Google cookies.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
just say they were 'lost' and that the backups were destroyed or lost due to shady backup practices. works for the White House.
There is an interesting tie in here to something I've promoted all along: If the last mile was owned by cooperative groups (meaning NOT ISPs) then they could pool the IP addresses assigned in a random, and meaningless way. That is to say that if 237 people in a housing association were sharing DHCP IP addresses through a server system with enough bandwidth that many ISPs could hook up and serve out email and other services by user, it would be possible to hide the end user IP. Then any stats by Google or others would apply to the group, not an individual. Share that cooperative environment out amongst all the people of your neighborhood or town where the number is now thousands or tens of thousands and the problem of privacy becomes less of a concern.
Only when there is centralized control of Internet usage is there a privacy issue. Imagine being part of a cooperative with 34 connections to various ISPs, and all of the 12000 users in the cooperative using something like TOR. Standard Internet browser usage would be anonymized completely. The idea that you should be identifiable comes from the fact that there is a way currently to identify you. If your packets arrived to the greater Internet backbone from more than one source and more than one IP, it would be anonymous, and the 'grid' would be truly that. If you and 14999 of your friends decide to make a mesh network using wireless and landline connections at each node, it would be impossible for anyone to identify your network habits. It would also be nearly impossible to cause a network-only outage. Power loss could still be catastrophic. My point is this, if you truly want anonymity, you have to work hard for it. Most people don't want to. Consequences of that are inevitable, unavoidable, costly.
I believe that this *IS* the answer to the problems of network neutrality. Force the powers that be to accept that they cannot regulate private networks by building our own outside of their useless understanding of how things work. When they finally discover that they cannot regulate, things will change a bit. I'm all for calling it a patriot network... might be over the top a bit, but we all need to start creating them.
Support NYCountryLawyer RIAA vs People
It is a mistake to think you can anonymize this data. Sure, you could strip everything out of the data, but then you would just have public information, since youtube will tell you how many views each video has already. So I presume the people who want to "anonymize" think they will, like the AOL logs, give pseudonyms to people.
I can think of many problems. For example, there are tons of videos on youtube that are never accessed except by the uploader and a few friends. Pretty easy to identify who the likely uploader is from the records, and thus identify a user. Or even if you never upload, a lot can be learned. For example, somebody looking for my records could first see what youtube videos have me in them. Most people have probably searched for their own name, and as such this is a clue as to which user is probably me.
And this is what I can think of in 2 minutes. With more time a lot of other things can leak.
Has it been over a year since you last donated to the Electronic Frontier Foundation
The world will find out about my Thomas the Tank engine fetish....
Viacom do not need this information. Any of it. At all.
Viacom, as I understand, want to show what percentage of YouTube content views are of Viacom content. In order to accomplish this all they need to do is provide Google with a list of content IDs, which they would need to have if they themselves were to perform the analysis anyway, and then to allow Google to provide a count of views for each of these pieces of content versus the total of all other content views for the same period.
Done. Mission accomplished. No private data changes hands.
I personally cannot comprehend how a judge ruled that privacy issues resulting from this are "speculative". You are essentially handing over information on millions of people on what content they watched, uploaded, commented on, rated, tagged, etc. to a media company, without need. This information is also the foundation for YouTube's business being handed over to a competitor.
The judge says it's speculative? I say remove the judge for willfully violating the privacy of millions of citizens and foreign nationals.
I would also like to know how the judge has completely ignored the Video Privacy Protection Act? If it's on the Internet suddenly all privacy concern automatically goes away, even if you're engaged as a customer of a company with a published privacy policy offering you many protections?
> Google has just been stupid here about privacy, and now it's coming home to roost in a very public way.
This is true, but it's not the worst of it.
Much, *MUCH* worse is that the judge has imposed on Google a legal ruling that the RIAA must be wetting themselves to obtain. And of course, these records will go straight to the MPAA, despite the contraints placed on their use.
This is either a case of extreme naivete on the part of the judge in ignoring the privacy ramifications in his incredible ruling, or quite possibly a simple case of corruption. Such naivete would be so incredible in a judge that isn't senile, that corruption has to be far more likely.
As for Google, their lawyers should have IMMEDIATELY said to the judge "Our client cannot do that, on privacy grounds. Google's duty to protect the privacy of millions cannot be dismissed by a legal ruling." Judges are not omnipotent, even when some of them think they are.
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
I guess my IP address does ID "me", however. My DSL address changes a lot, but I assume the telco keeps those records... too.
