Googles Privacy Invasion: Its Your Fault

  /     /     /  
Publicated : 22/11/2024   Category : security


Googles Privacy Invasion: Its Your Fault


If we really wanted privacy, we would turn off JavaScript, block ads, and browse in privacy mode through an anonymous proxy. But we would rather have free services.



Google stepped in it, again. The company was caught bypassing the privacy settings of those using Apples Safari Web browser, which unlike other major browsers blocks third-party cookies by default. Google, like just about every other online company, relies on cookie files to improve ad relevancy, to identify users, and to deliver online services.
The
Wall Street Journal
, which Friday
broke the story
as part of its ongoing investigation into online privacy, reports that Google, along with at least three other advertising companies--Vibrant Media, WPP PLCs Media Innovation Group, and Gannetts PointRoll--exploited a loophole in the browsers privacy settings to place a cookie file on OS X and iOS devices such as iPhones using Safari.
The incident has prompted Consumer Watchdog, a consumer advocacy group critical of Googles privacy practices, to call for intervention from the Federal Trade Commission. Another consumer advocacy group, the American Consumer Institute, said, Google’s willful disregard for the privacy choices of consumers and the privacy policies of Apple is a new low even for Google.
Google insists the
Wall Street Journal
report mischaracterizes what happened and why. The company says it used known Safari functionality to provide features that signed-in Google users had enabled and that it did not collect personal information.
[ Google has been under fire for its planned privacy policy change. Read
Google Rejects EU Request On Privacy Policy Consolidation
. ]
Google hasnt helped its case by ceasing to use the HTML code that overrode Safaris default behavior. That looks like an admission of guilt. But lets step back for a moment and examine the situation.
The American Consumer Institutes contention Google willfully disregarded the privacy choices of consumers and the privacy policies of Apple isnt accurate.
Google disregarded the privacy choices of Apple, which chooses to block third-party cookies by default in its browser. And Google has nothing to do with Apples privacy policies, which describe how Apple handles customer data.
Google argues that it manipulated Safari to resolve contradictory browser settings. Safari blocks third-party cookies by default. At the same time, Apple has implemented exceptions to Safaris third-party cookie blocking to allow social features like the +1 button to function.
Rachel Whetstone, SVP of communications and public policy, said in a statement that Google deployed its workaround code to enable features for signed-in Google users on Safari who had opted to see personalized ads and other content--such as the ability to +1 things that interest them.
The fact that other Google cookies got set, Google insists, was accidental. The Safari browser contained functionality that then enabled other Google advertising cookies to be set on the browser, Whetstone explained. We didnt anticipate that this would happen, and we have now started removing these advertising cookies from Safari browsers. Its important to stress that, just as on other browsers, these advertising cookies do not collect personal information.
Were it not for the fact that Googles advertising cookie opt-out help page stated explicitly that Safaris default setting was the functional equivalent of opting out, Googles explanation might suffice.
But rewind now to the July 2011 release of OS X Lion. With Lion came Safari 5.1, which included for the first time
third-party cookie blocking by default
.
Could Apples decision to block third-party cookies by default have been influenced by its competition with Google, a company that depends on advertising and cookies? John Battelle, who runs advertising company Federated Media and has written about Google for years, suggests as much
in a thoughtful blog post
. Might it be possible that Apple is using data as its weapon, dressed up in the PR friendly clothing of privacy protection for users? he asks.
Indeed, its possible.
But Apple is too clever to be caught taking direct action to hinder its competition without plausible deniability. The company has recognized that justifying its actions by claiming security, privacy, or user experience benefits will make almost any change acceptable.
Apples refusal to support Flash on iOS devices represents an example of this. Its claims about security and performance issues affecting Flash on mobile devices were fair enough. But by shunning Flash, Apple achieved a business benefit: It crippled a competing development platform.
Apples Gatekeeper in its forthcoming OS X Mountain Lion offers another example. Apples next Mac operating system will block the installation of apps from third-party developers without an Apple Developer ID by default. This is perfectly justifiable on the grounds of security (even if it undermines Apples previous assertions that malware isnt a problem on the Mac). But it will also serve to reinforce Apples control of the OS X software sales channel.
Apples decision to block third-party cookies by default has extra cover: The RFCs that define how browsers should handle cookies indicate that third-party cookies should be blocked by default. The major browser makers have not followed this recommendation, choosing instead to rely on P3P, an automated mechanism for communicating privacy preferences thats generally seen as a compromise between privacy ideals and business needs.
If we accept Googles explanation that this was an accident at face value, and assume that Apple too is blameless and only wants the best for its users, what are we left with? Is the
Wall Street Journal
too hard on Google because its owner, Rupert Murdoch,
thinks Google steals content
, and perhaps
goes easy on Apple to secure better access to exclusives
? Are consumer advocacy groups focused on Google because Google bashing makes headlines, which help with fundraising?
No, lets put the blame where it belongs, on us, the users of the Internet. We rely on free services like Gmail while insisting on privacy, a term that we
probably cant even define
to our collective satisfaction. We accept terms of service contracts and privacy policies that explain in excessive detail how we will not get privacy, how our information will be used, and then we object.
So instead of privacy, lets talk about control. You do have some of that, still. Make some choices about how your information will be used--because it will be used--instead of accepting default settings.
If you object to the way Google does business, use ad-blocking software.
This is what the Electronic Frontier Foundation
recommends, at least until Google implements
Do Not Track
in Chrome. Perhaps everyone will follow this advice, Google will collapse, and then we can all just go back to fee-for-service computing. How does a $0.25 per search and $99 for an Android 5.0 upgrade sound?
Heres to hoping that Google offers a paid membership option that disables all information collection and advertising across all its services. Then we will finally be able to see what the absence of privacy is worth.

As enterprises ramp up cloud adoption, service-level agreements play a major role in ensuring quality enterprise application performance. Follow our four-step process to ensure providers live up to their end of the deal. Its all in our
Cloud SLA
report. (Free registration required.)

Last News

▸ CryptoWall is more widespread but less lucrative than CryptoLocker. ◂
Discovered: 23/12/2024
Category: security

▸ Feds probe cyber breaches at JPMorgan, other banks. ◂
Discovered: 23/12/2024
Category: security

▸ Security Problem Growing for Dairy Queen, UPS & Retailers, Back off ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Googles Privacy Invasion: Its Your Fault