[Peace] Fwd: Google makes goo-goo eyes at you personal IDs and info
Alfred Kagan
akagan at uiuc.edu
Mon Apr 5 08:48:01 CDT 2004
A privacy alert.
>Date: Mon, 5 Apr 2004 01:18:12 -0400
>To: SRRT Action Council <srrtac-l at ala.org>
>From: Mark Rosenzweig <iskra at earthlink.net>
>Subject: [SRRTAC-L:13232] Google makes goo-goo eyes at you personal
>IDs and info
>X-MailScanner: Found to be clean, Found to be clean
>Reply-To: srrtac-l at ala.org
>Sender: owner-srrtac-l at ala.org
>X-MailScanner-Information: Please contact the ISP for more information
>
>Dear friends,
>
>Over the last few years, several times I've brought to your
>attention the dark side of Google-ism and decried the rather
>uncritical attitude legions of librarians take to the Google search
>engine and related facilities.
>
>I have no idea that warnings like these , based on the important
>work of 'Google Watch' , have had any impact. I hope so.
>
>Once more, in any case, I feel like raising something of an alarm,
>this time on the occasion of the launch of Google's 'Gmail'. I refer
>you to the new page Google Watch has set up specifically on Google's
>new Gmail and its problems. http://www.google-watch.org/email.html
>
>The article appended below shows how Google continues to raise the
>ante on your personal information as they collect it and is
>gathering ever more of it with only the flimsiest promise of
>permanent protection or non-transferability.
>
>Your Google profile (collected by their 'evil cookie' as
>Google-Watch calls it) linked to a personal ID can be one of the
>most massive invasions of one's privacy created in the area of
>information-seeking on your part. Surely this should be a great
>concern to librarians, especially as they continue to recklessly and
>mindlessly recommend Google as the first-choice search engine.
>In my opinion, it is the responsibility of librarians to proactively
>make this sort of information available as "information consumers'
>information" in the form of handouts and otherwise. We can also
>recommend the Google-Watch Proxy
>http://www.google-watch.org/cgi-bin/proxy.htm as a safe alternative
>to Google itself. This is a service which we can perform, warning
>the public of threats to their privacy from the information
>industry, especially heavily used instrumentalities like Google.
>I hope you will read the following articIe with interest and concern
>and refer to (and bookmark ) the Google-Watch page
>http://www.google-watch.org/ for updates of inside, critical
>information on and analysis of everybody's favorite search engine.
>
>Mark Rosenzweig
>ALA Councilor at large
>SRRT Action Council member
>PLG Coordinatying Committee
>PL Editorial Board
>
>
> Google covets your email address
>
> Always delete your Google cookie before and after!
> Larry Page wouldn't say whether Google planned to link Gmail users
>to their Web search queries. "It might be really useful for us to
>know that information" to make search results better, he said. "I'd
>hate to rule anything like that out."
>
>-- Los Angeles Times, 2 April 2004
>
>
> Google has added many new services and features in recent
>years. On April 1 they announced their Gmail
> service. It's no April Fools joke, but someone at Google may
>still be laughing. A form on their site lets you enter
> your email address so that Google can send you updated
>information about Gmail within the next few weeks.
>
> Many Google fans, as well as those who are attracted to the
>generous storage offered by Google's free Gmail,
> are rushing to enter their email address in this box.
>Although it is not stated anywhere on Google's site, the
> presumption among many is that those who do this immediately
>will have a better chance of getting a unique
> username that suits them.
>
> This is an urgent appeal to anyone entering their email
>address on any page at google.com, to first
> delete their Google cookie. The urgency has to do with the
>fact that tens of thousands can be
> expected to do this over the next week or two. Other pages
>at Google have the same problem
> (News Alerts is an example), but the numbers involved are
>much smaller.
>
> Google uses a single cookie for everything, and it expires
>in 2038. Your browser offers this cookie, which
> contains a unique ID number, every time you enter any page
>on Google's site. If you don't have a cookie,
> Google will give you one with a new unique ID number.
>
> All of your search terms are saved by Google, along with a
>time stamp, your IP address, and your unique cookie
> ID. So far this information is not considered "personally
>identifiable" by Google because your IP addresses
> might be dynamic. (Broadband addresses are often fixed for
>weeks or months, but dialup addresses are very
> dynamic.) The unique ID in the cookie is the one thing that
>identifies all of your various IP addresses as coming
> from the same browser.
>
> Your Internet service provider maintains logs that can trace
>your IP address to you as an individual at a
> particular point in time. This is especially true if you use
>broadband. But as time passes, many providers rotate
> their logs and the old data is deleted. Normally, the only
>way that your unique cookie ID at Google can be traced
> to you as an individual is through this IP address.
>
> However, as soon as you enter an email address on a Google
>form, it becomes easy for Google to assign your
> cookie ID to you as an individual. That's because your
>browser, at the precise point in time that you click your
> email address to Google on one of their forms, sends your
>Google cookie ID along with the email address you
> entered. Google is no fool. They will record this
>information so that it can be retrieved from their databases. Now
> they've tied your searching history to your email address.
>How hard is it to tie your email address to you as an
> individual? It's not hard at all.
>
> If you delete your Google cookie before you hand over your
>email address, then by the time you get to the form
> and submit your email, Google will have issued a new cookie
>that has an unused ID in it. This cookie ID will not
> match anything in Google's databases. After submitting your
>email, you should delete your new cookie too. That
> way your email address is tied to a cookie ID number that
>remains useless to Google.
>
> This page is not meant to be an analysis
>of Gmail, but while you are at it, please read the privacy
> page and the terms-of-use page for Gmail.
>Note that if you delete an email, Google may mark it so
> that it is invisible to you, but might not
>really delete it. And if you terminate your account, Google
> does not guarantee that they will erase
>your emails. Google decides what to delete and when, not
> you. It's none of your business.
>
> While Google brags that no humans will read your emails, the
>entire Gmail program will involve extensive
> automated profiling of you as an individual. Google will be
>sharing the non-identifiable portions of your profile
> with anyone they choose. If the ownership of Google changes,
>or there is a merger, the entire
> personally-identifiable profile will be available to the new
>owners or partners.
>
> Finally, it's all available to government officials all over
>the world, under whatever legal procedures are used in
> any particular jurisdiction. It is also available to civil
>litigants under discovery procedures authorized by a court.
> When you look at it this way, the one-gigabyte allowance for
>your email account becomes much less attractive.
>
> Google never deletes anything they collect, as far as we can
>tell. Think twice before typing in your email
> address on a Google form.
>
>
>
--
Al Kagan
African Studies Bibliographer and Professor of Library Administration
Africana Unit, Room 328
University of Illinois Library
1408 W. Gregory Drive
Urbana, IL 61801, USA
tel. 217-333-6519
fax. 217-333-2214
e-mail. akagan at uiuc.edu
More information about the Peace
mailing list