My cable IP address doesn't change often, I had one IP address for almost 10 years without changing... just when I did a router upgrade it switched.
And by "me", I mean anyone in my household at the time...
Not that I have ever seen anything on YouTube that Viacom would want to come after me for. Probably looking for Posters, not Viewers.
This issue is a bit more complicated than you think.
Just a sec while I sharpen up my rusty old axe...
If privacy is to have any meaning, then we need a right to protect our personal information. Well, actually we already have the right, though it's a bit scattered around the Bill of Rights. (Speaking for Americans, and only in theoretical terms as regards the current administration.)
So what's the strongest form of protection for our personal information? The famous "possession is 9 points of the law". We should possess our personal information and we should have to right to say who can see it, and when.
Concretely in Google's case, they should offer privacy options whereby all of your personal information would be stored only on your machine. They could still access it, but they'd have to respect your privacy preferences--and you could always change your mind. (Of course the data should be signed to prevent you from tampering with it, but that's a relatively trivial aspect.) I feel like this approach is the only thing that would really give meaning to privacy in the computer age.
(However, some people would no doubt trade away their privacy for coupon discounts or whatever--but right now we have no choice. Lots of companies (and of course including Google) collect lots of our personal information and treat it like *THEIR* property when it should belong to *US*.)
Freedom = (Meaningful - Coerced) Choice != (Speech | Beer^2), and sad sock puppets' bad mods avail them naught.
Google does allow you to opt out of their logging. This doesn't fix the privacy issues on the topic, but may keep you out of the record books. http://www.google.com/history/?hl=en
We may THINK there's no reason for Google to have to keep logs for 18 months, but these days I wouldn't be surprised to find there's some hidden provision of the Patriot Act, or possibly some law we've never heard of, which it's illegal for us to hear of or read in the first place. So maybe there IS a law requiring them to keep it for 18 months, it's just not one the public is allowed to know of until it's used to prosecute them.
Introducing the new Occam Fusion! Now with sqrt(-1) fewer blades!
In Google's defense, they may have legitimate use for these records. Viewing history is clearly important if they want to offer better viewing suggestions to YouTube users. I also wonder if they include this data in their formula for presenting personalised Google search results.
I'm sure it would be possible for them to get by with only a month or two of records, but consider why it is that Google is so successful as a search engine. They go out of their way to use every source of data they can to optimize their search results. They're not going to just toss out a valuable source of information like this if they can help it.
.. they remove anything connecting the video usage log to users. That includes name, mailing address, email, and even IP address.
I work in the health insurance/medical industry, and we're generally expected to do this if we need to provide information to third parties for analysis. (They -heavily- regulate it, and the removal of personal member information is only the tip of the iceberg as far as these regulations go.)
If Viacom insists on keeping personal user information in the data set, then I honestly think they're up to no good, regardless of what constraints the judge may put on the usage of the information.
Even if they do go along with an anonymous data set, I really think Viacom is better off dropping the suit altogether, since the long term effect this is going to have on their PR will be disastrous. (Right now, I think even Hitler would get a higher approval rating among Youtube users than Viacom would. Many Youtubers want to see Viacom's proverbial heart ripped out of its chest.)
As someone with a couple of boys I am all for protecting kids but frankly this insanity has got to stop. There has even been cases where parents have been harassed for having those nude baby pictures that ALL parents just love to harass their kids with. IMHO it has become a classic case of having to show you are doing something,even if the something is completely wrong. But as always this is my 02c,YMMV.
Oh,and I know this part is offtopic,but has slashdot changed its code recently? I do the p and br with the brackets as I have always done to separate a paragraph and now all it does is indent it. I am afraid I am a pc repairman not an HTML guy,so I have no clue as to what to change it to. Any suggestions?
ACs don't waste your time replying, your posts are never seen by me.
What you said. Same deal -- the Genarlow Wilson case obviously wasn't enough of a wake-up call in the USA about how draconian its sex laws are.
Here's a clue to those not paying attention -- two highschool kids having sex are criminals in most of the USA (unless they both failed a lot of grades).
Should sex with children be illegal? Yes. Should consensual sex between 17 yr olds be illegal? How about 16? Why is there a big line drawn at 18, 19 or 21 (in some states) way above the 50th percentile of sex activity in America?
(35% of kids have had sex by 13 in America, if you don't like it, laws against it won't help, try talking to your kids about sex before they have a kid instead).
- Michael T. Babcock (Yes, I blog)