EPIC Urges FTC To Investigate Google Services

snydeq writes "The Electronic Privacy Information Center filed a 15-page complaint asking the FTC to force Google to stop offering online services that collect data until the presence of adequate privacy safeguards is verified. The EPIC also wants Google to disclose all data loss or breach incidents, citing several incidents where data held by Google was at risk, the most recent of which occurred earlier this month with its Google Docs. The EPIC complaint [PDF] also listed other security flaws in Gmail and Google Desktop, a desktop indexing program, and urged Google to donate $5 million to a public fund that will support research into technologies such as encryption, data anonymization and mobile location privacy." EPIC has raised privacy concerns about Google before, and about Windows XP as well.

Google collecting data?!

[the+cleaner]

Really?! Does that mean I have to remove all my mail from GMail?!

Re:Google collecting data?!

[vancondo]

Really?! Does that mean I have to remove all my mail from GMail?!

Yes, from here on out it is recommended that you channel all of your personal correspondence through facebook. They'll keep it safe for ever and ever, or at least until the robot uprising.

Once the robot uprising starts it is recommended you limit your personal correspondence to smoke signals generate by burning piles of plastic bags.

Just be careful, the robots can smell fear.

--
vancouvercondo.info

Re:Google collecting data?!

I find deleting System32 speeds Windows up by up to 1200%.

Re:Google collecting data?!

I HAS A FIRST POAST?!?1?!?!

(And to think it only took me what? 10 years?! to have one? And then didn't notice at all...)

Re:Google collecting data?!

Try again, and this time don't reply to the actual first post

It is way too dangerous to use Google's products

Stick with Microsoft if you want security.

Uh huh...

...and let me guess, they will be running that fund? *rolls eyes*

Just what we need, another busy-body self-proclaimed agency trying to control private industry. WTF do these guys come from?

Re:Uh huh...

[jsrlepage]

Probably from the government.

The real reason...

From TFA:

"It also would like the company to donate $5 million to a public fund that will support research into technologies such as encryption, data anonymization and mobile location privacy."

The real reason for the filing is hidden in the last paragraph.

Re:The real reason...

[xenolion]

like everything follow the money..

Re:The real reason...

[digitalunity]

Not hidden very well. Just where do you think that $5M would go?

EPIC sounds like a public research entity. Gee, I wonder if they would be asking the FTC to fine Google and give the money back to EPIC.

I try not to be skeptical all the time, but news like this consistently reinforces my view that freeloaders will always be out there trying to take what they can't earn from people who are more successful than they are.

Re:The real reason...

See, this just makes me curious. Who came up with that number? Why not $4 million, or $6 million, or $pi million?

Re:The real reason...

with all this money being tossed around what do they propose to do? hire every CS grad for the next 10yrs to combat privacy?

Re:The real reason...

[__aasqbs9791]

I'll have to remember that the next time I'm making a budget.

me: "And now for the IT budget for the upcoming quarter, my forecast shows we need $pi million dol..."

PHB: "What?"

me: "That's $3,141,592.65, but a short, easier way to say it."

PHB: not quite under breath: "Damn geeks."

Prepare for an EPIC FAIL !!

You Fail, Epic !!

No 5M for you !!

"Beta" apps?

[ryane67]

Does it make any difference that many of these Google services are free and "in beta"? (didnt read the filing)

Re:"Beta" apps?

Why yes. Beta apps are allowed to suck

It's never safe.

[Hoyty1]

I just live with the assumption that everyone is reading my documents and information. That's why I write everything important on paper! Good old paper... Kindle will never replace you...

Re:It's never safe.

[Big+Hairy+Ian]

There are a number of exploits for paper based storage. Amongst the most commonly used are Photocopiers & Fax machines. In the end no storage medium is absolutely safe.

Re:It's never safe.

But to exploit paper you have to gain physical access to it. To exploit information online and 'in the cloud' you do not need physical access to it.

There are, of course, other difficulties involved but that's the simple version.

Re:It's never safe.

[Hoyty1]

You're right! Better just start carving all secret information into the side of my arms and legs.

Re:It's never safe.

[Big+Hairy+Ian]

True but it's still generally pretty easy to gain access to it. And lets face it most black hat's are not above gaining physical access either to the paper with the info or the PC. My point was nothing is 100% secure. Thinking paper is secure is a foolish approach plenty data breaches have happened purely because someone didn't shred before binning an important document then there's the all too frequent instances of some numpty leaving a file containing top secret info (Even when it had the same on the cover of the folder) on the damned tube!!! If you want to believe paper is secure be my guest it's your problem not mine.

Re:It's never safe.

That's easily exploitable by any party that party who would happen to see said areas, like a spouse, or a girlfriend, or...

Oh, wait, that's right, this is Slashdot. *sigh* :-(

Re:It's never safe.

The solution is obvious...

We ban machines.

Re:It's never safe.

[chaim79]

In the end no storage medium is absolutely safe.

Memorize all important data! Your brain is the only data storage device that only you can use! Sure data retention rates aren't all that great and corrupted data happens now and then, but still, no-one can gain unauthorized access to the information stored in your brain! :)

Re:It's never safe.

[Pope]

Kindle will never replace you

*sigh* it's so true, I can't start a damn fire anymore.

Re:It's never safe.

