Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Privacy Your Rights Online

Google And Privacy 12

Posted by michael from the going-all-google-eyed dept.
SubtleNuance writes "A recent Cnet Article details the privacy concerns raised by Google's new browser Plug-In. Google's browser addon will "tell us what site you're visiting which it does by sending us the URL.". The site makes its intentions more clear than most by stating "you may be sending information about the sites you visit to Google" in its click through agreement during install. This type of software (broswer-search-plugin) isn't exactly in high use amongst the /. im sure, but what does this say about the leading technology companies on the Web - and the compromise associated with profit making in the dot-com era." Sounds to me like Google is making a good effort with what is inherently a privacy-invading product.
This discussion has been archived. No new comments can be posted.

Google and Privacy More

Google and Privacy

Comments Filter:
  • And Alexa is built into Netscape and I have never seen any specific warnings during Netscape installs. If you have the "Show me related websites" activated (which it is by default) it tracks sites you go to. You can also download Alexa plugins for IE. At least the google software is upfront and honest about what it does.

  • not a big deal... (Score:3)

    by nakaduct ( 43954 ) on Monday December 11, 2000 @11:46PM (#565779)
    "tell us what site you're visiting which it does
    by sending us the URL.".

    How else would the plug-in tell them? Send a fax?

    More seriously, I was looking at some proxy logs recently, and it's eerie how much you can tell about a person by the URLs they visit. This may seem obvious, but seeing it in action is spooky.

    You see them looking at, say, Sony Mobile ES [xplodsony.com], Rockford-Fosgate [rockfordfosgate.com], and Audiocontrol [audiocontrol.com], and conclude they're shopping for a car stereo.

    Then they visit their bank, and maybe their credit card vendor, and then go on to visit some [jensenaudio.com] less-prestigious [rockwoodhifi.com] manufacturers, and now you know more about the state of their finances than you did before.

    Fortunately, Google has done their best to warn you. After the click-through, you get a popup that reads (in big red type):

    PLEASE READ THIS CAREFULLY
    IT'S NOT THE USUAL YADA YADA
    .. then you get a chance to opt-out of their advanced features. I couldn't tell for sure, but it also appears that they only send the URL for pages whose rank you've requested, even when the advanced goop is turned on.

    This story would be better-titled "Google offers useful service based on current URL, and explains the drawbacks in plain English." That might not generate the page hits that /. is counting on.

    cheers,
    mike

    • You can turn off the features that send your browsing habits to Google.
    • They have a separate toolbar privacy policy
    • You aren't asked for a single piece of information during the install. Not your email address, not your name, nada.

    Unless someone cares to believe that they're using your IP against a database given them by little green men to pull down your SSN and measurements, I don't see what the privacy flap is about.

  • ...or if you use any OS + browser combination other than Windows + IE. Someone in a topic several months ago posted this javascript, and now I use it all the time. Save it as a browser bookmark.

    javascript:q=document.getSelection();if(!q){void(q =prompt('Enter%20text%20to%20search%20using%20Goog le.',''))};if(q)location.href='http://www.google.c om/search?client=googlet&q='+escape(q)

    Note that the first part will search based on any highlighted text in your browser window, which might send a document.referrer to Google depending on how your browser is configured. IMO, that's a fair price to use a great search engine.

  • Although I understand that we are discussing Rights and Privacy, I would also like to add a point regarding functionality. I read all the disclaimers at Google's site, and I installed the toolbar. It has very useful features, and for a frequent search engine user like myself, it is a tool that has its value.

    As it was pointed out, there are many disguised ways to obtain personal information, and since Google warned twice during installation about the privacy issues, I was very aware of the risks I was taking. For me, it was worth the download.

  • Google does the same thing. See <a href="http://slashdot.org/yro/00/11/24/0131205.sht ml">this</a> /. article.

    It's not really a privacy violation, though. It's designed to filter out junk sites that are keyword spamming. It's pretty easy to see if a site is keyword spamming based on the brief summary on the results page; thus they won't be clicked on as often. Eventually, this could affect the page ranking, by at least making sites whose summaries appear more relevant appear first.
  • I noticed last night on my dialup account that clicking on search results from alltheweb.com [alltheweb.com] first sends an http:// request back to that server, before connecting to the server that has the hit you want to see.

    Also, alltheweb doesn't seem to have any privacy statement on the site at all....

    Now, I am not naive enough to have an expectation of privacy online, and i don't think that anyone else should, either. And, I know that - legally, at any rate - there isn't much that a company has to tell us about what they do. So, where does that leave us? If you have concerns about your privacy then you should either get and stay offline or collaborate with others to identify and combat the worst offenders.

    Rant off.

