July 3, 2008

Judge Protects Google Source Code, But Not YouTube Users

Remember when Google and Viacom were friends? Ah, those were the days. But not anymore. Over a year ago, Viacom filed suit against Google for the copyright infringment found on YouTube videos. In the latest plot point in the ongoing saga, U.S. District Judge Louis Stanton has ruled that Google can keep its source code secret, but must hand over user logs for the popular video sharing site.

Viacom says it wanted the code to prove that Google could use it to "purposely" find the content in question. Nice try, Viacom. Google's code, of course, is a trade secret. But it's almost a wonder the judge protected the code, because he ruled that Viacom can have access to the user logs. Data to be released includes user names, IP addresses, and videos watched.

Google has often defended its data collection, saying it's not a threat to privacy. It appears the argument worked a little too well on Judge Stanton.

For a history of the Google-Viacom battle, check out these links: Google Fights Back in Viacom/YouTube Copyright Suit Others Join YouTube, Google Copyright Lawsuit Viacom Would Rather Not Sue, Chief Counsel Claims Google to Viacom: Don't Turn YouTube into SueTube

Posted by Nathania Johnson at 10:52 AM | Permalink | Comments (0)

April 10, 2008

Majority of U.S. Adults Uncomfortable About Search Engine Data Collection

A majority of U.S. adults are uncomfortable about search engine data collection practices, according to a survey conducted by Harris Interactive. 59% are uneasy about the ads that are based on search behavior.

Search engines maintain that the targeted ads help them keep services free, and introducing that concept to survey participants did seem to alter the majority opinion. In light of that information, a 55% majority said it was ok after all to have those ads based on collected user data.

But that doesn't mean searchers don't retain some reservation. Only 9% are very comfortable with the ads knowing that they help produce free products, an increase from 7% without that knowledge.

Related Reading: Google Responds to FTC's Self-Regulatory Principles European Group Wants to Cut Search Engine Data Storage Election Year Brings New Efforts to Regulate Search Engine Data Collection

Posted by Nathania Johnson at 11:07 AM | Permalink

November 21, 2007

Privacy Group Takes on Facebook

The latest advertiser to use Facebook's new Social Ads platform may not have been the kind of marketer the company was hoping for. Privacy watchdog MoveOn.org has posted an online petition demanding that Facebook respect the privacy of users by making it easier to opt out of the "Beacon Ads" program, where actions Facebook users take on partner sites are added to their Facebook news feed. The feed is delivered to the user's friends, along with a related ad and the user's profile picture.

The full petition text reads: "Facebook must respect my privacy. They should not tell my friends what I buy on other sites – or let companies use my name to endorse their products– without my explicit permission."

MoveOn.org has also launched a group on Facebook, "Petition: Facebook, stop invading my privacy!." There are currently more than 4,900 members.

Facebook does not offer users an option to opt out of the program, other than eliminating their feed altogether. Users can opt out on a case by case basis with each advertiser.

When a user buys something from a participating advertiser, a pop-up box notifies the user that it will send that information to Facebook, with an option for the user to click "No thanks." If the user doesn't, a message will pop up at their next Facebook visit asking for permission to share that data with the user's friends.

MoveOn.org thinks that's not enough. In the Facebook group, they write: "Facebook says its users can 'opt out' of having their private purchases reported to all their friends. But that option is easily missed. And even if you do 'opt out' for purchases on one site, it doesn't apply to purchases on another site – you have to keep opting out over and over again. The obvious solution is to switch to an 'opt in' policy, like most other applications on Facebook."

More coverage on Techmeme.

Posted by Kevin Newcomb at 9:33 AM | Permalink

November 3, 2007

Your Visitors Appreciate Targeted Ads, Really

Despite all the privacy concerns of late, online shoppers appreciate the benefits of personalized and targeted promotions.

According to an Avenue A | Razorfish study, some 72% of online shoppers find personalized recommendations helpful. In the chart below, only 34% were concerned with privacy -- and that means 66% don’t have these concerns when receiving recommendations.

We do live in a capitalist society, and see ads all day long. Also we are all shoppers, whether literally shopping or not at that moment. So it doesn’t surprise me that so many people appreciate promotions related to their interests or prior purchases.

Publishers and advertisers should gain comfort from these findings. While it would be good to ask these same questions about ads versus recommendations, I think it’s fair to say that targeted ads won’t be a problem for most people. They might really see them as useful instead.

This week, AOL said they will allow individuals to "opt out" of their ad targeting services, which are based on surfing patterns alone. If you extrapolate from this study, then very few people will actively opt out. We’ll wait and see.

Posted by Deborah Richman at 5:07 PM | Permalink

October 28, 2007

Physical Addresses To Aid Online Targeting?

As online marketers, we have the luxury of reaching our targets based on what they search, browse or click on. That tells us a lot about expressed interests. By contrast, physical addresses provide information about the probability of interests.

Recently, Acxiom announced new services (WSJ article, paid access) which actively connect addresses to online ads. When their customers collect addresses online, Acxiom maps them to lifestyle codes and enables ad targeting using these codes.

Where you live speaks volumes, especially to off-line marketers without other insights. You and your neighbors share demographics, media interests and consumption patterns. For example, affluent Texan neighbors may buy parkas for their ski vacations while most citizens never think about them. (Check out your own zip code at Claritas.)

Admittedly these lifestyle code refinements can help *a little* online, but privacy risks may quickly erase the benefits. Any kind of secondary use of addresses is likely to raise concerns from end-users and privacy advocates. I believe this is a case of "we can connect the dots" but at what cost?

October 31st Update:

Regarding privacy, it’s my contention that most consumers don’t really pay much attention to how their cookies are used. Still we should expect people to step forward and identify risks, which happens whenever new marketing data's introduced. In a world where even search engines age out cookies, we are simply in a heightened state of alert.

Today, Acxiom reached us about how they protect the privacy of consumers and their Personally Identifiable Information (PII). These details are worth passing along:

* When a consumer registers on a partner site, Acxiom uses his/her address to assign a specific segmentation cluster code. * This code contains no PII, and consumers are notified that a third-party cookie will be set. * The cookie that is set is completely anonymous and contains the segmentation cluster code. * There is no way for either Acxiom or advertisers to access consumers' PII through the cookies.

Also, Acxiom pointed out that they don’t redistribute addresses in any way. My “secondary use of addresses” was misleading, as I meant the segmentation cluster codes – not additional use of household information. I hope this clarifies for SEW readers.