[ObsessiveMathsFreak]

Kindle will never replace you...

But if needed, you can certainly replace kindling. Never underestimate the power of a truly destructible medium.

Re:It's never safe.

[swimin]

xkcd makes a valid point: http://xkcd.com/538/

Re:It's never safe.

no storage medium is absolutely safe.

What about fire?

Re:It's never safe.

Now princess, we will discuss the location of the Rebel's secret base

Re:It's never safe.

[DarkOx]

Oh, I don't know its amazing how much unauthorized access can be achieved with a bottle of Gin.

Re:It's never safe.

[Big+Hairy+Ian]

In the end no storage medium is absolutely safe.

Memorize all important data!

Hmmm I can tell you havent been waterboarded recently :) Tickets for Gitmo anyone

Re:It's never safe.

http://www.xkcd.com/538/

Re:It's never safe.

[David_W]

Better just start carving all secret information into the side of my arms and legs.

How do I know I can trust you not to reveal my secret information?

good

[geekoid]

" The EPIC also wants Google to disclose all data loss or breach incidents, citing several incidents where data held by Google was at risk,..."

Good, I hope they get their way.
However, if Google s forced to do that, I suspect there efforts to be better at privacy will make the 5 millin dollar donation unnecessary.

Re:good

[WeeBit]

nah...

Google will hand over the money, and some how the data loss or breach incidents will be forgotten.

Follow the cash.

whatever it is

just shut up, google owns you. get used to it.

Re:whatever it is

WOOOOOOoooosh

Re:whatever it is

uh, earth to AC. double wooosh, apparently you didn't get it.

EPIC fail, you mean

[girlintraining]

You know, I might have taken them a bit more seriously if the summary didn't end with and urged Google to donate $5 million to a public fund. So that's what it's about then -- money. Political statements that end in requests for donation do a good job of discrediting themselves simply because it's hard to believe that someone could be walking the high road of idealism while at the same time asking for a handout.

Re:EPIC fail, you mean

Well, these days, even EPIC could use a little bit of a bailout. As an AIG employee, it seems like a perfectly reasonable request to me. We cannot allow privacy groups to fail.

Re:EPIC fail, you mean

[girlintraining]

Well, these days, even EPIC could use a little bit of a bailout. As an AIG employee, it seems like a perfectly reasonable request to me. We cannot allow privacy groups to fail.

EPIC's gross income for FY2007 was less than a million dollars, and they have about $2 million in assets. They've been steadily losing ground in the donations department. A $5 million "public fund" they could dive into would assure there continued existance (and $128k yearly salary for their president) for some time. I think the financial motivation here is quite clear. Their relevance, however, is not. The ACLU, by comparison, had $80 million in revenue in Q3/07 alone. The administrative overhead is also lower, and they claim to also be advocating privacy. Frankly, EPIC is a tiny finish in a big pond--they need to grab headlines to survive, and attacking Google seems carefully calculated to do just that. Google's "do no evil" slogan opens themselves up to groups like this who want a handout and can manipulate the press to get Google to sign over some of their $5.2 BILLION in revenue for FY2008, and $12.1 BILLION in assets.

So for Google to pay them some hush money wouldn't even earn a mention in their financial highlights, but for EPIC, it would be, well, epic for them to pull in $5 million.

Re:EPIC fail, you mean

[dedazo]

I agree, although historically these orgs tend to be good counterbalances to large corporations and they are usually understaffed and underfunded. At least they're being upfront about it, they could have called Google yesterday and "suggested" a donation in exchange for a more lenient press release or something. And it's not like Google can't afford to take a $5M write off and look good in the process.

That said, I have no idea how well established this organization is. If they're just a fly-by-night deal then of course no one should be paying attention to them, let alone giving them money.

Re:EPIC fail, you mean

[R2.0]

Jesse Jackson ate lunch off of that tactic for years. The Rainbow/PUSH Coalition would issue a press release stating there were concerns that Company X was discriminating, and that the Coalition was looking at it. JJ or his henchman would show up there and explain that, although there was strong evidence the company was discriminating, they could show their good intentions by making a significant "donation" to a well respected minority empowerment organization. Such as Rainbow/PUSH. Money would be deposited, and the next press release would be full of praise for Company X's significant commitment to minority development.

It's my understanding that's how his son got his first job, and we almost got him as Senator from Chicago.

Re:EPIC fail, you mean

[girlintraining]

Footnote: I really hate Firefox's auto-spell check/fix. I meant their, not there, and "fish", not "finish". u_u I have now disabled that misfeature (again). Firefox likes to eat my config file and I wind up resetting my settings every month or so because of this.

Re:EPIC fail, you mean

[garett_spencley]

If people are concerned about their privacy and don't trust Google then they will avoid google products. Plain and simple.

If the government steps in and starts requiring companies to comply with various privacy regulations etc. it will only serve to discourage new entry into the industry, helping Google to secure a monopoly on online services. It would do the exact opposite of what privacy advocates want.

There are lots of alternatives out there if you don't want Google to have access to all of your e-mail and search history etc. If you don't care and Google satisfies you then it doesn't matter, use Google. If you are concerned then don't use Google. We don't need the government to help us make these decisions. We can think and choose for ourselves, and discussing these issues is the first step to informing people who don't know. Asking government to keep us safe helps to safe-guard public ignorance, since they know that Big Brother will always have their backs and thus there is no need to think, listen or do research for themselves. That spells a far worse privacy nightmare than the current situation.

