Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Privacy Director Alma Whitten Leaving

Posted by Unknown on from the do-no-evil dept.

Gunkerty Jeb writes "Alma Whitten, the director of privacy at Google, is stepping down from that role and leaves behind her a complicated legacy in regards to user privacy. ... Whitten has been at Google for about 10 years, and while she has been the main public face of the company's product privacy efforts in the last couple of years, she has been involved in engineering privacy initiatives for even longer. Before becoming the privacy lead for products and engineering in 2010 in the aftermath of the Google Street View WiFi controversy, Whitten had been in charge of privacy for the company's engineering teams. During that time, she was involved in the company's public effort to fight the idea that IP addresses can be considered personally identifiable information."

35 of 73 comments (clear)

  1. Google + Privacy? by peppepz · · Score: 2, Insightful

    When we talk about the company's "privacy efforts", we're talking about them fighting privacy?

    1. Re:Google + Privacy? by Anonymous Coward · · Score: 1

      "You can easily go and use someone else's IP-address."

      And it's somehow impossible to use someone else's home/mailing address? The point is: you probably can only use someone else's IP address or home/mailing address if they (in some way) consent to it (e.g. providing proxy/VPN services, providing Tor services, etc.). No, IP spoofing doesn't count... you can spoof TCP SYN packets, but you won't be able to actually establish any connection (obviously, ICMP and UDP are different, since they're stateless protocols).

      "You know, the obvious difference comes from the fact that one is a virtual construct that can be utilized from anywhere in the world and the other one is a physical construct that can only be used on that one, specific spot."

      You do have a point, in the sense that they are not exactly the same. On the other hand, claiming that an "IP address" is not "personally identifiable information" is simply wrong. In fact, Google DOES use your IP address (along with user agent string) as surrogate for (hopefully) uniquely identifying the user (assuming you're not logged in to Google to begin with).

      The fact that GOOGLE ITSELF uses IP addresses as "personally identifiable information" (i.e. as a way of assigning persistent identities to HTTP agents) tells me that they're not just full of bullshit, they're bald-faced hypocrites too.

    2. Re:Google + Privacy? by Spy+Handler · · Score: 2

      Tobacco companies have a Health director, so Google having a Privacy Director shouldn't seem so strange...

    3. Re:Google + Privacy? by Gaygirlie · · Score: 2

      There's no such thing as "utilized from anywhere in the world".

      Tor, botnets, proxies, VPN et.al. would like to disagree with you.

    4. Re:Google + Privacy? by whosdat · · Score: 1

      You CAN'T keep your IP address private - that's how Internet works, dummy! - and it ISN'T personally identifiable information thanks to all variables like dynamic IPs, public WiFi spots, TOR exit nodes, running proxies and everything else.

      You seemingly want to argue that Google shouldn't be able to personally identify you without your consent - that one's good point and I doubt many would argue with that - but for some reason you're arguing a moronic and wrong point that "IP (that you're broadcasting for everyone to know) is personally identifiable and private". The fuck? Do you work for **AA or something? I think only they were so idiotic to argue that when they were hunting pirates. I believe courts not quite agreed with them, thankfully.

    5. Re:Google + Privacy? by dkleinsc · · Score: 1

      It goes along with the US government having a Department of Justice.

      --
      I am officially gone from /. Long live http://www.soylentnews.com/
    6. Re:Google + Privacy? by JWSmythe · · Score: 3, Insightful

          No, just like a street address, it does not identify you. It does lead straight to your home though. One requires someone to drive to your house. The other requires a LEO call to the ISP to ask for the address to drive to your house.

          It doesn't identify *you*. Just like you can have your mail delivered to a friend, neighbor or PO box, *you* are linked to it. It still leads back to you, no matter how many layers of distractions are involved.

        Your IP or mailing address cannot be used to prosecute. They can be used to point investigators towards who to prosecute.

      --
      Serious? Seriousness is well above my pay grade.
    7. Re:Google + Privacy? by JWSmythe · · Score: 1

      Get a PO box, a remailer service, a hotel room (yes, you can have mail sent to your hotel), and a cheap apartment in a different town. You can send mail from, and receive mail to, it.

