Google: sparking ‘a privacy Chernobyl’?

In the run-up to the live spiked debate ‘Has Google got too big?’, taking place in central London this Thursday, we are publishing a series of articles on Google. Here, Simon Davies of Privacy International tells Tim Black that it makes good business sense for Google to start treating privacy protection as an opportunity, rather than an inconvenience.

Last week, a year after Google’s Streetview was launched in the UK, a further 210,000 miles of the country’s roads and streets were made available to internet users. In fact, it’s now possible to investigate virtually any street in Britain. You can gawp at where you grew up, you can poke around old student digs, you can even go carousing in Lincoln. Yet while this might sound like an innocuous, sometimes useful, sometimes fun, online tool, for some Google Streetview constitutes a serious invasion of people’s privacy.

At the forefront of the criticism of Google has been Privacy International and its director general Simon Davies. Last May, PI submitted a letter to the UK’s information commissioner outlining their objections to Streetview. As Davies himself tells me: ‘Our concerns were, and still are to an extent, that the necessary safeguards were never put in place in the way that we wanted.’ The chief problem was that Google’s ‘faceblurring’ technology, which was meant to obscure every individual’s face, actually left many people unblurred. Such was the ease with which some people were identified, like the man enjoying a crafty fag despite telling his wife that he didn’t smoke, that what seemed like a harmless piece of technology managed to cause considerable embarrassment and, in some cases, distress. This wasn’t the only problem. People just weren’t consulted – which was worrying given the extent to which Google had ‘cameras looking into houses and into private spaces, such as backyards’, says Davies.

What Streetview indicates, and what PI has long criticised, is Google’s rather blasé attitude to an individual’s privacy. Not for nothing did PI rank Google bottom out of several major IT firms in terms of their attitude to privacy. This isn’t to suggest that Google is some malevolent, totalitarian force. Google does not seem to be deliberately setting out to invade privacy, to monitor, survey and profile individuals. Rather, it does so by default. Hence it just seems to develop and deploy products, like Streetview, and then consider privacy implications later. As Davies explains, ‘Google’s fundamental issue is that the company has grown so fast, and has taken on so much, that the mere idea of slowing down a product deployment through consultation [with users] is difficult for many people in the company to understand.’

To a limited extent, things are changing, however. ‘Before now Google never saw privacy as part of its core mission. It’s perhaps only been over the past six to 12 months that Google has started to see privacy as a prime differentiator in the market, and something which customers expect’, Davies tells me. ‘From a management perspective, Google is certainly getting the message now. And I think the engineers are, too. It’s a matter of getting the decision-making process and the product cycle aligned. And that’s something that takes years.’

In going through this years-long development, as Davies is quick to emphasise, Google is not unique among major IT firms. In fact, it’s going through the same process that several companies have gone through before: ‘I remember about 15 years ago nearly coming to blows with Microsoft executives over privacy – a couple of celebrated moments that spilled blood on the carpet. It’s forgotten that in those years Microsoft was condemned for prolonged systematic privacy breaches. Now, although not whiter than white, Microsoft has certainly turned the ship around in understanding the importance of the issue – even though that doesn’t always translate into their product development.’

‘All large companies go through this’, Davies continues. Facebook, for instance, has been subject to similar levels of public flak for its flagrant disregard of individuals’ privacy. ‘And it is being burned routinely in the press as a result. Just as Google is.’

But while Google is clearly making some efforts to incorporate a concern with privacy into its operations – such as introducing an admittedly overly-complicated privacy dashboard – Davies suggests there are significant obstacles, not least Google’s sheer size. In fact, it is Google’s near universality as an internet tool, from email to search, that makes it, to use PI’s phrase, an ‘endemic threat to privacy’.

‘There is no question that any company that aspires to create a monopoly poses a threat endemically’, Davies tells me. ‘That’s not just Google, that’s also Microsoft. Google is fortunate in that it’s working on the new wave of information processing. Many regulators don’t understand the importance of what Google is doing. Because Microsoft was selling hard products, it was easier to understand what the Micrososft monopoly meant, but it still took regulators years to get that far.’

There is potential for the threat that Google poses, albeit by default rather than design, to grow. As Davies says: ‘In the future, if you combine a Google utility, say your search profile, with your diary or even your email addresses, Google will have an extraordinary reach into every aspect of your life to an extent that isn’t happening currently.’ This ability to drill deep down into an individual’s private life, is clearly a worrying prospect for privacy campaigners. ‘The real battle is when Google starts to join together the information reserves to each service through a single sign-on or log-in. There is some sharing at the moment, but if you look at what it potentially could do, there is a privacy Chernobyl ahead, and Google needs to recognise it.’

The problem is that Google’s raison d’être, and the reason for its interest to both commercial and political spheres, runs counter to a regard for people’s privacy. ‘Google’s business model, as far as we can see it, depends upon a knowledge of the individual, a knowledge of the account holder. To achieve that goal, it’s going to have to take some very tough decisions with regards to the way it handles information, and I don’t think the company is set up well enough, or aligned well enough to take those decisions yet… Our concern is to see how the business model can be maintained while protecting privacy.’

However, there is one key factor that may mitigate against this ‘privacy Chernobyl’, argues Davies: the need to avoid the potential cynicism of internet users. That’s where, as Davies sees it, ‘trust becomes a key element’. He continues: ‘Screwing over your customers by trying to pull a fast one over privacy doesn’t work. It’s crucial to build that trust so that a fast-growth company can maintain its position in the market. That’s why all these companies need to see privacy as something that is a potential plus for them rather than a pain in the arse, which is the way they’re seeing it at the moment.’

Tim Black is senior writer at spiked.

What do YOU think? Let us know by clicking here.

The spiked debate, ‘Has Google got too big?’, will take place at the Royal Society of Arts in London between 6.30pm and 8pm on Thursday 18 March. It’s a free debate, but to avoid disappointment book your place NOW: click here.