Of course, I look forward to seeing how Acxiom and others will aid online targeting, as the posting title suggests!

Posted by Deborah Richman at 2:09 PM | Permalink

July 9, 2007

Yahoo, Microsoft To Change Privacy Policies

Pressure from the European Union has Yahoo and Microsoft changing their privacy policies, according to the Financial Times.

"The Article 29 Working Party, a group of national officials that advises the European Union on privacy policy, last month said it wanted to investigate how long companies such as Yahoo and Microsoft keep data on individuals who use their search engines," FT.com reported.

“We are talking to customers, to the industry and government officials about this, and intend to provide an update in the near future which will more directly give the time frame,” said Brendon Lynch, privacy expert at Microsoft.

Posted by Frank Watson at 11:23 AM | Permalink

November 30, 2006

Google Ordered By Another North Carolina Court To Remove Pages

Apparently, North Carolina is going to start a trend of people who get court orders to remove material Google has spidered when left out in public view. This week, Google was ordered to remove material by a court in that state. It follows a similar court order in a different case earlier this year.

North Carolina County Gets Restraining Order Against Google from the Associated Press covers how social security numbers, cell phone numbers and other personal information was left online by Johnston County, which means Google (and likely other search engines) spidered the material.

When the country realized this, they sought to have it removed. However, they were told it might take up to five days to remove, prompting the county to go the legal route:

Fearing the possibility of identity theft, Johnston County officials asked Google on Monday to remove the information. It was first posted on the county's Web site by accident six weeks ago and discovered Friday. Mountain View, Calif.-based Google responded that removal could take up to about five days, said county attorney Mark Payne.

"It surprised me that Google didn't immediately recognize that this was something that posed a real danger of real damage to our citizens," Payne said.

Hey, it surprised me that Johnston County didn't immediately recognize that the information shouldn't have been put on the public web in the first place. However, that appears to have happened because of a third party contractor.

What about the automatic URL removal system? I seem to recall that as getting pages out in 48 hours or less (but I might be remembering incorrectly). Checking today, officially it is longer (unofficially, I hear it goes faster):

You may process your URL for removal from Google's search results. URLs will be removed after we've verified your request. Bear in mind that verification can take several days or longer and all pages submitted via the automatic URL removal system will be removed from the Google index temporarily for six months.

Google Blamed For Indexing Student Test Scores & Social Security Numbers and Follow-Up: School Couldn't Reach Google Until Injunction Filed cover how a school authority in North Carolina went to the courts to remove pages from Google in June.

Posted by Danny Sullivan at 1:06 PM | Permalink

October 30, 2006

Google Appeals Federal Judge's Orkut Ruling

The International Herald Tribune reports that Google has appealed a federal judge's order to hand over the IP address information to Brazilian authorities. Google claims the "federal civil court did not have the proper authority" for such information. But Google spokesperson, Debbie Frost said Google will help Brazilian authorities identify individuals accused of illegal activities on Google's social networking platform, Orkut. This history goes way back, just start from here and keep clicking those links back to the previous stories. This amazes me that it is still going on since early this year.

Posted by Barry Schwartz at 9:13 AM | Permalink

October 13, 2006

Stanford University Keeps Yahoo's $1M After Strong Criticism

Mercury News updates us that despite the fact that Stanford University criticized Yahoo for helping China, and Danny pointing out they may accept the $1M was again criticized, Stanford will be keeping the $1 million grant. The director of the fellowship program said they are "considering holding a forum to engage Yahoo and other media companies about operating in repressive countries."

Posted by Barry Schwartz at 10:36 AM | Permalink

October 2, 2006

Reading Other People's Gmail Via Bloglines

Using Bloglines to snoop on people's private Gmail from Martin Belam looks at how he accidentally stumbled upon email feeds that individuals are posting to Bloglines. To be fair, it's an issue that could happen to any "private" feed that someone unknowingly shares to the public.

Gmail allows people to get a feed of their email, as covered in these help pages. That lets you see the subject of your emails along with short descriptions. But even this small amount of information might be too embarrassing for some people to have made public.

How would those summaries get made public at all? In the case Martin looks at, people are adding their Gmail feeds to Bloglines but leaving those feeds public for others to view. That's how he stumbled upon them.

Google does warn about this, but he thinks the warning could be more visible. Perhaps -- but it's also worth keeping in mind that using an online news reader means you need to carefully consider ANY feed you take and whether those settings are public or not.

Postscript From Bloglines:

Bloglines is committed to online privacy and we take our role in this effort seriously. I'd like to help correct some of the misconceptions and explain how Bloglines privacy works in regards to both search and feeds as well as how to use Bloglines properly to generate secure feeds.

The main issue at hand is the appearance of Gmail accounts in Bloglines and a users's ability to subscribe to these feeds (or search for posts from these feeds).

The examples displayed were actually Gmail accounts registered through a third party (Feedburner) and then subscribed to within Bloglines.

Bloglines actually provides HTTP authentication for secure feeds. When this method is used, Bloglines secures the feed so that it can not be searched on or subscribed to except by the owner of the feed.

However, when the user generates their feed through a third party like Feedburner, the authentication portion has been removed from Bloglines' control and we have no way to identify and secure the feed. As a result the feed and it's previously secure data become public. Clearly this is a problem and we are in contact with Feedburner and other third parties to help them better inform and protect their users.

The other issue is the definition and understanding of "private" feeds within Bloglines. Marking a feed as private in Bloglines only hides the feed from your public blogroll and your identity from the feed's list of subscribers. We try to make this clear to Bloglines users by prominently displaying the following note during the feed subscription process:

"Private subscriptions don't show up in blogrolls and you will not be listed as a public subscriber. However, the feed and all its posts will remain available to the public via Bloglines and Ask.com Blog & Feed Search. Exceptions are Bloglines email subscriptions and feeds that require http authentication. In both cases, the feed and its posts will not be included in search results."

This issue has reminded us that there is still some confusion about privacy in the world of feeds. We recognize that a better system of limiting access to feeds is needed as more content becomes syndicated or syndicatable. We have been leading the effort to build new safeguards into syndications standards and are hopeful that some type of Feed Access Standard will provide further security for users and their feeds.