Re:EPIC fail, you mean

that would be blackmail and google could sue them for that.

Re:EPIC fail, you mean

[girlintraining]

If people are concerned about their privacy and don't trust Google then they will avoid google products. Plain and simple.

Ah, not necessarily. You assume that people care more about privacy than accessibility and ease of use. This fails to account for people that may be concerned about their privacy, don't trust google, but use it anyway because their level of risk (loss of privacy) is less than the amount of benefit in continuing to use Google. I could argue that market forces allow Google more egregious violations of privacy than its smaller competitors; And further that this is okay because people are making a conscious decision to sacrifice their privacy to gain the "google advantage" (apologies for the market-speak). Please carefully note I am not supporting either position here, merely informing you that they exist.

If the government steps in and starts requiring companies to comply with various privacy regulations etc. it will only serve to discourage new entry into the industry, helping Google to secure a monopoly on online services. It would do the exact opposite of what privacy advocates want.

Your health care records are protected by federal privacy laws. There is no monopoly (there IS a large broken system, however) in that area. As well, California has passed numerous privacy laws that do not seem to encourage monopolistic behavior. As long as the burden of protecting privacy does not create a significant addition to the total cost of entry for a new competitor into the market in question, this principle should be broadly applicable to all industries (including search engine / service providers).

There are lots of alternatives out there if you don't want Google to have access to all of your e-mail and search history etc.

I would argue they all suck. Google at least makes that information readily accessible and usable to me. The alternatives still get all my e-mail and search history, but I don't get even a cuddle afterwords.

We don't need the government to help us make these decisions.

And what decisions should the government "help us" on, if not in the area of civil rights and liberties, of which the Supreme Court has recognized privacy as an inalienable human right (even though there is no language in the constitution providing for it -- under the assertion that rights not specifically delegated to the State are reserved by the People).

We can think and choose for ourselves, and discussing these issues is the first step to informing people who don't know.

I would argue some of us are merely rearranging our prejudices in what passes for thought. And nowhere is discussion more valuable or prevalent than on the legislator's floor, or in his/her office.

Asking government to keep us safe helps to safe-guard public ignorance, since they know that Big Brother will always have their backs and thus there is no need to think, listen or do research for themselves. That spells a far worse privacy nightmare than the current situation.

The government, at least in theory, is of, for, and by the people. I don't think corporations can say the same. For privacy to be effective, it has to be universal. Because otherwise the economic incentive to people who aren't playing the "privacy game" will remain and so no lasting industry alliance will ever form. The only way to assure privacy across the board is to legislate it.

Re:EPIC fail, you mean

[xaositects]

you should probably feed it more nutritious things then.

This might help... :}

Re:EPIC fail, you mean

[garett_spencley]

"Ah, not necessarily. You assume that people care more about privacy than accessibility and ease of use. This fails to account for people that may be concerned about their privacy, don't trust google, but use it anyway because their level of risk (loss of privacy) is less than the amount of benefit in continuing to use Google. I could argue that market forces allow Google more egregious violations of privacy than its smaller competitors; And further that this is okay because people are making a conscious decision to sacrifice their privacy to gain the "google advantage" (apologies for the market-speak). Please carefully note I am not supporting either position here, merely informing you that they exist."

If people don't care then government can not save them anyway because the majority opinion will always dictate policy, assuming the lobbyists with massive capital aren't doing it. If people are willing to trade their privacy for usability then they are getting what they ask for. If people want privacy AND usability then that implies a demand that is not being filled and you need to ask yourself why isn't it being filled. Someone surely stands to profit from entering the market and filling that need. And since greed seems to rule the world (according to so many people with an opinion on economics lately) then why isn't greed stepping in to capitalize on this lack of product ? My bet is that entering the market is expensive and risky. If I'm right then that raises a new "why" ... why is it expensive and risky ? Either because there is no demand, that people don't care about their privacy or because there are regulations restricting new entry into the market.

"Your health care records are protected by federal privacy laws. There is no monopoly (there IS a large broken system, however) in that area. As well, California has passed numerous privacy laws that do not seem to encourage monopolistic behavior. As long as the burden of protecting privacy does not create a significant addition to the total cost of entry for a new competitor into the market in question, this principle should be broadly applicable to all industries (including search engine / service providers)."

I beg to differ. Monopoly does not need to mean one single company. It can be a cartel of companies. It can be a whole industry that is "protected" by government regulation that makes new entry into the industry EXTREMELY difficult. In the case of health care you need to look long and hard at the government-supported American Medical Association. Here you have a cartel of medical professionals with a vested financial interest in determining who gets a license to practice medicine. What KIND of medicine doctors get to practice. It interferes directly with the consumers ability to exercise choice in the market and falls right into the whole scope of "monopoly". It's a cartel and it exists in the name of keeping people safe. It's very easy to sell the public on medical licenses and regulation and so forth because people are scared that without the government ensuring that these things exist they would be exposed to all sorts of weird medicine that will do them harm. It completely undermines people's ability to communicate and keep bad doctors at bay with reputations and health watch groups and non-profits etc. Big Brother keeps us safe so we don't have to.

