Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
×
Privacy Businesses Google The Internet Data Storage Your Rights Online

Finding Fault With Google's Privacy Policy 155

orenh writes "Viacom has recently obtained a court order that requires Google to hand over a complete list of every video watched by YouTube users. These logs will include the login names and IP addresses of the users. Google are now asking Viacom if they can anonymize the logs before turning them over; Viacom hasn't responded yet. But this privacy nightmare could have been greatly reduced if Google had anonymized the data in advance. Google's privacy policy states that they keep personally identifiable information for 18 months. There is no real reason to do so; Google can achieve everything they need even if they anonymize their search logs after just one month, and it's time users told them to do so."
This discussion has been archived. No new comments can be posted.

Finding Fault With Google's Privacy Policy

Comments Filter:
  • Two months from now (Score:2, Interesting)

    by Anonymous Coward

    US Courts are going to be brought to their knees as Viacom files 100 million copyright infringement lawsuits. On a side note, they will also be able to sell the information so that the government knows who likes to watch communist or anti-government videos.

    • I don't see how they can really blame youtube viewers for watching contents. Uploaders, maybe.
      • They can't and won't. Apparently these guys fear that Viacom's outside experts will ruin their careers and get themselves in trouble with the court by publishing a list of everyone who has ever watched a Hello Kitty porno clip.

    • US Courts are going to be brought to their knees as Viacom files 100 million copyright infringement lawsuits. On a side note, they will also be able to sell the information so that the government knows who likes to watch communist or anti-government videos.

      lol. Dont you know that the US government is as socialist as the commies used to be?

    • US Courts are going to be brought to their knees as Viacom files 100 million copyright infringement lawsuits.

      This could be a very good thing, as maybe the courts will see the folly of the current laws.

    • .. they remove anything connecting the video usage log to users. That includes name, mailing address, email, and even IP address.

      I work in the health insurance/medical industry, and we're generally expected to do this if we need to provide information to third parties for analysis. (They -heavily- regulate it, and the removal of personal member information is only the tip of the iceberg as far as these regulations go.)

      If Viacom insists on keeping personal user information in the data set, then I honestly th

  • by wellingtonsteve ( 892855 ) <wellingtonsteve@gm[ ].com ['ail' in gap]> on Saturday July 05, 2008 @04:53PM (#24069873)
    ...why keep identifiable logs in the first place?
    • by nospam007 ( 722110 ) on Saturday July 05, 2008 @04:59PM (#24069927)

      and why not keeping them in a country where privacy still means something, so that no US judge can touch them.

      • by Nom du Keyboard ( 633989 ) on Saturday July 05, 2008 @05:12PM (#24070015)

        and why not keeping them in a country where privacy still means something, so that no US judge can touch them.

        That didn't mean much to one European BitTorrent tracker site who was ordered by U.S. judges to turn over all access logs where the site didn't even keep logs to start with. The judge said in his infinite wisdom that because the data existed in RAM at some instant that the logs were required to be created and then turned over.

        While I respect the USA law within the USA, I despise when judges attempt, often with too much success, to enforce it outside of the USA. And not just data laws. We enforce US sex laws in other countries to criminalize behavior completely legal there. This Is Wrong!

        • We enforce US sex laws in other countries to criminalize behavior completely legal there.

          What crazy thing are you gonna say next, Iran is a hostile foreign influence in Iraq.

      • by gunnk ( 463227 ) <gunnk@mail . f p g . u n c . edu> on Saturday July 05, 2008 @05:13PM (#24070021) Homepage
        Because it doesn't matter where the logs are housed as long as Google does business in the U.S.. Housing them elsewhere does not make them immune to a court order.
        • by mysidia ( 191772 ) on Saturday July 05, 2008 @09:36PM (#24071935)

          The records could have been unobtainable by the US division of Google.

          For example, the records in the "safe" country would be owned by an independent subsidiary, such that the related company (Google) wouldn't have direct executive authority to force the other company to release the records.

          Because they're independent companies and Google has no legal authority to force an outside company to do anything.

          Google could then request the records, but the data storage company could refuse to approve the request, and there would be no way for Google to force the other company to provide the information.

          Because the use and manner which the records could be accessed would be spelled out by some binding agreement.