Posted by Danny Sullivan at 8:36 AM | Permalink

September 28, 2006

Google Not To Deliver Orkut Data To Brazil Authorities

Google won't hand data to Brazil judge from the Associated Press reports that Google will not be meeting the deadline to provide Brazilian authorities with the data they requested on specific Orkut users. This comes after Google saying they will hand over the data to Brazil. So the question is, will Google be fined $23,000 per day by the Brazilian judge until they comply? Google has promised to issue a court explanation as to why they cannot provide the data Brazil requested. The AP article also quotes Debbie Frost of Google saying, "We have and will continue to provide Brazilian authorities with information on users who abuse the Orkut service, if their requests are reasonable and follow an appropriate legal process."

Posted by Barry Schwartz at 8:55 AM | Permalink

September 26, 2006

Yahoo Fellowships For Repressed Journalists, While Chinese Journalist Might Sue Them

Earlier this month, I dinged Google over hypocrisy for getting behind Banned Books Week given its support of censorship in China. Now, a similar ding for Yahoo. Yahoo funds $1M Stanford journalism fellowship from the San Jose Business Journal covers how Yahoo -- under fire for allegedly harming journalists in China -- is going to fund fellowships for journalists in countries with press restrictions.

From the article:

The new Yahoo International Fellowship will be aimed at journalists from countries where there are restrictions on freedom of the press, either by governmental agencies or other forces, said James Bettinger, director of the Knight Fellowships.

The first Yahoo International Fellow will be Imtiaz Ali, a reporter for the BBC Pashto Service in Pakistan.

Meanwhile, Jailed Chinese journalist to file US suit versus Yahoo from IDG News Service covers how a Chinese journalist jailed after Yahoo is said to have handed over incriminating email to the Chinese authorities plans to file suit against the company in the US.

Posted by Danny Sullivan at 8:47 AM | Permalink

Class Action Lawsuit Filed Against AOL Over Search Data Release

TechCrunch reports in Suit filed against AOL; seeks to block search history storage that a class action lawsuit has been filed against AOL seeking $1,000 in damages for each person whose search records were released last month.

The release involved 658,000 individuals, so that's potentially a $658 million bill, if the case succeeds. It's even more if some of those people are California-based, since the case seeks $4,000 per California individual, according to TechCrunch.

Of course, not all of these people actually can be identified. To date, exactly one person was positively identified. The New York Times guessed at her identity, and she herself confirmed it. No doubt, others can also be determined, but not every one of the people involved will be. So when the suit says:

The search queries themselves contain information that identify AOL members who made each search.

That's only correct for a subset of the total users. Similarly, the lawsuit states:

The Member Search Data holds sensitive financial information about the AOL members, including but not limited to names, street addresses, phone numbers, credit card number, social security numbers, financial account numbers, passwords and usernames.

True, in some cases. Not all of them. In fact, probably not true for the majority of them.

It will be interesting to see if the court case ultimately finds that everyone should receive payment, given the potential harm they suffered, or if it will only pay to those who prove in some way they actually were personally identifiable or had personal information released in some way because of AOL's actions. Perhaps there will be a compromise between the two, if the case succeeds.

You'll find the text of the lawsuit here. Three AOL users are named, though no evidence I see in the suit suggests that any of them were actually personally identified in some way by the release. That might come in future filings or existing filings also submitted to the court, of course. A release about the suit from the law firm filing it is here. The Associated Press also has coverage in 3 AOL Subscribers Sue Over Data Release.

Aside from cash payouts, the case also wants AOL to enforce a license prohibiting commercial and non-research user of the data, plus wants the material removed from internet search engines (which means, really, getting it off the internet itself). It also seeks to prevent AOL from storing any type of web search data and to destroy any already in its possession.

Posted by Danny Sullivan at 7:57 AM | Permalink

September 8, 2006

More On Google & Blocking Privacy Proxies

Yesterday I wrote about how several proxy servers used by those wishing to search and surf anonymously had apparently been blocked by Google, including the popular Tor service. Google's since explained why these were blocked and how human users can get around the barrier.

Google told me that someone or something was using the Tor system to hit them with an extremely large number of queries, which caused the block on the network to come online.

Couldn't Google have done this in a way to filter out the humans but block the spiders? Cory Doctorow, who wrote the Boing Boing post on the subject, especially felt Google was being too heavy handed. In an email exchange we had, he wrote me:

Google has a lot of engineering talent, but it approached this problem with a fireax, not a scalpel.

Actually, Google is using both a fireax and a scalpel. It's just that some Tor users might not see the scalpel, if they have cookies disabled, from what I can tell.

A human user, with a browser that accepts cookies, would get a slightly different block page. This one would allowing them to prove they weren't a spider via a CAPTCHA code.

In other words, look at this image from The Chunk, which sparked yesterday's Boing Boing post. Now look at the image of a very similar page that you'll see here.

Notice how the second example has a part that says:

 To continue searching, please type the characters you see below

After this is a code, a CAPTCHA, a system to filter out robots that can't read the text in the image.

Anyone set to accept cookies will see the CAPTCHA challenge, be able to fill it out and continue searching. But isn't accepting cookies defeating the purpose of using a system like Tor designed to keep you anonymous?

Not necessarily. For example, in Firefox, you could choose to have cookies cleared every time you close the browser. That means for your searching session, Google will only know that someone from an anonymous IP (it can't be traced back to you, remember) did a series of searches for a particular session of time.

Close your browser, come back to Google, and you'd get a new cookie (along with an entirely new IP address). There would be no way to associate your searches over a long period of time, which potentially could lead to how one person was identified in the recent AOL data release case -- assuming somehow, someway, someone got to all of Google's data over time.

It's unlikely -- though still possible -- that you could do enough searching within one session to give yourself away just based on your queries. For those still concerned about this, I suppose you could do a search, then clear your cookie and search again. Alternatively, don't search for anything that you think could potentially reveal who you are.

For more on protecting your search privacy, see my past posts Which Search Engines Log IP Addresses & Cookies -- And Why Care? and Protecting Your Search Privacy: A Flowchart To Tracks You Leave Behind.

Could Google do things better? Absolutely. Since many people using services like Tor might not be allowing cookies, Google should change the page that comes up for "robots" to say something like "if you're a human, please allow cookies, and then you'll get a code to let you in." Google could even take the further step of detailing how to set up cookies and clear them in popular browsers to better guide those concerned about privacy. And to be fair, all the search engines could do more on that front.