"I would argue they all suck. Google at least makes that information readily accessible and usable to me. The alternatives still get all my e-mail and search history, but I don't get even a cuddle afterwords."

Again your choice. Unless you let the government get it's hands on it and then you won't have one. Of course you may already not have one. These small start-ups may lack the capital to create a product that would compete with Google in which case you need to go back to my first point and ask why. In fact, why haven't BIG corporations with lots of capital seen a demand for a product that is usable AND protects privacy ? Maybe people don

Re:EPIC fail, you mean

[david+duncan+scott]

You're concerned that EPIC might be a fly-by-night? Our UID's are in the same order of magnitude--how could you be so unfamiliar with an organization that has, by and large, been quite popular with the Slashdot crowd for at least a decade? (Can I search back before 1999?)

Re:EPIC fail, you mean

[dedazo]

Well, I honestly don't remember hearing about them before today. That doesn't really mean much though, especially if they mostly appeared on YRO stories, which I've been blocking from the front page view for years.

Nah.

[PeanutButterBreath]

Do you care about privacy? Enough to fork over your own money to watchdog organizations that hold potential privacy breachers accountable?

The "high road of idealism" has nothing to do with it. Nor is encouraging donations to a public fund a handout. Basically your entire concern here is a strawman, albeit one that is may be rooted in your own naivete.

Re:Nah.

[girlintraining]

Do you care about privacy? Enough to fork over your own money to watchdog organizations that hold potential privacy breachers accountable?

Yes and yes. I have donated to the EFF and the ACLU before, multiple times. I also participated in various privacy protests here locally in Minnesota and have written letters to my legislators on approximately a half-dozen occasions.

Basically your entire concern here is a strawman, albeit one that is may be rooted in your own naivete.

Sir, you need to accept that you just might not know what the hell you're talking about. You make an assumption about me based on nothing I have posted on this forum or online, I do not know you personally, so there is no way you could be aware of my level of involvement in these issues. I am not going to disclose my level of involvement here either beyond what I have stated above, but you may safely assume it is far above average for the demographic reading this post. Also, my "argument" -- such a big word for a simple observation -- is not a straw man. I have made no statement regarding the validity of EPIC's claims about Google. I am merely stating that EPIC has weakened their position by including monentary payment as a remedy. EPIC is a small-time lobbying group, and there are other organizations better suited and with lower administrative overhead, to representing my personal privacy needs... Which is why I have donated to those groups and not EPIC.

Could always try NOT using those services

[Gothmolly]

You know, if you're not comfortable about Google (possibly) sharing your stuff, then DONT USE THEM.

Re:Could always try NOT using those services

Seriously. Google docs not private? Did anyone really think they were?

Re:Could always try NOT using those services

You know, if you're not comfortable about Google (possibly) sharing your stuff, then DONT USE THEM.

I think the crux of the complaint is that Google is either mis-informing or hiding information from consumers that want make the decision you speak of. If consumers were getting the info they need then this would not fall under the jurisdiction on the FTC.

Re:Could always try NOT using those services

[b4dc0d3r]

You'll end up using Google one way or another. Google Analytics, Adsense, or other advertising. Or the default search bar on a browser. Or a google map someone sends you for directions, or embedded in a real estate page. You can't avoid it, and at some point they will put enough of a picture together, with their Phorm-like data mining.

Not using Google is not an option, even if you try to avoid it. Disable JavaScript and third-party cookies, never search for anything... you could TRY not using them but won't get you very far.

Re:Could always try NOT using those services

[garett_spencley]

If people care about these issues, they will stop using them.

People who are REALLY concerned about Google data mining will block all Google domains in the HOSTS file and will explain to their friends and relatives that they can't view the Google map precisely because of all of the privacy concerns. They will recommend alternatives like map quest etc. Web-sites that use Adsense will switch to alternatives because enough of their surfers are blocking Google that it's more profitable to use something else. This will start to cut into Google's bottom line and they will get the message and alter their practices.

UNLESS ...

The government steps in with extensive privacy regulations. This will make it difficult for new companies to enter into the market because they will need to make sure that they are complying with these expensive regulations etc. Not to mention that everyone feels all safe and rosey because Big Brother is watching out for them. So they have no reason to consider alternatives anyway. This will help to secure a monopoly for Google (and the other big giant megacorps who can afford to not only spend the resources complying with these regulations but also lobbying the government for even more regulations because they help to keep out competition). This would create a far worse privacy nightmare than the current situation or the free market alternative.

Re:Could always try NOT using those services

[nobodylocalhost]

That argument has been used over and over, and no, it doesn't really excuse a company from behaving badly. By the same token, you can say that hey, it's ok for murderers to kill people, because all you have to do is run away from him/her. Or, hey, it's ok for Enron to cook its books because by god you don't have to work for them. Maybe it's ok for comcast to snoop in to your packets because you can always switch to dsl...

Re:Could always try NOT using those services

[vux984]

This will start to cut into Google's bottom line and they will get the message and alter their practices.

The problem isn't googles =practices-. The problem is googles -size-.

I really couldn't care less if a some reasonable percentage of sites I visit all get ads from the same provider using cookies.

I really couldn't care less if a webmail provider could potentially data mine my webmail to serve me ads on the webmail site.