          Limiting the volume of records that could be requested at any time, limiting the allowed uses for every record, and requiring them to be destroyed a short time after loaded.

          And for google to "request all the records" from their separate company formed to hold the records would be an operation requiring special permission, extensive justification, and full disclosure, regarding reasons for the request, which the board of the other company would have to vote on (after researching to guarantee that Google is not possibly under any kind of duress in making the request, to release information).

          Also, the company in the foreign country could be prevented from illicitly disclosing records, by having each log line independently encrypted.

          The US-based Google would have the decryption keys but not the data.

          The foreign "record storage company" would have the logs, but no means to decrypt them.

          Or alternatively, the logs would have been produced in a split binary format:

          The US-based Google would have half the information; the foreign "data storage" company would have the other half --- and no individual record could be obtained without bitwise XOR'ing all pieces together.

          And there could be more than two pieces: there could be more than 1 subsidiary that has to agree to any massive information release request.

          • If something is subpoenaed, you bring it to the judge, or you are in contempt of court. It's simple, really.
          • by volpe ( 58112 )

            IANAL, but it seems to me that the terms "independent" and "subsidiary" are mutually exclusive. If there is a common parent company, the parent company is doing business in the US via the subsidiary in the US. So you just order the parent company to produce the logs. And if they have to demand it from the other subsidiary in another country, that's an "implementation detail" that is of no concern to us.

          • If some data in the logs is encrypted then to be used it would have to be decrypted. If done right this would mean that it would be easy (provided the keys) to decrypt individual records but would be practically impossible to access the "private" data in a high percentage of the records (while bulk data and data that does not identify a person can be accessible without decryption so the logs can serve their purpose). This way Google (and anyone else storing logs) can keep the bulk data they need, the privat

        • Isn't it that Google has to have a physical building in the U.S. personally owned by them for Google to be affected by U.S. law? (yes, I realize they do, I'm just double checking)
      • why not keeping them in a country where privacy still means something

        The video privacy protection act [cornell.edu] should be immediately amended to include support for Internet video services.

        • a good lawyer could make an argument from section (a)(4). "similar" could be interpreted as broadly as you like, and "delivery" implies an actual purchase need not be made.
    • Re: (Score:3, Informative)

      by ILuvRamen ( 1026668 )
      So they can suggest youtube videos based on what we watched before. That and I bet they're gonna figure in to the suggested videos what we've searched for in the past through the regular google search engine, which btw is A HORRIBLE IDEA. Plus, duck and cover if the executives don't get pretty statistics reports with colorful graphs that show what people watched from different locations determined by IP. I guess you could somewhat anonymize the stats needed to generate that but that's just extra work for
      • Is there no way to do that without Personally Identifiable Information?

        • by jeiler ( 1106393 )
          At some point in the line, personally identifiable info must be used. It can be "hidden" in a database, but they have to have the username and email address to set up the account. Even if they immediately anonymize the records, the original identifiable info must be kept available somewhere.
      • Re: (Score:3, Insightful)

        So they can suggest youtube videos based on what we watched before

        If they really wanted to, they could still manage this.. encrypt the logs with your youtube account password, and then then using the Ajax/Zero Knowlege App ideas that we had an article about the other day (http://yro.slashdot.org/article.pl?sid=08/06/30/1416238), ensure that decryption of that data in done at the user end...

        • Google does not want to use zero knowledge apps for anything because in addition to using the user information to make recommendations to keep users on their site longer, they use it to decide which ads to display. Also, I am not sure how well zero knowledge concepts mix with search applications where the server is basing its decisions on a huge index.
      • Re: (Score:1, Funny)

        by Anonymous Coward

        Aw damn. Now Viacom knows every bit of strange porn I've watched.

        Uhh you've anonymized this, right Slashdot?

      • by rtb61 ( 674572 )
        More likely the google marketdroids and psychologists can set up an automated process for analysing a person viewing preferences in order to more effectively manipulate the viewers choices via psychologically targeted marketing. The googlites a very big on accessing every bit of information about you they can, including which advertising campaigns in the past have effectively altered your choices so they can target that style of add at you in the future.