That page can definitely be more helpful in other ways. When I've heard of this happening in the past, it was typically because someone from a particular ISP or shared IP address was doing a lot of rank checking. That might cause the entire IP range to get closed.

Unfortunately, Google's current warning page doesn't give the unfortunate innocent users much guidance that things outside their control might be to blame. Instead, it sends them thinking that maybe they've got a virus or spyware. I can see that has caused at least one person to waste time checking how to "fix" a problem they didn't have.

It would also be nice to see more help pages on Google about this in general. All these things are ideas Google said it will consider.

Postscript: Cory emailed me this: Danny, I believe that they could solve this problem without requiring cookies -- for example, they could embed a RESTful, expriring GUID in the URL-line on the successful solution of a CAPTCHA:

http://www.google.com/search?q=boing&CAPTCHA=KJASJFSE

Posted by Danny Sullivan at 8:04 AM | Permalink

September 7, 2006

Google Protecting Itself Or Harming The "Innocent"

Google blocking privacy technology over at Boing Boing has Cory Doctorow writing up how Google is blocking some proxy servers from making requests. An attempt by Google to stop those trying to protect themselves from prying eyes? Many have told him that it's Google likely stopping automated request from proxies. That doesn't let Google off the hook. Cory writes:

But that doesn't change the essential point: Google is fighting bots by compromising its users' privacy -- the countermeasure is a form of punishing the innocent to get at the guilty.

OK, Cory, let's spin it around. Let's say that someone starts hitting Boing Boing with thousands of automated requests. Maybe they want to scrape your content to harvest a little AdSense cash. Maybe they don't like you. They do this through anonymous proxies. Ultimately, you decide to block requests from those proxies. Can we now declare that move was Boing Boing punishing the innocent to get at the guilty?

I like that we have proxies to help those who are worried about privacy to stay anonymous. There are plenty of people with that type of need. But let's also not paint Google or other services that can seriously get impacted by automated queries into somehow being evil if they've had to stop from getting slammed. A more constructive move will be to hope that Google can figure out a way to help support some proxies but also not simply get abused itself by them.

Postscript: Please see More On Google & Blocking Privacy Proxies.

Posted by Danny Sullivan at 12:16 PM | Permalink

September 4, 2006

Google Says They Will Give Brazil Orkut Data

The Washington Post reports that Google will give over the Orkut data of specific users including; IP addresses with time and date stamps that can help trace a specific user and registration information including names and e-mail addresses. This comes after Brazil gave Google 15 days to comply or else be fined $23,000 per day.

Why turn over data to Brazil when Google famous resisted the US government earlier this year for a data request? Reports the Post:

"What they're asking for is not billions of pages," said Nicole Wong, Google associate general counsel. "In most cases, it's relatively discrete -- small and narrow."

Posted by Barry Schwartz at 10:16 AM | Permalink

September 1, 2006

Google Has 15 Days To Provide Data To Brazil Or Be Fined $23,000 Per Day

AFP reports that Brazil has given Google Brazil 15 days to turn over the data on the Orkut users they have been asking for. If Google Brazil does not comply, they will be fining them $23,000 per day. Google has said that they would work with Brazil to shut down Orkut some communities but according to the court filing in Sao Paulo yesterday, those requirements have been 'unsatisfactorily met.'

We have a good historical round down of this whole Google & Orkut & Brazil issue here. Business Week also has a nice write up on the issues named Google's Brazil Headache, highlighting why Google is saying they'll comply if only the requests were sent to Google in the US, rather than Google Brazil.

Posted by Barry Schwartz at 9:20 AM | Permalink

August 23, 2006

Researchers Debate Whether To Study The AOL Data

When the AOL privacy case broke earlier this month, I wrote about how the intention of releasing the data was honorable despite the ineptness of how it was done. Those trying to research search behavior have been starved for decent data. Researchers Yearn to Use AOL Logs, But They Hesitate from the New York Times covers this in more detail, about how the existing data sets out there are nearly 10 years old.

Along the way, we discover researchers are debating if they should use the data. I'd say you might as well. It's not like you'll be getting more any time soon. As long as the researchers aren't themselves republishing in a way to violate someone's privacy, it's hard to see the harm. At this point, the data has been spread so far and wide, accessible in many ways, that it's difficult to see what the researchers think they'd be protecting by studying it.

The story also touches on data releases from other search engines (Yahoo and Microsoft say they've done some controlled, limited releases; Google says they hand nothing out). It also highlights how the researcher who put the data out -- again with the best of intentions -- simply didn't realize that people would be able to be tracked down through their search profiles.

Most interesting is the end of the story, looking at if there's a way to scrub the search stream so that data could be released and be untraceable. I've said I'd love to see that type of solution happen. But it would have to be foolproof, and I'm not sure how that can happen unless you have human review of profiles that might go out.

Meanwhile, the San Jose Mercury News in What do Google, Yahoo, AOL and Microsoft's MSN know about you? effectively does over the same survey of how long data is kept that News.com did last February, in the wake of the US Department Of Justice search privacy debate. I mentioned the story before, but let me highlight a key part of it:

While AOL is unique among the Big Four in that its users are easily identified by an AOL user name after they have logged in, people who frequent Google, Yahoo and MSN are also monitored by a combination of digital tracking systems.

Nope, AOL is not that unique. If you've logged into Google, Yahoo or MSN to use any of their services, chances are when you search, they'll also have you keyed to a particular profile that's more unique that just looking at your IP address or a cookie. The story does explain this more, and my previous post Which Search Engines Log IP Addresses & Cookies -- And Why Care? goes into the explanation in more depth. In looking at that previous post, I also saw this:

[News.com]: Given a list of search terms, can you produce a list of people who searched for that term, identified by IP address and/or cookie value?

[AOL]: No. Our systems are not configured to track individuals or groups of users who may have searched for a specific term or terms, and we would not comply with such a request.

Despite the response, I'm 99 percent certain AOL does indeed log IP addresses and cookies along with search data. Searching on AOL creates a page request with the search terms embedded in the page's URL. That request will be logged. If it's logged, it can be analyzed. In fact, AOL later says they can give you a list of searches that were done by a particular IP address or cookied browser. If you have that information, you have the opposite.

Of course, we now know that it was indeed the case that you could take AOL's data, give it a search term and get a list of individuals who searched for it. Yes, the individuals were given anonymous numbers, so the AOL answer is technically correct. But the overall profile of what someone was searching for in some cases turned out to be personally revealing.