  • I wish journalists would stop going to Jason Catlett and Marc Rottenberg for "authoritative comments" on non-issues like these. This is not a privacy worry...
    • Google has done the best job I've seen of disclosing the fact that you must expose your surfing habits to use its tool. It's not just the same old "yada yada" as they say.
    • You have a clear choice. Use the tool or don't. No one's making you install it or sneaking it in as OEM. You don't have some inalienable right to use the Google bar without having be "intrusive".
    • If Google could invent a way to perform the service without "invading your privacy", I'm sure they would do it. Think you can? Do it and go make a bundle.
    • When I installed it, at no time was I asked for any personally identifiable information. No registration. So how, pray tell, would Google know who it is that's aggregrating this URL history?
    • Oh, there's that GUID. Well, I suppose a GUID is Google's digital psuedonym for me and it let's the Web-based application distinguishing me from all the rest of you humps...but it doesn't identity me personally?
    • Could Google track me down with an IP address, figure out who I am, or assemble a complete dossier on me? I suppose. If I get any hint that Google is doing this, especially after promising that they wouldn't, you can bet I'll be looking to collect some punitive damages.
    • In the meantime, what data is there to sell to marketers that "I own" and would amount to my privacy being invaded? Nothing, nada. I'll be sniffing those packets to make sure nothing more than my URL and typical HTTP headers are leaking out (i.e. form entry data).
    Look world. The Web is mostly public. When you contact a Web server, you are negotiating a communication transaction. If you expect to be a ghost, you don't understand the medium. Being noticed, characterized and tracked isn't necessarily any more of a privacy invasion than walking into Walmart and having a clerk recognize you from yesterday and notice that you are still wearing the same shirt. Let's be reasonable or else when there really is a privacy threat, we won't be taken seriously.
  • We're still a ways away from having a good online privacy protection act here in the states, but at least there have been strides to pave the way for this. The first one was to have privacy policies explicitly stated.

    But as this CNet article points out, even though you may know if a program reports back to a company, you do not specifically know what is being sent back. I think we (as in the global web community) to start asking these sites to at least explicitly state if they are sending back any identifiable information, or if they are only sending back anonymous data. For example, the Google case, I'd trust google to say that they don't send any identity back and avoid sending back URLs that might have a similar case. But other such people, I would not trust as far if they just say "We do not collect personal information about you." -- that leaves the door open for information about your COMPUTER or the application specifically. Sure, there are cases when I DO want to be identified (online shopping, for example), but even then, it should be explicitly stated even if redudant as to get consistancy across the entire e-commerce web.

  • My question is whether the toolbar code can send secure URLs off to Google after they've been decrypted... For example, my bank uses a long token attached to the end of the URL to determine that it is indeed me accessing my account. If this was being sent off to Google, it would be easy for someone to attach a timestamp to that URL, check to see whether it was within the past 15 minutes (after which time the token expires) and then have access to my banking information without even worrying about cracking the encryption.
  • I have to agree with you. I just installed the Google toolbar last night, in fact. I feel the functionality outweighs the potential privacy risk. I use Google constantly and the convenience of having its major functions available to me on the toolbar is just too cool. Besides, I trust Google as a company. They did warn me that I'd be "tracked," and they even explained to me how to use only the "basic features" of the toolbar if I wanted to protect my privacy. Also, given that I use Google as much as I do, I don't mind giving a little something back to them. Hell, I browse the web through the Junkbuster Proxy [junkbusters.com], and Google is one of the few sites I allow to set cookies on me. The Google guys seem pretty trustworthy, and until I learn otherwise I'm going to just use their toolbar and enjoy it.
  • I don't know about anyone else here, but I used a casual surfer's simple logic to tell wether or not to install the advanced stuff or not when I tried this 2 days ago:

    Google's a cool company. It has a linux based search, doesn't have big ads on it, it's fast, it does it's job well. It seems to do this with python too (although the pages doing the installation had a .php extension) IIRC. Most importantly, nothing I know about google tells me it's going to misuse my data.

    So I installed the advanced stuff.

    On the other hand, two surfings later I mistyped a URL in ie (I don't usually use this browser) and it went off to msn.com or something similar, presumably to log loads of stuff to some unknown place, and from there figure out where I was probably trying to get to.

    Now I don't like microsoft very much. So I stopped surfing and went back to doing my visual c++ coursework!

    So regardless of what the advanced options actually reveal to google.com about me, clickwrapping or not, I would more readily reveal them to a company I have more reason to trust.

    But if anyone ever tells me that google is no longer to be trusted (and backs this info up accordingly) I'll think twice.

Slashdot Top Deals

"Little else matters than to write good code." -- Karl Lehenbauer

Close