        This time around google seems to be rolling over and

    • Re: (Score:3, Interesting)

      To cover themselves legally. The issue of whether YouTube and other similar sites are responsible for the gazillion copyright violations that occur there is legally still up in the air. This Viacom lawsuit should hopefully clear it up but until then Google's position is that they are doing everything they can to prevent copyrighted materials from being posted. Keeping the logs helps them keep up that pretense - they can cooperate if need be and identify the violators etc. They have no legal requirement to g
    • by Cyberax ( 705495 )

      Personally, I like to be able to find a video which I watched yesterday to send link to a friend.

      A month is about the maximum time when such viewing history is useful.

      • Re: (Score:3, Insightful)

        by jlarocco ( 851450 )

        Personally, I like to be able to find a video which I watched yesterday to send link to a friend.

        You do know your web browser has a history and bookmarking system, right?

        • by Cyberax ( 705495 )

          I use several computers (at home and at work). Of course, I can use online bookmark synchronization service (I'm too lazy to setup my own bookmark server) but this kinda defeats the whole idea of privacy.

    • Because if they didn't have the logs, they would be ordered to turn them over anyways and then be charged with destruction of evidence? Especially as the lawsuit has been going on for a while, so they *may* have been required to at a minimum keep the logs since the lawsuit started.
    • By the way this was written WAY too many people are going to think this. Especially the tech illiterate. Records are needed NEEDED for security. If you have ever run a server or even a chatroom you'd know this. What happens when people spam youtube? Oh i know they do but thats WITH tracking bad IPs, without it would be much worse. How about people that post porn. Or people DDOSing them. IPs are a useful tool.

      Try not to give Google so much shit about this. The REAL problem isn't Google, its Viacom a

  • It doesn't matter what the users try to "tell them" to do. There are meetings going on now to get a worldwide consensus on piracy issues. One outcome will be the stripping away of all anonymity at sites where registration is required. The US will pressure .europe to go along and eventually they will cave, privacy laws be damned. ISPs and online services won't have to worry about anonymizing their logs or even storing them once the government sets up central logging servers that will be fed directly by t

  • In soviet America, corporations tube you!

  • by Nom du Keyboard ( 633989 ) on Saturday July 05, 2008 @05:05PM (#24069959)
    Google has just been stupid here about privacy, and now it's coming home to roost in a very public way.

    The problem is that we I.T. people are Data Hoarders. Even if the data isn't useful today, or at all useful into the foreseeable future, we still hang on to it. And we save every detail we can just to prove how clever we are to have been able to discover it in the first place. (Note: P2P program writers are the same, and that's how Media Sentry can tell you so much about filesharers they discover on the Internet right down to the full directory paths of files.) Now if storage wasn't so d@mn cheap we wouldn't have this habit, but Moore's Law applied to disc drives means we no longer have to store 2-digit years and have Y2K problems. We have these problems now instead.

    This is why the RIAA is able to use IP addresses combined with timestamps to identify ISP account holders. It doesn't identify any actual copyright infringers, but they don't care as long as they have somebody to sue. If these logs were deleted after 3 days this whole RIAA mess would have been a non-starter.

    We just have this compulsion to hang onto everything because we can, and perhaps with the faint hope that somewhere down the line we'll be able to show extreme cleverness to our PHB's when they ask some inane question like, "Duh, how many unique IP addresses have accessed our website since 1991?" and we'll be able to say, "Give me 10 minute and I'll let you know (wag tail)."

    Chances are that Google themselves has never had to follow-up on an IP address to identify a user for anyone except the Chinese government and/or the NSA, neither of which are our friends. The first poster who asks why they keep this at all, let alone weren't anonymizing it long ago has it right. This is hardly the first time Google has had to turn over access records so they certainly know that it can and will happen.

    Don't be evil at Google seems to mean don't destroy data you never needed in the first place in the event that some government we want to keep as our friend might want it. But now we find out that more than just governments can get to it with baseless suits and moronic judges.

    • by Threni ( 635302 )

      > We just have this compulsion to hang onto everything because we can, and perhaps with the faint hope that somewhere down the line we'll be able to
      > show extreme cleverness to our PHB's when they ask some inane question like, "Duh, how many unique IP addresses have accessed our website since
      > 1991?" and we'll be able to say, "Give me 10 minute and I'll let you know (wag tail)."