I'm planning a longer recap on some of the latest out of the AOL case, but in the meantime, I still keep coming back to this conclusion from an earlier post:

I think consumers will need more faith and control over how long search data is kept for them, plus the ability to opt-out or delete histories with a push of a button, perhaps the type of privacy/data control panel John Battelle has wished for. And as I've written, that has to include ISPs, many of which merrily sell search data that they monitor to third party companies.

I'm working on a longer look back at the fallout from the AOL release and ways forward. But a quick shout-out to Daniel Brandt of Google Watch is in order. Seth Finkelstein just gave him one, and I'll add to it. I've felt Brandt's often twisted things or focused on stuff that didn't matter much (Google's 30 year cookie that most people won't really have last for more than a year or two, if that). But his long-standing call for regular data destruction -- something other privacy advocates have also pushed for -- seems the most secure solution going forward.

Posted by Danny Sullivan at 2:19 PM | Permalink

August 22, 2006

Brazil To Close Google Brazil's Offices Over Orkut Issues?

A post in our SEW Forums and a report from Xinhau says that Brazil's federal prosecution service is moving to close Google's operations in Brazil. So far, there is no other news about this that we've seen. An injunction is apparently being requested ordering the release of information from Orkut, with a threat for closure of Google's Sao Paulo office if they don't comply.

Postscript From Danny: Reuters has a story up now here: Google refuses to hand over data to Brazilian authorities. It covers that prosecutors want permission to file a civil lawsuit against Google, with a $61 million fine and the threat of closure if it fails to comply with the information request.

Postscript From Barry: For an historical line up of these events over time, see the links below:

- Aug. 16, 2006 :: Orkut Causing Trouble In Brazil Again - Jul. 21, 2005 :: Drug Pushers Using Orkut Arrested In Brazil - May. 25, 2006 :: Google Works With Brazil To Shut Down Orkut Communities - May. 18, 2006 :: Google Faces Criminal Charges For Child Porn & Racial Material - May. 3, 2006 :: Google & Brazil Fight Over Orkut User Data Rights - Mar. 10, 2006 :: Brazil Asks Google To Help Orkut To Stop Organizing Organized Crime - Mar. 9, 2006 :: Al-Qaeda Likes Orkut

Posted by Barry Schwartz at 5:21 PM | Permalink

August 21, 2006

AOL Fires CTO & Two Employees After Search Records Slip Up

The Wall Street Journal just reported that AOL has fired the Chief Technology Officer, Maureen Govern, and two other employees after releasing search records last week. The article named "AOL Fires Technology Chief After Web-Search Data Scandal" discloses that Maureen Govern, the CTO along with the researcher who released the data and the manager overseeing the research have been all fired. I am kind of surprised that AOL hit someone so high to the top, but it does make a statement, a statement AOL must make.

Postscript From Danny: News.com has a nice follow-up here, Three workers depart AOL after privacy uproar, and Lisa Barone over at Bruce Clay highlights a Mercury News article where AOL's statement of keeping data "roughly 30 days" obviously didn't hold true. AOL also said they purge personally identifiable information after 30 days last year. To be fair, the search records did have personal ids removed. It's simply that the searches themselves made at least one person identifiable.

Posted by Barry Schwartz at 2:28 PM | Permalink

August 15, 2006

103 Links About SES San Jose 2006 (AKA The Big Recap)

Couldn't make it to last week's monster Search Engine Strategies show in San Jose? Well, maybe next time! In the meantime, I've compiled a list of coverage from across the web, even somewhat organized into topic areas.

Our San Jose show is always tough for me, as I arrive a week earlier to visit with the various major search engines out there. That means two weeks of news and email to dig out from, since you can never get it all done on the road. All that digging out means I know I don't have everything listed below. But you'll find plenty to keep you entertained.

General Recaps

Eric Schmidt Appearance

Eric Schmidt & Search Privacy

Click Fraud Panel & Related Coverage

Yahoo's Panama Ad Platform Preview

Social Search & Related Topics

Organic Listings Sessions

Search Advertising Sessions

Issues Sessions

News, Blogs & Public Relations

Big Sites/Budget Sessions

Small Sites/Budget Sessions

Conversion & Metrics

Other Sessions

Google Dance & Parties & Pictures

Posted by Danny Sullivan at 4:50 PM | Permalink

EFF Asks FTC To Limit How Long AOL Can Store Search Records

The Electronic Frontier Foundation has asked the US Federal Trade Commission to investigate AOL's release of search records last week and prevent the company from storing search data for longer than two weeks.

The formal complaint (PDF) asks for the FTC to:

order AOL to refrain from collecting or storing logs of its users’ search activity except where necessary incident to the rendition of AOL’s services or the protection of AOL rights and property, and to refrain in any case from storing logs of its users’ search activity in personally identifiable form or for more than fourteen (14) days;

The EFF also wants all those whose searches were revealed through the data to be notified by AOL, which sounds like a good idea and something you'd think AOL would already want to do. Other things are requested, such as one year's worth of credit monitoring to protect against identity theft. That seems far-fetched, but I suppose you never know.

Coinciding with the complaint, the Wall Street Journal has a debate between the EFF and an internet lobbying group NetCoalition that apparently represents Yahoo and Google, among others.

The debate, Should Web Search Data Be Stored?, is free to anyone to view. It's well worth a read, if only to read that the US Department Of Justice is apparently arguing that access to search records might not require a search warrant, as the EFF says the Electronic Communication Privacy Act requires.

Overall, I'm much more on the side of the EFF in the debate. Some highlights from it and my remarks about them.

NetCoalition: Search queries are stored and used by Internet companies for internal purposes.

Me: Search queries have been shared by various companies in different ways with third parties over the years. More important, even if these are stored for internal purposes, there's no guarantee that they'll be perfectly protected. Leaks, accidental or intentional, do happen.

NetCoalition: There are good, legitimate reasons why an Internet company would use historical search queries for internal uses. For example, search query information can be used in research and development to make improvements to search technology, to better tailor and make more efficient users' online requests. Companies also analyze historical query information to detect and protect against click fraud -- an activity that involves faking clicks on Web advertisements to drive up costs.

Me: Excellent points, but the major search engines are going to have to step up now with better proof that there's no way data can be tied back with an individual, even when made "anonymous" in the way AOL has shown doesn't work. Click fraud refunds typically aren't given for activity longer than 60 days, so that provides a time horizon for how long data might be associated with actual users/IP activity.