I really couldn't care less if a bunch of sites i visit use the same analytics system.

It bothers me greatly however, that virtually all the sites I visit get ads from the same provider, that also is datamining webmail, and also has a huge piece of the analytics pie. Oh and they want my documents, maps, pictures of my house, and phone call logs too.

Individually each piece is relatively worthless. Its the difference between [seeing what someone at the mall is looking at], and [seeing what someone at the mall is looking at, seeing where they went next, seeing what kind of car they drive, seeing where they live, overhearing their conversations, seeing them at work...] In both cases you are just 'seeing' what people do in public, which isn't a privacy breach... but systematically following people around isn't merely 'seeing them in public'. Its stalking. Its surveillance.

The only regulation that needs to be applied is a sort of 'anti stalking' legislation. It won't affect small/new companies, because they aren't big enough to see enough to cross the stalking threshold.

Meanwhile a company like google would need to be careful, because they effectively are stalking people on the web. Often able to track virtually everything you do on the web.

Like I said, I don't care if google sees me out on the 'public web'. But I don't like being stalked by them everywhere I go.

Re:Could always try NOT using those services

[garett_spencley]

Aren't there already anti-stalking laws ?

Perhaps people should file a class action law-suit ? Perhaps people should start petitioning Google and pledging not to use any of their products until they change. Perhaps we should all start using alternatives so that THOSE companies get our money instead of Google. Google's stock prices will go down, they will lose capital and unless they start investing in producing products that satisfy everyone then their size will shrink.

There is only one way that a company can get big. That is by producing something that makes people's lives better. However, there are are two ways that a company can stay big. The first is to continue doing what made them big. The second is to infiltrate the government to gain protection.

If people are truly convinced that privacy needs to be legislated then in my opinion we should think long and hard about what is and what is not acceptable for every single individual and then come up with an amendment to the constitution. If you believe that privacy is a right then start thinking about how to define that right and how to protect it. Put it in the constitution so that it is not biased and gives every individual protection as a right, rather than giving an industry protection under the guise of regulation and so forth.

Re:Could always try NOT using those services

That's the obvious reasoning but you and me both know millions of sheeple will use google, regardless of anything. I do use their search and it's quite unsettling enough. I'll never use their mail or calendar or maps or talk or...

Re:Could always try NOT using those services

[vux984]

Aren't there already anti-stalking laws ?

Yes, but it would be something of a huge stretch to apply them, as written, to google. Nonetheless, I think its the best description of what that much data collection all going to one company amounts to.

Re:Could always try NOT using those services

[shentino]

Actually, google haters and comcast haters are sorta in the same boat. They can't switch to something better.

The difference is that google is the cream of the crop among alternatives, and it's monopoly is only on comparative quality. That is to say, assuming I would trust ANY company with my private information, google would be the first, above all others. They are comparatively better.

The feds have a gun pointed at everyone's head, so to speak, when they want information. Google is no exception, and incidentally, neither is microsoft. Or apple, or International Widgets. And even entities like Super Uber Secure Solutions won't be able to stand up to a government spook barging in with a search warrant. The government will barge in with guns blazing if they have to. In fact, remember waco?

I would stick with google if anyone, because they are up front about lots of stuff, and I would trust them sooner than I woudl trust any other company. Not that I'd trust anyone based in the US to begin with.

When you are a benevolent company trapped in a malevolent world full of high powered and highly placed evil, it's a tough job. Yet, you cannot simply stand on principle and deprive the masses of your goodness, for in doing so you may leave them no refuge from the evils of the status quo, and worse, you make room for companies that don't even care to Not Be Evil, and would actually be more than happy.

As a short example, notice what happens when google gets slapped with a DMCA notice or a gag order. They are bound, but they don't take it lying down. Their position is "we will get in big trouble if we fight this, but at least it's not an NSL with a gag order so we're going to post it on chilling effects so that people can at least see who forced us".

Re:Could always try NOT using those services

Google already has stood up to the feds. Mr Softee, Yahell, and AOL caved when the feds asked for IP addresses to support their investigation into child porn. The trouble was that the feds asked for non-anonymized info, and there was no guarantee this data would not be sued for other things (in fact, there was an implicit agreement it would). Google, alone, stood up and said no.

No, G is not perfect, but I trust them way more than those who cave in so easily. The big problem is that they have so much data that they can become a target (esp with people like Bush pushing "homeland security"). Thats why its good to see that they have agreed to anonymize it all, after (I think) a year.

Re:Could always try NOT using those services

ummm... try s/sued/used/ :-)

Non-Profit blackmailing

[mveloso]

The founder of this non-profit is a genius!

1. create non-profit with catchy name
2. issue press releases
3. complain to government agencies
4. blackmail large companies for donations
5. profit!

Those extra two steps separate it from the pack.

I love google but the information load scares me

Google has too much information and not enough security in place to keep it secure.

I really think that the things google has brought about are killer but I have serious issues with people using the services and not giving a second thought to the security issues of it.

Whatever

Talk about raining on someone's parade....

[TomXP411]

Wow.

Love Google or hate Google, I think we'd all agree that Google has done more for consumers on the Internet in the last decade than just about any other single company. Nobody offers Google's breadth of services at any price, let alone free. That doesn't excuse any potential mismanagement of personal information, but I have to wonder how much of this is fueled by market pressures: if you can't compete, { sue | accuse of a crime | sabotage | buy }.