      You can speak for yourself with all you `we`s. It only takes a few seconds to understand that unless you're going to use

      • And how long do you think it would take to crack a mere 4.3(rounded off) billion possible combinations for a hash that's watched a given music video 37 times, or even the one that uploaded it?

        Now, I don't know about you.. but my tiny little computer can run over 6 million attempts on the RC-5 challenge per second, in the background.. putting me at 12 minutes to go through ever IP address out there.

        Ontop of that, I'm pretty sure the RC5 challenge is a more complex hash then the one mentioned here.

        With how a

    • The problem is that we I.T. people are Data Hoarders. Even if the data isn't useful today, or at all useful into the foreseeable future, we still hang on to it. And we save every detail we can just to prove how clever we are to have been able to discover it in the first place.

      I'm afraid the above is not unique to IT.

      Check with your accounting department and ask them how long they, or the auditors, retain data, and how much of it they keep. You'll get similar answers (with varying reasons) from the folks in

      • Check with your accounting department and ask them how long they, or the auditors, retain data, and how much of it they keep.

        IIRC Tax laws require all records that involve 'your' taxation to be retained for 7 years just in case they decide to audit 'you' (and by 'you' I mean any person or entity who deals with the tax man). So, some of that retention is done by a legal requirement, even if that requirement is the case you might be audited in 6 years from now.

    • by DigitAl56K ( 805623 ) * on Saturday July 05, 2008 @06:33PM (#24070635)

      Viacom do not need this information. Any of it. At all.

      Viacom, as I understand, want to show what percentage of YouTube content views are of Viacom content. In order to accomplish this all they need to do is provide Google with a list of content IDs, which they would need to have if they themselves were to perform the analysis anyway, and then to allow Google to provide a count of views for each of these pieces of content versus the total of all other content views for the same period.

      Done. Mission accomplished. No private data changes hands.

      I personally cannot comprehend how a judge ruled that privacy issues resulting from this are "speculative". You are essentially handing over information on millions of people on what content they watched, uploaded, commented on, rated, tagged, etc. to a media company, without need. This information is also the foundation for YouTube's business being handed over to a competitor.

      The judge says it's speculative? I say remove the judge for willfully violating the privacy of millions of citizens and foreign nationals.

      I would also like to know how the judge has completely ignored the Video Privacy Protection Act [privacilla.org]? If it's on the Internet suddenly all privacy concern automatically goes away, even if you're engaged as a customer of a company with a published privacy policy offering you many protections?

    • by Morgaine ( 4316 ) on Saturday July 05, 2008 @06:54PM (#24070769)

      > Google has just been stupid here about privacy, and now it's coming home to roost in a very public way.

      This is true, but it's not the worst of it.

      Much, *MUCH* worse is that the judge has imposed on Google a legal ruling that the RIAA must be wetting themselves to obtain. And of course, these records will go straight to the MPAA, despite the contraints placed on their use.

      This is either a case of extreme naivete on the part of the judge in ignoring the privacy ramifications in his incredible ruling, or quite possibly a simple case of corruption. Such naivete would be so incredible in a judge that isn't senile, that corruption has to be far more likely.

      As for Google, their lawyers should have IMMEDIATELY said to the judge "Our client cannot do that, on privacy grounds. Google's duty to protect the privacy of millions cannot be dismissed by a legal ruling." Judges are not omnipotent, even when some of them think they are.

    • Write to google here [google.com] and ask them to change their privacy policy.

      I wish this lawsuit and its implications get more publicity in the mainstream media.

  • by guanxi ( 216397 ) on Saturday July 05, 2008 @05:07PM (#24069975)

    Google clearly should have anticipated this. Governments have requested/required info on individual users before, as has been posted many times to /. For some countries, Google even moved user data off-shore, to protect it. Privacy advocates warned of this problem happening.

    Google's rule is 'don't be evil', as long as it doesn't interfere with business.

    But the problem isn't Google, it's us. We keep using Google, though we knew about the risks and problems. The day a company risks significant revenue over privacy, is the day they will pay attention to it.

    We have met the enemy and he is us.
    http://en.wikipedia.org/wiki/Pogo_(comics)#.22We_have_met_the_enemy.....22 [wikipedia.org]

    • Re: (Score:2, Insightful)

      what kind of perverse reasoning is that.