NetCoalition: Search queries are essentially "directory assistance" requests from users to companies that help them find locations on the Internet. The Electronic Communications Privacy Act is meant to protect communications between and among users -- not to protect requests from customers for directions on the Internet.

Me: Wow, I think the search engines need a new lobbying group that understands search better. Searches can be directory assistance and much more than that. Search engines are confidents, trusted friends that we effectively tell secrets to in order to get advice. They aren't about getting location. They are about getting information.

NetCoalition: The Video Privacy Protection Act is a bad analogy. Internet companies do not match up the user's personal information (e.g., name, address and phone number) with search queries the way a video rental record would.

Me: Except they do. If you're logged in to a search engine, then any personal information you've provided is associated with your search query in some way.

EFF: The public needs to know the facts about how their data is being stored and used before they can make informed decisions as consumers as to whether and how to use a particular search engine, and to make informed decisions as citizens as to whether and how Congress needs to update the law. I think the best route would be hearings in Congress to get to the bottom of the issue.

Me: I think the best route would be for the search engines themselves to act in conjunction with privacy groups right now to get protections and standards in place. But if they can't act, then hopefully laws covering the entire search spectrum -- from ISP to search engine -- will be enacted.

NetCoalition: Search queries are not being linked to users' personal information and shared for marketing purposes.

Me: Except they are. Showing ads in response to a query, while long-standing and generally accepted, is a marketing purpose. Showing ads based on search profiles, such as the New York Times wrote about today, is a more extreme example.

EFF: My organization also strongly opposes proposals by the DOJ and Congresswoman DeGette that would force companies to store this kind of sensitive data for government use. That's like asking the post office to keep copies of our mail, or phone companies to keep recordings of our phone calls, just in case investigators might find it useful. The bottom line is that Americans deserve the same privacy protections online that they've always had offline, and that includes the ability to be able to speak and consume speech freely and privately, without fear that their deepest secrets might be shared with the government or published to the world. Yet when search engines accumulate this kind of data, such disclosures are bound to happen, as this week's news has demonstrated.

Me: Well said!

Postscript: I'd sent some questions over to the EFF and just got answers back from EFF staff attorney Kevin Bankston. Here they are:

Q. Why just AOL? Why aren't you asking for all search engines to be limited? I did see that you want federal laws to expand to cover them, but what happened with AOL could happen with the others as well.

A. Why aren't we asking the FTC to investigate and take action against other search engines? Because we can't, just like we can't go to court and demand that Google pay for AOL's mistake. The FTC isn't a suggestion box. We had a specific complaint about AOL--we think this disclosure violated their policy and therefore constitutes an unfair and deceptive trade practice--and we filed that complaint with the FTC. If other companies engaged in similar disclosures, we'd file similar complaints.

If you are familiar with our work, you know that we've been complaining about the logging practices of search engines as a category for a long while. In fact, I'm usually the one trying to explain to Google-hungry journalists that your Yahoos and AOLs and MSNs and other multi-service portals pose most if not all of the same privacy threats, so it's funny to be accused of singling out one of them for some sort of special mistreatment. We're merely reacting to a specific incident that happened to involve AOL rather than Google or Yahoo or MSN.

We want strong, clear legal rules that cover all the search engines; we want all the search engines to limit retention.

Q. Why just the search engines? Many ISPs are recording the same data but aren't being limited on data retention. It's actually more worrisome to me in that many ISPs are happily selling this data to third parties.

Again, if you are familiar with our work, you know that we are generally concerned about data retention by all stripes of online service providers (see, e.g., our white paper on best practices for online service providers, http://www.eff.org/osp/). So, in short, we share your worry. But again, we are reacting to a specific incident concerning a search engine, so our discussion right now is focused on search engines.

BTW, if you are specifically aware of any ISP that routinely collects the searches its users submit to other search engines, we'd love to hear more about it. I think that without very clear consent from the customer, that would be an unauthorized interception of your communications, and therefore a felony.

Q. How long does the EFF retain search data? You've got a search box. People do sensitive searches on your sites. I want to ensure AOL isn't being held to a higher standard than the EFF itself meets.

We don't retain search terms. Of course, since we use Google, Google does undoubtedly retain them. But we proxy everyone's requests so that their IP addresses and cookies are not transmitted to Google, therefore individual search terms are only identifiable to EFF visitors as a population and not personally or uniquely. In fact, we call this out on our site: if you click on the link next to our search box that says "about EFF's search," you'll see a pop-up that says "EFF uses Google for search functionality on www.eff.org. To protect your privacy, EFF proxies search requests to Google with a special CGI script on our server, thus hiding your IP address and your Google cookie (if any) from Google's servers."

Posted by Danny Sullivan at 11:02 AM | Permalink

Targeting Ads Based On Search Behavior & Privacy Issues Post-AOL

Back in 2005, I wrote about AlmondNet moving forward with showing ads to surfers across the web based on their search profiles at major search engines. The move raised big search privacy issues. Since then, AlmondNet's kept going -- along with others such as Yahoo, in mining search behavior to deliver ads beyond search results pages. Advertisers Trace Paths Users Leave on Internet from the New York Times today takes a look how Yahoo, MSN and AOL are all trying to push into the post-search ad delivery space.

I've always felt these programs would eventually raise greater concerns over search privacy, since it would make it even more readily apparent to people that they were having search profiles assembled for them. If you go back to the AOL search privacy poster child of Thelma Arnold, tracked down through her search requests, her comment was one I'm sure many searchers would have:

I had no idea somebody was looking over my shoulder.

Until the AOL search records release, many people still have had no idea they were being profiled. But I've felt post-search ads would help raise that concern. Why were you continuing to see ads based on things you recently searched for? Perhaps that would help raise awareness of search profiles.

The AOL release has changed all that. To me, post-search ads -- while promising -- are a non-starter until the search privacy issues are resolved. We've been told that data would be protected, yet it got out in one way via AOL. Though the intent was innocent, it might slip out in the future in other ways. Even Google CEO Eric Schmidt, when I asked him about search privacy and data destruction last week, said you could "never say never" about things not going wrong.

For these types of programs to move forward, I think consumers will need more faith and control over how long search data is kept for them, plus the ability to opt-out or delete histories with a push of a button, perhaps the type of privacy/data control panel John Battelle has wished for. And as I've written, that has to include ISPs, many of which merrily sell search data that they monitor to third party companies.