      --
      Serious? Seriousness is well above my pay grade.
    8. Re:Google + Privacy? by Opportunist · · Score: 1

      The flaw here is that the average person is quite able to tell whether someone is living under their roof. Now imagine the average person being as "observant" offline as they are online. They wouldn't even notice someone sitting on their couch switching over to football every time they want to watch their soaps.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    9. Re:Google + Privacy? by Opportunist · · Score: 2

      Same with street addresses. I'd have to start digging in the court files, but I distinctly remember a case where someone was charged with drug manufacturing and was acquitted because the only thing they could field against him was that chemicals for manufacturing were delivered to his address but they couldn't prove that it was actually him ordering or receiving the items in question.

      It's fairly trivial to "abuse" someone else's address. All you have to do is intercept the delivery guy and tell him that you're you, but your ID is upstairs and if he waits here you'll go and get it. Given their rather tight schedule, they'd gladly simply accept that you're the authorized recipient... hell, as long as you scribble something on their ledger they're happy. You don't even want to know where I had to retrieve my UPS packs from...

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
    10. Re:Google + Privacy? by LordLimecat · · Score: 1

      Interestingly, when the discussion comes around to MPAA using IP to identify, many on slashdot would claim that IP is in no way evidence of anything for a wide number of reasons-- insecure Wifi, multiple household users, DHCP, etc.

      Obviously the two arent exactly the same, and obviously I cant accuse YOU of a double standard, but slashdot as a community certainly seems to have a double standard.

    11. Re:Google + Privacy? by LordLimecat · · Score: 1

      If you use a VPN to a diskless box that keeps no logs, certainly you can untraceably (at least to local enforcement) use another's IP.

    12. Re:Google + Privacy? by LordLimecat · · Score: 1

      Google is a company that makes money by offering services in return for advertising.

      If you dont like their terms, there are options for that.

    13. Re:Google + Privacy? by HappyPsycho · · Score: 1

      Google is the only company that violates your privacy?

    14. Re:Google + Privacy? by HappyPsycho · · Score: 1

      Just so I understand your point, which person is being identified by the wifi cafe's public ip address? Assuming the ISP keeps those type of logs, which person is being identified by the public address given by your ISP?

      "Personally Identifiable Information (PII), as used in information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context" - This is the definition from wikipedia, if you are happy with this definition then all of the above case are quite valid as they fail to identify a single person.

      I am aware that the wikipedia page points to a NIST document that identifies ip addresses as PII but a read of the actual NIST document shows the circumstances under which such an conclusion is reached (example 2 on page 22). It revolves around having the equivalent of a domain access system (or at the very least 802.1x) which keeps track of all ips and which users were logged into them at the times which allow ip data to be co-related (typical of an enterprise network). Both NAT and an unlogged DHCP server break those assumptions (even if the DHCP server is logged the mac can still be spoofed, something not easily doable in an enterprise environment).

  2. Unclear On The Concept by Anonymous Coward · · Score: 1, Interesting

    The last two companies I worked at had officers sending stern warnings about how important corporate privacy was in one gmail while in another gmail saying how they expected employees to all be on google docs for sharing corporate spreadsheets and product planning, etc.

    It must be nice being google. It's like having thousands of US corporations all volunteering to install your listening devices throughout their offices.

    1. Re:Unclear On The Concept by Opportunist · · Score: 1

      Erh... forward those mails to the CISO and ask him for his input. Should be fun.

      --
      We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  3. What's an Oxymoron? by Taantric · · Score: 2

    Kids, this is what an oxymoron is - "The Director of Privacy for Google". Another example - "Military Intelligence"

  4. Panopticlick / Google can track you quite well. by girlinatrainingbra · · Score: 4, Insightful
    Re: Whitten had been in charge of privacy for the company's engineering teams. During that time, she was involved in the company's public effort to fight the idea that IP addresses can be considered personally identifiable information

    Well, on the one hand, the idea that IP addresses are not personally identifiable information is of benefit to the masses when arguing against RIAA/MPAA attacks saying "this IP address downloaded XYZ, thus the current user of said IP address is responsible", because an IP address is not a personal identifier.
    .
    On the other hand, google can then say that they keep track of IP addresses and other information which combine to become personally identifying information.
    .
    See the EFF's site Panopticlick to see the huge amount of identifiable information your web-browsing leaves behind, especially if you have javascript enabled. If google argues that your IP addy isn't personally identifiable info, then they can't get in any trouble for keeping track of it, even though in combination with your "user agent string" and the leaked browser information, they certainly can keep track of you.