      It reminds me of battered wife syndrome.

      "he's beaten my face to hamburger for the 15th time officer, but I don't want to charge him. After all, i was the one who pissed him off, I just need to stop pissing off my husband so he won't take the food processor to my left hand anymore"

      • Re: (Score:1, Insightful)

        by Anonymous Coward

        So you married a potentially violent psychopath;

        Because you thought he was charming and strong. That he would protect you because you made him feel good.

        "he's beaten my face to hamburger for the 15th time officer.."

        No, it's not that bad yet. Right now he's at the stage of coming home late. Drinking too much and getting high. He doesn't seem to respect you the way he used to and once or twice you've seen a flash of violent intent in his eyes. Next comes the first slap. The question is, when does the tipping

      • No. Using Google is optional. Being beaten is not.
    • by Televiper2000 ( 1145415 ) on Saturday July 05, 2008 @07:26PM (#24070981)
      Why do I feel like I'm the only person that takes "don't be evil" with a grain of salt. Google has been a great corporation because they understood people on the Internet and how they wanted to be treated. But, they also use that knowledge when they calculate how far they can push the envelope. "Don't be evil" has translated into webmail accounts with massive amounts of space, web ads that's don't flash or pop-up, and a search engine who's front page maintains the very bland basic HTML feel. Now people dream of Google being the great fixer in any industry that has annoyed them over the years.
    • Re: (Score:3, Interesting)

      oh yes, exactly. Google is zee devil.

      They are out to kill us all.

      Seriously, do people thrive on having enemys? Do they find no happyness simply in a group being what they are? Protip; "The Man" isn't out to get you, and all the companys aren't working for him.

      And shall we stop using every service out there, because somewhere, deep down in their closet, is something we disagree with?

      If so, I'm going to assume you're posting to /. from your wooden cottage on a privatly owned island that you fo
      • Re: (Score:3, Funny)

        by 4D6963 ( 933028 )

        Noooo, don't you understand?! Big corporations aren't just out there to offer products and services for the sake of profit and growth! Of course you think Google's services are great, that's what they *want* you to think! In fact all these nifty services are a honey pot so that you go there and give them your IP address and let them store which video you've watched to hand it all over to the evil government! Capitalism is evil, and corporations and this government are capitalistic!! OMG Karl Marx to the res

    • by ktappe ( 747125 )

      the problem isn't Google, it's us. We keep using Google, though we knew about the risks and problems.

      Give me a break. The small % of elite users who read /. know about logs, but 99% of the public has no idea. They just click the "Watch the cute kittez in this video" link that their cousin e-mailed them. They have no idea YouTube is associated with Google, what a log is, or who Viacom is. And it's not as if that info is clearly presented to them when they click forwarded YouTube links. Heck, I'm a sysadmin and I certainly don't recall ever clicking a YouTube agreement stating "Your viewing habits on this pa

      • Re: (Score:3, Insightful)

        by guanxi ( 216397 )

        Agreed, end users shouldn't know every privacy policy. It's impractical.

        But they could press their legislators to pass laws that protect privacy. I don't think it's important enough, yet, for most people.

  • This is the scary thing about the direction things are going in the world, with the Internet in particular. The Internet was supposed to be the vast equalizer, but instead, with all kinds of clueless governments and corporate overlords who dream up ways to take advantage of people, the Internet is turning into another tool for the powerful to control the masses. This example with Viacom and YouTube is one good example. It's obvious to me that they obtained the court order to get the information on every You
    • by mikael ( 484 )

      There is always the defence of "I share my broadband connection with my flatmates using a wi-fi router. It wasn't me - it was someone else."

  • by John Hasler ( 414242 ) on Saturday July 05, 2008 @05:19PM (#24070077) Homepage

    ...if you don't have a Google login name. Google search works just fine without one. It even works fine without any Google cookies.

    • But they still have your IP address. Which yes, is not as personally identifiable as a username, but it is identifying enough to get sued by the **AA. Also this is not talking about google searches, but youtube searches.
      • > But they still have your IP address. Which yes, is not as personally identifiable as a
        > username, but it is identifying enough to get sued by the **AA.

        Why would the **AA sue me? I've never uploaded, downloaded, or sideloaded any of their stuff. They have nothing I want. If they sue me it will be because they fucked up and confounded me with someone else.

