Trust in Google?

In the eleven years since Google’s debut, its influence and power has expanded exponentially to the point that it is now the principal gatekeeper of knowledge on the internet.  It has earned the trust of its users by providing relevant, unbiased results, and by using the data they collected with discretion and care.  The recent and alarming announcement by Google CEO Eric Schmidt makes one wonder if this trust has been misplaced.

A side effect of Google’s dominance in the web search and advertising markets is that they collect information on users’ interests and habits to an extent that is entirely unprecedented.  By linking together information about what you search for and what you click on in the search results, a basic profile can be built.  Thanks to the near omnipresence of Google Adwords, details of other pages that you visit can be added to the profile even if you don’t use Google’s search capability.  If you use Google’s mail or other services, the data will be linked to your name, and your emails will be analysed to further complete the picture.  The data is tracked between browser sessions and is accumulated over months and years.

Despite all of this and the increasing concerns of privacy advocates, Google has earned the trust of users.  “Don’t be evil” was an early motto, likely in response to the monolithic software firms of the day that had regularly abused the trust of their users.  So far the profile information has been used simply to increase the relevance of search results and advertising for users.

The bubble burst when Google CEO Eric Schmidt said last month during a television interview “if you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place".  He goes on to explain “But if you really need that kind of privacy, the reality is that search engines – including Google – do retain this information for some time. And it’s important, for example, that we’re all subject in the United States to the Patriot Act ... it is possible that that information could be made available to the authorities”.

The comments reveal an extremely casual attitude to privacy that is completely at odds with the optimistic but widely held belief that Google was the trustworthy champion in a cast of villains.

So is it a problem if we can’t trust Google?  How are they different to any other firm (including ones that don’t profess to not be evil), and surely there are privacy laws that protect us?  Well, it is a problem, because no firm or government has ever possessed the capacity to collect and analyse information on the scale and with the accuracy that Google does, and privacy laws did not anticipate this concentration of power.  Other search engines also collect this information, but none can build as accurate a picture as Google thanks to its crossover into online advertising.

The reference to the Patriot Act is also important – it allows U.S. authorities to obtain the search or profile information from Google and other search providers, and the privoder cannot reveal that the information was ever requested.  U.S. authorities therefore have full access to everything Google knows, which many people believe is more personal information than a government should have.

On a personal level, one might be worried that a firm with a carefree attitude to privacy can determine what medical conditions you have.  But what does this mean for compliance teams?  Perhaps bear in mind that U.S. authorities can now ask question like “What search terms has firm X used in the last year?” in the hope of finding client names; or “Has anyone from an offshore jurisdiction searched for person Y more than twice” in the hope of finding a firm undertaking periodic reviews; or even “Which firms have shown an interest in at least three people on this list of suspected tax evaders”.

There is now no doubt that detailed profile information is regularly used for private and government ends, and Eric Schmidt has openly declared that he takes no responsibility for your privacy, and that it is up to you to change your behaviour.  The powerful technology that gave us search also works in reverse, and it has been pointed right back at its users.

RiskScreen allows users to search Google securely without leaving a footprint.  You can access RiskScreen simply by signing up to the KYC360 Community for free. RiskScreen also searches OFAC and HMT sanctions list. If you would like a demo please contact us.

• Show All Hot Topics

Member Comments

Sign in or join the community and be the first to leave a comment!