I'm working on a longer look back at the fallout from the AOL release and ways forward. But a quick shout-out to Daniel Brandt of Google Watch is in order. Seth Finkelstein just gave him one, and I'll add to it. I've felt Brandt's often twisted things or focused on stuff that didn't matter much (Google's 30 year cookie that most people won't really have last for more than a year or two, if that). But his long-standing call for regular data destruction -- something other privacy advocates have also pushed for -- seems the most secure solution going forward.

Posted by Danny Sullivan at 7:28 AM | Permalink

August 10, 2006

Daily SearchCast, August 9, 2006: Special Edition, A Conversation With Google CEO Eric Schmidt

Today's search podcast covers Search Engine Watch editor-in-chief Danny Sullivan talking with Google CEO Eric Schmidt live before an audience at Search Engine Strategies San Jose 2006 on topics ranging from search privacy to Google's expansion into all aspects of daily life. Tune-in by listening to this MP3 file, via our Odeo channel or through iTunes via this link (or use alternative iTunes instructions explained here) or though our Yahoo Podcasts channel. Prefer not to listen? Ah, darn. But that's OK, here's a rundown of what was covered:

General Write-Ups

Posted by Danny Sullivan at 2:32 PM | Permalink

August 9, 2006

Search Privacy Concerns Humanized As The New York Times Tracks Down Anonymous AOL Searcher

A Face Is Exposed for AOL Searcher No. 4417749 is an excellent read from the New York Times, where you can meet the person who is about to become the most famous searcher ever: Thelma Arnold, a 62-year-old from Georgia. Using the released AOL search records, the New York Times figured out who she was and interviewed her and her searching habits for the story. No more discussing whether anonymous search records might contain enough information to identify people. In some cases, they do (or at least enough to make an extremely good guess and get confirmation from the person themselves). Thelma Arnold now becomes the face of search privacy issues. Meanwhile, though not naming people, News.com has a good look at more searching behavior from the records: AOL's disturbing glimpse into users' lives.

Posted by Danny Sullivan at 10:53 AM | Permalink

August 8, 2006

More On AOL's Search Release & Ways To Search The Records

I've got some follow-up items about yesterday's story where AOL released user query records, including how anyone can now easily look at the data.

First, after Barry did a recap of the news, I added a postscript to the story with more of my thoughts. In case you missed it, here are the key parts below:

AOL: Dooooooh! from John Battelle and AOL apologizes for release of user search data from News.com have AOL apologizing for the release, now said to be data involving about 658,000 individuals from March through May of this year. AOL says the release of the data wasn't properly vetted for privacy issues and that the release intentions were innocent.

I believe that. Make no mistake, this was a big screw up. The researchers providing the data didn't think hard enough about how making it possible to build a profile of individuals, even if they were given anonymous names, might then make it possible to determine who those people are if they revealed enough information in their searches.

In addition, it's going to be very difficult for some law enforcement agency not to want to subpoena AOL for actual user names when they read about things that suggest a murder is being planned or may have happened, as covered above. I'm not saying they'll get it, but I think it's almost inevitable that someone will try. That will set off further privacy fireworks.

But yes, the original intention was innocent. I got an email about the research site last week (and with my traveling all last week, simply did not have a chance to check it out). Here's what a researcher involved with it emailed me:

Over the last few years I have witnessed a divide developing within Information Retrieval research - between the haves and have-nots. The ‘haves’ are the companies like Google, Yahoo, MSN, and ourselves, with lots of resources and data. The ‘have-nots’ are people without those resources such as academic researchers and smart guys at small companies. We want to be able to help anyone work on great ideas by giving them the data and infrastructure they need.

So we started building data sets and made them available for everyone to test their ideas with. Each data set features a dynamic view, which allows you to inspect the data without having to download it. We also built some APIs for news, video, audio and podcasts, which will save people time from having to do that themselves. We have tried to stay away from interfaces like web search as those are already around.

There's nothing evil in that. In fact, there's much to appreciate, intention-wise.

We all use search engines so much, and they are so important in our daily lives, yet they remain one of the most poorly researched media venues out there. Yes, we're getting new labs like the one from Yahoo at UC Berkeley. But most search behavior studies outside of the search engines have depended on ancient search logs from places like Excite from back in 2001 or so. Newer studies, if the search engines are doing them, simply don't come out often. So the intention to promote learning with this release was innocent, if not honorable. The execution was poor and inexcusable.

This is the second major milestone in raising awareness of search privacy issues this year. The first was the Department of Justice action, which rightly focused on whether we need more safeguards over what governments can request. Today's upset highlights the protections that are needed again corporate releases of data.

The good news is that perhaps it will spur better protections even more. Microsoft, Google & Others Call For Unified Federal Privacy Protection covers how the major search engines recently asked for better legal protections from the government. But perhaps the search industry itself will move forward to develop better privacy standards. I've hoped recently for some type of Search Privacy Bill Of Rights. Since I doubt the government will act quickly, perhaps the industry will go faster before a third incident causes searchers to completely lose faith in them.

AOL's Jason Calacanis, who runs Netscape, is proposing that AOL not keep search records at all. That might sound like a nice idea, but it's not practical. To not keep records raises issues with click fraud, plus with internal tracking to determine how to improve a search engine itself in how it responds and feeds queries. Putting better limits on how long data is kept might help, as might developing ways to somehow remove personally identifiable information that might get into search records.

Then again, Ixquick recently tried a PR push on how it doesn't keep records. Perhaps that's going to be a way for some players to win new users. Just make sure you also use some tool like Anonymizer to keep your ISP from logging your actions. Otherwise, your data is still out there and being recorded in another way.

The postscript then goes on with a long list of links to stories about search privacy issues, so check it out, if you want to read more background about the issue.

Next, via TechCrunch, the AOL Search Database is a new site that has taken all the data and allows anyone to search through it. The site's up and down due to demand, so be forewarned. It also lacks documentation, but here's a very quick guide to what I've played with so far.

User ID: To see the searches done by a particular person, you enter the anonymous user number they've been given. The main problem is that I have no idea where the numbering sequence starts. For example, enter 1 into the box, and you get nothing. Enter 1083349, and that brings up the records for that user (well, it should -- when I tried, I got a database error because of a behind the scenes glitch).