        > Also this is not talking about google searches, but youtube searches.

        So you have to be logged in to do a YouTube search?

        • Re: (Score:3, Insightful)

          Why would the **AA sue me? I've never uploaded, downloaded, or sideloaded any of their stuff. They have nothing I want. If they sue me it will be because they fucked up and confounded me with someone else.

          I guess you missed the many, many slashdot articles about them doing exactly that.

        • If they sue me it will be because they fucked up and confounded me with someone else.

          And you're comfortable with this, seeing as they've proven that they always have a good reason to sue and never make any bad assumptions about technical details.

          Right?

    • You still have a IP address, even if you have no login or cookies.
  • In March 2008 I watched Rick Astleys music video Never Gonna Give You Up

    I heard about the video, and willingly went and viewed it. It was me, just me, officer!

    go tell a shrink, sicko

  • Better idea (Score:1, Interesting)

    by Anonymous Coward

    Delete the logs after one month. The fact that the AOL search data leak only identified searches with random numbers did not prevent the New York Times from successfully identifying individuals.

    • Re:Better idea (Score:4, Interesting)

      by zappepcs ( 820751 ) on Saturday July 05, 2008 @05:45PM (#24070283) Journal

      There is an interesting tie in here to something I've promoted all along: If the last mile was owned by cooperative groups (meaning NOT ISPs) then they could pool the IP addresses assigned in a random, and meaningless way. That is to say that if 237 people in a housing association were sharing DHCP IP addresses through a server system with enough bandwidth that many ISPs could hook up and serve out email and other services by user, it would be possible to hide the end user IP. Then any stats by Google or others would apply to the group, not an individual. Share that cooperative environment out amongst all the people of your neighborhood or town where the number is now thousands or tens of thousands and the problem of privacy becomes less of a concern.

      Only when there is centralized control of Internet usage is there a privacy issue. Imagine being part of a cooperative with 34 connections to various ISPs, and all of the 12000 users in the cooperative using something like TOR. Standard Internet browser usage would be anonymized completely. The idea that you should be identifiable comes from the fact that there is a way currently to identify you. If your packets arrived to the greater Internet backbone from more than one source and more than one IP, it would be anonymous, and the 'grid' would be truly that. If you and 14999 of your friends decide to make a mesh network using wireless and landline connections at each node, it would be impossible for anyone to identify your network habits. It would also be nearly impossible to cause a network-only outage. Power loss could still be catastrophic. My point is this, if you truly want anonymity, you have to work hard for it. Most people don't want to. Consequences of that are inevitable, unavoidable, costly.

      I believe that this *IS* the answer to the problems of network neutrality. Force the powers that be to accept that they cannot regulate private networks by building our own outside of their useless understanding of how things work. When they finally discover that they cannot regulate, things will change a bit. I'm all for calling it a patriot network... might be over the top a bit, but we all need to start creating them.

  • by Anonymous Coward on Saturday July 05, 2008 @05:28PM (#24070157)

    just say they were 'lost' and that the backups were destroyed or lost due to shady backup practices. works for the White House.

    • Even better, just say the only copy was on a laptop that was accidentally left on a commuter train at the London railway station of your choice.
  • I use clusty.com [clusty.com] for searches. The results seem to be of the same quality as google's, and their privacy policy is much better.

    Now I just need a good way to access usenet. My ISP dropped usenet access last month. I tried buying access from octanews.com, and they ripped me off (currently going through the chargeback process with the credit card company). So now I'm the proud owner of the email address ineverreadmailsenttothis@yahoo.com, which I used to register a google account so I can post on usenet via g

    • You could go with a binary news provider like Astraweb. Spend $10 to get 25Gb of downloads and it'll last you forever if you're only using text.
    • Anyone know a good company to buy a cheap block access (*not* monthly) usenet account from?

      I don't know what you mean by "block access" but I get excellent service from Newsguy [newsguy.com] for $40/year. They offer a number of different plans at various rates.