I'm getting so sick of the way the business world operates. My philosophy has always been "mission first", or your first priority is to serve your customer's needs and forward the mission of the company. You charge money to accomplish this goal, not the other way around. But the business world has lost sight of this goal, and instead chooses to use any dirty trick necessary to force competition out of business. In the end, this kind of atmosphere hurts us all.

Re:Talk about raining on someone's parade....

[PeanutButterBreath]

Wow.

Love Google or hate Google, I think we'd all agree that Google has done more for consumers on the Internet in the last decade than just about any other single company.

Count me out. There don't offer anything to me that I would a) pay for or b) trade my privacy for. As of now they don't even offer anything I use on a regular basis that I could not get elsewhere for free.

Re:Talk about raining on someone's parade....

[TomXP411]

See, that's the part I don't get. This big, nebulous word "Privacy" doesn't mean much in the real world. I have a gmail account, for example. What specific privacy am I giving up by using gmail as opposed to hotmail, Yahoo Mail, or my own ISP's mail service? All of those services' mailboxes can be read by administrators, and your ISP has a lot more of your information than Google does. Can you give me a specific example of how some specific breach of "privacy" would be used against you? Forget about stupid user mistakes (hosting confidential information on Google Docs, for example) or conspiracy theory stuff (The FBI comes to get you without a warrant because of something you typed in a Google search), and give me a real world example of how your privacy would be violated under ordinary circumstances.

Re:Talk about raining on someone's parade....

[PeanutButterBreath]

Forget about stupid user mistakes (hosting confidential information on Google Docs, for example). . .

Would sending any information you considered private through your G-mail account also be a stupid user mistake?

It sounds like you take it for granted that Google services are not secure. The complaint relates to Google's claim that their services are secure. Is it really a stupid user mistake to take Google at their word? Its only stupid if you are so cynical that you think Google is intentionally misleading you (which may be a wise position).

If someone sells you a lock, and it turns out that every lock they manufacture opens with the same key, are you stupid for believing that a lock maker could be honest and diligent? There is a point when the world-weary-cynic schtick simply enables fraud.

Re:Talk about raining on someone's parade....

[TomXP411]

I guess my point is that there's no such thing as completely secure. ANY public system can be cracked, and I'd go so far as to say that any significantly large system has been cracked at some point.

That's why we make backups and use encryption. The First Rule is "Always have a backup," and I've been glad of that from time to time. (Just last night, I accidentally deleted a config file for an app I use, and I had to go rooting around in the recycle bin for it. I'm glad I didn't turn it completely off, like I was tempted to.)

But this only underscores the fact that security and safety is a two-way street. If I were to put my company's payroll data in a Google Docs spreadsheet, or if I were to e-mail a list of passwords through gmail, and that information fell in to the wrong hands, who do you think my company would go after? Who would those companies prosecute? I'm pretty sure it wouldn't be Google. I'd not only be fired, but I would be open to criminal prosecution.

Google is being targeted because it's big. Big targets are easy to hit. I'm not saying that there haven't been any privacy violations, but I AM saying that we all need to conduct our business (personal or commercial) with security in mind. There are enough genuine, active threats out there without targeting the passive ones.

As to the world-weary-cynic comment, I'm not entirely sure what you mean by that. You DO have to be somewhat cynical to detect and avoid fraud; it's the innocent and careless who are easily taken in. I have seen (and blocked) a lot of genuine fraud attempts, and I don't think I'd put a couple of accidental data breaches in the same class as the kinds of intentional acts I've seen.

The small number of times I have been cheated via the Internet (and I can count those on one hand) were the kinds of things that no privacy policy can guard against: People selling inferior merchandise that doesn't do what's claimed and refusing to provide a refund. Perhaps the FTC should be investigating those folks instead.

If anything, a pragmatic attitude toward security in on-line services acts to make the whole industry more secure, not less.

In the meantime, teaching users how to be secure themselves would go a long way toward making the Internet a safe place to be. When every phisher, spammers, and credit card forger have been dealt with, then I can understand worrying about Google's privacy policly.. but who can be really worried about whether someone will see my forwarded chain letters when there's the real risk of someone hacking in to my PayPal account, transferring my funds to an offshore account, and then using my EBay account to sell items that don't exist?

Re:Talk about raining on someone's parade....

Umm, on the one side you're advocating that we teach everyone how to be more secure, on the other hand you're saying the privacy problem is overstated. You need to focus a bit on cause and effect - you need to START with safe behaviour, and guarding your privacy is one. Here's a simple breach that will screw your life: credit card records. Sure, that's the merchant's problem, but YOU get the life changing debts, so you will seek merchants who appear to put at least some effort in. You avoid merchants who say "we would like as much credit card details off you as possible" (OK, unless your brain has gone on holiday).

I have fire insurance. That doesn't mean I smoke in bed, let candles burn near curtains and see if alcohol also gives me that nice blue flame when it's in a puddle on my wooden floor.

I teach security for a living, and it's a hard job coaching kids to be secure - until we tell them about one of their friends who ended up being stalked because some weirdo worked out where they lived.