    1. Re:Panopticlick / Google can track you quite well. by DarkOx · · Score: 1

      Personally identifiable facts separated from there other facts my be PI without actually being enough to identify on there own. Knowing only your birth date I can't do much but if I have your birthday and full name I can come up with a much smaller list of candidate people who might be you.

      There need not be a direct connection between some datum being characterized as PI and using it as a unique and reliable identifier. That said, I don't disagree with googles position; having to treat IP addresses as PI while might be a great privacy protection, would completely impair Internet as it exists today, operationally, and commercially

      --
      Repeal the 17th Amendment TODAY! Also Please Read http://www.gnu.org/philosophy/right-to-read.html
  5. How many hours a week? by JabrTheHut · · Score: 1

    I'm assuming this is a part-time position and she's the only one in her team...

    --
    Work like no one is watching. Dance like you've never been hurt. Make love like you don't need the money.
  6. Surely it's not still April 1st somewhere? by tehcyder · · Score: 3, Insightful

    "Director of privacy at Google" is the only funny April Fool's joke on slashdot this year.

    --
    To have a right to do a thing is not at all the same as to be right in doing it
  7. OXYMORON by oldhack · · Score: 1

    "Alma Whitten, the director of privacy at Google"

    ...

    --
    Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
  8. Well.. by vosser96 · · Score: 1

    I have a feeling I'm going to get flamed for this, but given that Google has been giving out free cloud storage, free word processing (on the cloud) and other nice things to have, is it an issue (Right now?) I mean, if Google actually uses my information for anything more than advertising, I would be kind of pissed, but I have yet to hear of anything like that.

    1. Re:Well.. by vosser96 · · Score: 1

      I'm curious, how is it an issue?

    2. Re:Well.. by Anonymous Coward · · Score: 1

      Google goes to extraordinary lengths to anonymize usage data. There are only like 4 people in the whole Google that have access to the RAW logs, other people get them only after anonymization and any attempt to gain an access to RAW data ends up with immediate termination.

      The question is if this practice would continue after Alma's departure, or she left because there was something being cooked she disagreed with.

  9. Re:Google has your real name by whosdat · · Score: 1

    If they'd require your real shoe size - would that make it personally identifiable as well?

    What's needed is laws against tracking, not redefinition of "personally identifiable" that'll bite you in the ass later.

    PS: By the way, I can see how your shoe size'd be a nice data point for marketeers: "Someone with his shoe size and user agent bought sport shoes today, mark him for Nike and Reebok ads in 6 months"

  10. What about IPv6? by ravenlord_hun · · Score: 1

    I understand IPv4 might not be personally identifiable, but you are supposed to keep your IPv6 subnet forever. Sure, there's some privacy extension which is supposed to help, but IIRC that only assigns randomized addresses in your own /64 subnet - not helping much in this case...

  11. Re:FEAR Alma? by greenfruitsalad · · Score: 1

    scarier. way scarier... Oxymoron Incarnate kind of scary

  12. Re:easiest job ever by mwvdlee · · Score: 1

    Aren't the Preacher and The Choirboy essentially the same position?

    --
    Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
  13. Re:easiest job ever by Opportunist · · Score: 3, Funny

    Not really. It's one of the things where it's probably better to be the one who is behind.

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  14. So, not privacy oriented then ... by gstoddart · · Score: 1

    During that time, she was involved in the company's public effort to fight the idea that IP addresses can be considered personally identifiable information.

    So she led the charge to try to make as much stuff declared not private as possible, and wasn't ever actually a privacy advocate. Did she try to argue that the wi-fi information they scraped wasn't private either?

    She'll no doubt be replaced with someone who cares even less about privacy.

    Sadly, Google is evolving into a douchebag corporation like every other multi-billion dollar organization. My trust in them has been waning the last few years.

    Good riddance to her then.

    --
    Lost at C:>. Found at C.
  15. Google Privacy Director? by organgtool · · Score: 1

    I'm sure she will enjoy her new position at Fox Hen-House Security Services.

  16. Google Privacy Director by JDG1980 · · Score: 1

    Was this one of those "no-show jobs" we sometimes hear about?

  17. Re:FEAR Alma? by Big+Hairy+Ian · · Score: 1

    I thought something might be brewing http://www.bbc.co.uk/news/technology-22003551

    --

    Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.