  • This demand indicates to me a dangerous precedent is being set. This court is indulging in a fishing expedition ordered by Viacom, with no concern for the 4th Amendment. It indicates to me that corporations will be able to obtain orders for the indiscriminate dissemination of all logs collected by any Internet provider at any time. A U.S. court wouldn't grant the government this much power, yet a court will gladly bend over to corporation in the name of the I.P. crusade. This is enough to make a free-market
  • The fact that every video you watched on YouTube is now in the hands of a crooked bunch of corporate lawyers should occurr to you.

    This finally drives the stake through heart of the Internet. I've stopped using it for meaningful work. I'm off line. Yeah, I'll post a rant on /., but all research, all class work, etc is off-line. USB drives are cheap enough.

    Prof Allen
    MIS, COSC, BCIS, etc.

    • We'll miss you. Terribly. Just terribly.

    • by 4D6963 ( 933028 )

      The fact that every video you watched on YouTube is now in the hands of a crooked bunch of corporate lawyers should occurr to you.

      OMG! They know you've watched Never Gonna Give You Up!! You're screwed pal!!! Run and hide!!!!

      all research, all class work, etc is off-line

      Wise choice sir! Cause if they find out you googled for anything vaguely related to electronics or chemicals, you're good for Gitmo, buddy!

  • Viacom wants the logs of the people that watched every Youtube video, but not the logs of the people that uploaded videos that violate Viacom IP? Which means that even people who didn't watch videos that didn't violate Viacom IP like stuff people create via webcameras or video cameras and then upload to Youtube will become part of some Anti-Piracy lawsuit by Viacom?

    This all sounds like more MAFIAA scams like suing grandmothers and 13 year old girls because they happened to get a dynamic IP assigned to them

  • by btempleton ( 149110 ) on Saturday July 05, 2008 @06:09PM (#24070445) Homepage

    It is a mistake to think you can anonymize this data. Sure, you could strip everything out of the data, but then you would just have public information, since youtube will tell you how many views each video has already. So I presume the people who want to "anonymize" think they will, like the AOL logs, give pseudonyms to people.

    I can think of many problems. For example, there are tons of videos on youtube that are never accessed except by the uploader and a few friends. Pretty easy to identify who the likely uploader is from the records, and thus identify a user. Or even if you never upload, a lot can be learned. For example, somebody looking for my records could first see what youtube videos have me in them. Most people have probably searched for their own name, and as such this is a clue as to which user is probably me.

    And this is what I can think of in 2 minutes. With more time a lot of other things can leak.

    • by mysidia ( 191772 )

      It's a safe-facing measure. Anonymizing usernames only marginaly enhances privacy.

      They claim the logs won't contain personally identifying info but will contain ip addresses

      This is self-contradictory!

      An ip address IS personally identifiable information.

  • by EEPROMS ( 889169 ) on Saturday July 05, 2008 @06:12PM (#24070465)
    The world will find out about my Thomas the Tank engine fetish....
  • If everyone's search records and IPs are made public this thwarts the value of Viacom becoming privy, via rather underhanded means.

  • What's really ironic is that Google is (from what I've heard) anal about anonymizing everything internally. Not only that, but it can take a good while before employees with a good reason to access such data get said access.

    I mean, Google even anonymizes ping logs that employees are going to look at - and I really don't think my ping time is anything that private.

    It's a little sad that this has happened.

  • I am starting to not like google. They are getting too big and beginning to monopolize on the internet. Alot of what they have to say is forked tongue. But in other news.... Listen, I know techies in internet land like to be anonymous. But the fact is, for a number of reasons, anonymity is dangerous. In real everyday life we are not anonymous. People are people and knowing who is who and who said what and who did what is very important when it comes to life. The internet is now reality and a large part of
    • Re: (Score:1, Insightful)

      by Anonymous Coward

      Huh ?

      News papers : People don't know what you are reading
      Radio : People don't know what you are listening
      TV : People don't know what you are watching

      And now... you want it to be different for the Internet? Or do you ?

      • News Radio and TV, nobody is anonymous. They can ALL be traced. If some chuckle head says some crap on the radio or airs a pirated flick then you better BELIEVE that person can be traced. This is not about government infringing on privacy. This is about government using this as leverage to create laws that thwart anonymous internet crap. You better believe that if you have a voice on TV, Radio or in a newspaper that your name will be recorded somewhere before it is printed or aired. No different than the in
  • by NotQuiteReal ( 608241 ) on Saturday July 05, 2008 @08:42PM (#24071521) Journal
    Of course, I've never posted, so maybe that's why.