Giving Google more and more data about you means that you exponentially increase the temptation for abuse, and the potential for a data breach to be devastating. You have nothing to hide? Fine, how much do you earn? Why doesn't your neighbour know? Why do you close the curtains when you and your girlfriend enjoy a bit time together?

Google doesn't need to be evil to make a mistake, but once the mistake is made it's too late to say "I wish I hadn't".

Oh, BTW, on top of that it's a US company. Not exactly the safest place for information when the NSA or whoever else is the flavour of the day fancies taking a look. And if they screw up, who are you going to call?

Re:Talk about raining on someone's parade....

[maxume]

Don't go making this about TSA approved luggage locks.

Re:Talk about raining on someone's parade....

[PeanutButterBreath]

If you are saying that Google's services are not trustworthy, then I really disagree with the contention that their existence is some major boon to online consumers. At best, they are no worse than the rest of the pack. If anything, their ever expanding convenience services are an attractive nuisance.

It makes sense to go after big targets not just because they are easy to hit, but because hitting them has a large effect. How better to spread the word that putting your information on-line, even with a large, well established corporation is not safe, than to have Google admit "Look folks, even our servers are inevitably going to be cracked. Don't put anything in an e-mail that is going to end up in a G-Mail account or anything in a Google Doc that you want to protect from unauthorized use."

Re:Talk about raining on someone's parade....

[TomXP411]

But what on-line service IS safe any more? Every few weeks, I see news about a breach of a credit card authorization service, military computing system, or some other large system that we'd consider safe.

Google's value is NOT in their security. It's in the fact that they've brought so many new things to the table. Sure, search existed before Google, but go look at Google's product list sometime. It's huge, and many of those things are not easily available elsewhere (and there are some things that aren't YET available, such as on-line storage, but that's another story.)

Maybe it's just my perception, but I've always had the feeling that Google is more of a group of geeks just trying to do cool stuff, rather than the way other large companies in this space present themselves: money first, product second. The irony is that I figure that kind of attitude would fit in well with this crowd.

But then, there will always be those who disagree - if only because they don't want to be in the "it" crowd.

Gears

[crumbz]

Epic should stop f*cking around with Google and get back to work on Gears of War 3 already..... Really, what is Phoenix supposed to do next, now that the Locust Horde has been *temporarily* stopped.

Re:Gears

They're taking on a new opponent that is going to know everything about them before they even attack. Some kind of hive/cloud-based mind called Google.

Use The Force of your HOSTS File, Luke

My hosts file has routed any connections to www.google-analytics.com or ssl.google-analytics.com to 127.0.0.1 for years.

You can even google for "google-analytics block" and google will provide you with plenty of solutions to blocking google. It's not that big a deal, folks. You are using computers, which you can control, remember?

I agree.

[Futurepower(R)]

MOD PARENT UP! First non-cynical comment.

It's good that we have organizations that supervise privacy issues. The issues are far too complicated for an individual to supervise.

Again, Nah.

[PeanutButterBreath]

What assumptions? I asked you too clarify two points, beyond which I couldn't care less about you or your motivations.

Also, my "argument" -- such a big word for a simple observation -- is not a straw man. I have made no statement regarding the validity of EPIC's claims about Google.

We'll get to why your concern is a strawman in a sec.

But first, the word "argument" does not appear in my earlier post, yet you use it in quotation marks to accuse me of using overly big words. One wonders how the hell "argument", an 8 letter word, is "such a big word for a simple observation", when "simple observation" is composed of more than twice as many letters? Moreover, misattributing an argument to me in order to prop up your own point is yet another strawman.

Now, back to your strawman argument re: EPIC. Your insinuation that they are asking for a handout is phony. They are not asking for "monetary payment" as you accuse them here. They are asking for a donation to a third party, public fund. Impugning their motivations based on a phony accusation is a strawman.

Re:Again, Nah.

[girlintraining]

Please get off my leg.

Re:Again, Nah.

[PeanutButterBreath]

Please get off my leg.

Because you need one to stand on?

Re:Again, Nah.

[girlintraining]

Because you need one to stand on?

No, it's just that I have to be somewhere in an hour and it's going to be hard to get into the car with a wrinkled troll with giant teeth still attached to my leg, hissing and drooling.

Re:Again, Nah.

[Ragzouken]

I won't even bother with the rest of your post, but you are guilty yourself of Strawman. You're misrepresenting the claim that "argument" is "such a big word for a simple observation" as the incredibly weak argument that "argument" is 'such a long word for a simple observation' rather than the true intention that is more likely to be that "argument" is the wrong word to describe his "simple observation".

Re:Again, Nah.

[PeanutButterBreath]

Don't let me keep you. I hear that Devry University is a stickler about tardiness.

Re:Again, Nah.

[girlintraining]

Don't let me keep you. I hear that Devry University is a stickler about tardiness.

That's good to know if I ever decide to enroll with you.

Re:Again, Nah.

[PeanutButterBreath]

Its incredibly weak to assert a "true intention" when all you have is a "likely" alternative.

I think the problem is that you don't understand the meaning of "for". Of course, if you actually think that "argument" is a big word. . .

Re:Again, Nah.

[Ragzouken]

Whether on not my example of a possible true intention is weak or not is irrelevant. The true intention was clearly not to comment on the number of characters in the word. A point which your weak critical thinking nazism has yet to address.