    I guess my IP address does ID "me", however. My DSL address changes a lot, but I assume the telco keeps those records... too.

    My cable IP address doesn't change often, I had one IP address for almost 10 years without changing... just when I did a router upgrade it switched.

    And by "me", I mean anyone in my household at the time...

    Not that I have ever seen anything on YouTube that Viacom would want to come after me for. Probably looking for Posters, not Viewers.

  • by shanen ( 462549 ) on Saturday July 05, 2008 @08:50PM (#24071577) Homepage Journal

    Just a sec while I sharpen up my rusty old axe...

    If privacy is to have any meaning, then we need a right to protect our personal information. Well, actually we already have the right, though it's a bit scattered around the Bill of Rights. (Speaking for Americans, and only in theoretical terms as regards the current administration.)

    So what's the strongest form of protection for our personal information? The famous "possession is 9 points of the law". We should possess our personal information and we should have to right to say who can see it, and when.

    Concretely in Google's case, they should offer privacy options whereby all of your personal information would be stored only on your machine. They could still access it, but they'd have to respect your privacy preferences--and you could always change your mind. (Of course the data should be signed to prevent you from tampering with it, but that's a relatively trivial aspect.) I feel like this approach is the only thing that would really give meaning to privacy in the computer age.

    (However, some people would no doubt trade away their privacy for coupon discounts or whatever--but right now we have no choice. Lots of companies (and of course including Google) collect lots of our personal information and treat it like *THEIR* property when it should belong to *US*.)

  • Google History (Score:2, Informative)

    by MikeB0Lton ( 962403 )
    Google does allow you to opt out of their logging. This doesn't fix the privacy issues on the topic, but may keep you out of the record books. http://www.google.com/history/?hl=en [google.com]
  • No reason to do so? (Score:3, Interesting)

    by Gldm ( 600518 ) on Saturday July 05, 2008 @10:15PM (#24072179)

    We may THINK there's no reason for Google to have to keep logs for 18 months, but these days I wouldn't be surprised to find there's some hidden provision of the Patriot Act, or possibly some law we've never heard of, which it's illegal for us to hear of or read in the first place. So maybe there IS a law requiring them to keep it for 18 months, it's just not one the public is allowed to know of until it's used to prosecute them.

    • Re: (Score:2, Informative)

      by ripper234 ( 1189149 )
      The reason Google is keeping logs is to improve search results. If they know what an individual user searches for, they can improve his personal search results and the global search results as well. If you search for "slshdot", don't find anything, and then search for "slashdot", they understand that the first keyword is a misspell of the second. They know which search results you click on, and us it as an indication of the quality.
  • In Google's Defense (Score:3, Interesting)

    by CopaceticOpus ( 965603 ) on Saturday July 05, 2008 @11:37PM (#24072525)

    In Google's defense, they may have legitimate use for these records. Viewing history is clearly important if they want to offer better viewing suggestions to YouTube users. I also wonder if they include this data in their formula for presenting personalised Google search results.

    I'm sure it would be possible for them to get by with only a month or two of records, but consider why it is that Google is so successful as a search engine. They go out of their way to use every source of data they can to optimize their search results. They're not going to just toss out a valuable source of information like this if they can help it.

  • I watched a video on YouTube of Bruce Lee beating the crap out of Chuck Norris

    I hope Viacom don't tell Chuck

  • Why doesn't google play hard

    move all the jobs to another country, it would mean a huge loss to the US economy at a fairly bad time

    they are so big that there are plenty of countries in the world that will want them and the employment they bring and in exchange will provide all sort of guarantees against crap like this

    they can then setup a separate entity to do business in US

  • Just ponder my response on Groklaw [groklaw.net].

  • The last comment on that guy's blog, hit the nail on the head. Email google now, won't do anything to protect us from the judge's insane ruling. Someone needs to go to court and get an injunction. It is going to take money and a lawyer (and an implicit admission that you were probably looking at something you shouldn't have been). I hope someone will do this, b/c otherwise no one's privacy will mean anything.

Think of it! With VLSI we can pack 100 ENIACs in 1 sq. cm.!

Working...