In addition to this it seems that "Of course, if you actually think "argument" is a big word. . ." is a false appeal to ridicule.

Re:Again, Nah.

[PeanutButterBreath]

Is "argument" a big word by any standard!? Since you continue to defend the point, my appeal to ridicule clearly isn't false.

A point which your weak critical thinking nazism has yet to address.

Paging Godwin. . .please report to a white courtesy telephone. . .

Re:Again, Nah.

[Ragzouken]

More ridicule. You seem completely unwilling to concede on this issue, despite both it being obviously wrong, and nothing your argument relies upon.

You've changed your argument now. It's gone from denying that your response about the character length of "argument" was a misrepresentation of the author's intended point, to arguing that "argument" could not be considered a big word "by any standard".

"argument" can be considered a big word for a 'simple observation' in the sense that it is too grand a title for it. Whether or not it is too grand a title, and whether or not the great-great-etc parent only actually made a 'simple observation' is irrelevant (not that you've denied this, I'm just saying).

The issue comes down to: Did you or did you not imply or claim that when it was said that "argument" was "such a big word for a simple observation" that the author's intended argument was that "argument" had too many characters to refer to something that was a 'simple observation'. If you did that, then you have made a strawman argument.

It is clear that you did either imply or claim this. You have either done this accidentally, from incomprehensible stupidity, or intentionally, but refuse to admit it.

So, did you not imply or claim that the author thought that the word "argument" had too many characters?

Re:Again, Nah.

[PeanutButterBreath]

I already conceded that I was ridiculing you. Not sure why you are at such pains to reiterate that I think very little of your argument here.

I very clearly compared "argument" and "simple observation" on number of characters. You (and not OP) are arguing that OP was contrasting "argument" and "simple observation" based on some fundamental difference in meaning. If such a distinction exists, OP was obviously not making a simple observation. OP was reading between the lines to draw a conclusion and level an accusation. A simplistic one, if you like, but nonetheless far more than a "simple observation".

So any way you slice it, I made no strawman. "Argument" is not a big word for "simple observation" based on character length. Nor is "argument" hyperbole in this context. "Argument" is not a "grand title" or "big word" for anything to anyone with a 2nd grade education.

The fact that OP missed his or her important appointment to call me names, but hasn't grasped at the semantic straws you are bundling up here suggests that you are just plain wrong anyway.

All that aside, its nice to know that chivalry is not quite dead, at least when it comes to karma whores.

Cluestick

[Omega]

Wait. You mean Google is taking the data I'm storing for free on their servers mining it for information to use in contextual advertising just like I agreed to in the terms and conditions when I signed up?

And also, I want a pony.

Re:Cluestick

[drinkypoo]

And also, I want a pony.

Google might give you one someday, but the saddle will take ass-prints (like fingerprints, but, you know) when you ride and keep track of where you go.

Re:Cluestick

[BuisyBizz]

Reminds me of an article I read in Wired recently: http://www.wired.com/techbiz/it/magazine/17-02/ff_killgoogle

Re:It is way too dangerous to use Google's product

lol umm yeah... security.

May I point out that MSN messenger is inherently exploitable by keyloggers and worms?

just putting that out there.

Data breaches

I think they're not just talking about privacy policies and data analysis. TFA mentions data breaches. Only 39 states in the USA require a company to report their data breaches to the public.

Heartland Payment Processing Systems lost millions of credit card records from May to August of last year, but you can't even get a list of the merchants for whom they process payments. So the only costs of a data breach they have to worry about are reporting costs (imposed by regulations) and fraud costs (if any credit card fraud takes place, Heartland could be responsible for recouping losses if they were responsible for the data breach, depending on the contract. PR is nothing - you CAN'T know if you're even giving them your business or not.

Full Circle.

[PeanutButterBreath]

If I want to read more inept ad-hominem, I'll come back and explain why your post makes no sense.

Aw, what the heck.

First, is it really an insult to insinuate that I am in a position of authority at an institution you might be enrolling in?
Second, would I represent my own policy as a rumor?

And finally, what are you still doing here?

Re:Full Circle.

[girlintraining]

And finally, what are you still doing here?

Protecting my investment in the rope manufacturing industry.

Re:Full Circle.

[PeanutButterBreath]

By eating your own dog food?

Re:Full Circle.

[Ragzouken]

By non-sequitur?

Re:Full Circle.

[PeanutButterBreath]

Over your head != Non-squitur

Re:Full Circle.

[BasharTeg]

Wow, you two are a couple of douchenozzles.

Re:Full Circle.

[PeanutButterBreath]

Wow, you two are a couple of douchenozzles.

You must be what they call a "bird of a feather", Mr. Light-A-Single-Candle.

Epic Complaint

[W.+Justice+Black]

Am I the only one who saw the words "EPIC Complaint" and got the image in my head about a guy driving a car into the complaints department at some auto manufacturer?

That would be an epic complaint.

Re:It is way too dangerous to use Google's product

[Duncan3]

Even funnier, they think FTC > CIA and NSA, the government agencies working with Google (that's their job, we the taxpayers pay them to watch Google)

First thing I think of when I see EPIC:

[karnal]

m-m-m-m-m-m-monster kill!!!!

Capitalized or not, UT is the first thing I thought about... and thought "why would they want to do that?"

or perhaps.. fail?