Search Keywords: Enter a term here, and you'll see all the people who searched for that word. For example, entering [murder] gave me a list of everyone who looked for that word or phrases that include it (such as murder.com). I haven't tested to see if there's a way to do an exact match yet. This is also an easy way to obtain user numbers, if you want to then check out particular user records.

Date Of Search: I haven't tried it yet, but I assume this will give you all searches done on a particular day.

Website Results: Again, I didn't have a chance to play with this, but I assume if you enter a URL (say playboy.com), you'd see all the people who did a search, got that site listed and perhaps clicked through.

When you are done exploring, you can enter your findings into Valleywag's Find the scariest AOL user search record contest. So far, this isn't scary but funny: Scariest search records: AOL saves crew of Oceanic flight 815. Over at Consumerist, AOL User 231392 Illuminated is a little more scary.

Prefer to roll through the data on your own, or perhaps build a better interface for searching it? This mirror site offers the data that AOL pulled yesterday.

 

Posted by Danny Sullivan at 2:48 PM | Permalink

August 7, 2006

AOL Releases Search Data & Raises Privacy Concerns

Techmeme is reporting a huge amount of concern over AOL releasing, then pulling, search logs done by 500,000 users over three months. The purpose of the release was to help search researchers better understand user behavior in conjunction with an industry event for search researchers happening in Seattle, SIGIR. The data was posted on the AOL research site, but has since been pulled.

Unlike what TechCrunch suggests, this isn't private data in that no personally identifiable information has been released. Instead, actual usernames have been replaced with anonymous one. However, this still means it's possible to track the behavior of a particular user and potentially know who they are if their searches contained personally identifiable information.

To understand this more, this page gives some examples gleaned from the new AOL data. Also see this example of someone who might be planning to murder his wife. Danny's earlier post, Private Searches Versus Personally Identifiable Searches, also covers the general difference between private data versus personally identifiable stuff.

How does what AOL compare to what the Department of Justice asked for from search engines earlier this year? It actually goes further. The DOJ simply wanted searches, not any further information that would allow a group of searches to be linked with an individual, even if that individual as kept anonymous.

Danny may have more to say about this next week. He's at the SES San Jose conference this week and very busy with that, but he sent me some notes from a brief review of the AOL move to give perspective here as he sees it.

Postscript From Danny: Just a few quick thoughts and updates in the short time I have between sessions.

AOL: Dooooooh! from John Battelle and AOL apologizes for release of user search data from News.com have AOL apologizing for the release, now said to be data involving about 658,000 individuals from March through May of this year. AOL says the release of the data wasn't properly vetted for privacy issues and that the release intentions were innocent.

I believe that. Make no mistake, this was a big screw up. The researchers providing the data didn't think hard enough about how making it possible to build a profile of individuals, even if they were given anonymous names, might then make it possible to determine who those people are if they revealed enough information in their searches.

In addition, it's going to be very difficult for some law enforcement agency not to want to subpoena AOL for actual user names when they read about things that suggest a murder is being planned or may have happened, as covered above. I'm not saying they'll get it, but I think it's almost inevitable that someone will try. That will set off further privacy fireworks.

But yes, the original intention was innocent. I got an email about the research site last week (and with my traveling all last week, simply did not have a chance to check it out). Here's what a researcher involved with it emailed me:

Over the last few years I have witnessed a divide developing within Information Retrieval research - between the haves and have-nots. The ‘haves’ are the companies like Google, Yahoo, MSN, and ourselves, with lots of resources and data. The ‘have-nots’ are people without those resources such as academic researchers and smart guys at small companies. We want to be able to help anyone work on great ideas by giving them the data and infrastructure they need.

So we started building data sets and made them available for everyone to test their ideas with. Each data set features a dynamic view, which allows you to inspect the data without having to download it. We also built some APIs for news, video, audio and podcasts, which will save people time from having to do that themselves. We have tried to stay away from interfaces like web search as those are already around.

There's nothing evil in that. In fact, there's much to appreciate, intention-wise.

We all use search engines so much, and they are so important in our daily lives, yet they remain one of the most poorly researched media venues out there. Yes, we're getting new labs like the one from Yahoo at UC Berkeley. But most search behavior studies outside of the search engines have depended on ancient search logs from places like Excite from back in 2001 or so. Newer studies, if the search engines are doing them, simply don't come out often. So the intention to promote learning with this release was innocent, if not honorable. The execution was poor and inexcusable.

This is the second major milestone in raising awareness of search privacy issues this year. The first was the Department of Justice action, which rightly focused on whether we need more safeguards over what governments can request. Today's upset highlights the protections that are needed again corporate releases of data.

The good news is that perhaps it will spur better protections even more. Microsoft, Google & Others Call For Unified Federal Privacy Protection covers how the major search engines recently asked for better legal protections from the government. But perhaps the search industry itself will move forward to develop better privacy standards. I've hoped recently for some type of Search Privacy Bill Of Rights. Since I doubt the government will act quickly, perhaps the industry will go faster before a third incident causes searchers to completely lose faith in them.

AOL's Jason Calacanis, who runs Netscape, is proposing that AOL not keep search records at all. That might sound like a nice idea, but it's not practical. To not keep records raises issues with click fraud, plus with internal tracking to determine how to improve a search engine itself in how it responds and feeds queries. Putting better limits on how long data is kept might help, as might developing ways to somehow remove personally identifiable information that might get into search records.

Then again, Ixquick recently tried a PR push on how it doesn't keep records. Perhaps that's going to be a way for some players to win new users. Just make sure you also use some tool like Anonymizer to keep your ISP from logging your actions. Otherwise, your data is still out there and being recorded in another way.

For more on search privacy issues, here's a big giant list of recent posts:

Posted by Barry Schwartz at 10:52 AM | Permalink

July 28, 2006

Google Hands Over Email In Hate Case

Feds Retrieve Google Records after Gmail Used for Hate Speech from eWeek covers how the US FBI asked for and was given an email and some session information from someone accused of sending a threatening letter to the NAACP.

Posted by Danny Sullivan at 6:14 AM | Permalink

July 10, 2006

Judge Orders Google To Disclose Advertiser's Information

Out-Law reports that Google was ordered by Justice Rimer to hand over the information on an advertiser to Helen Grant for copyright infringement. Helen Grant "complained that a Google advert led to a service which she claimed violated her copyright in a forthcoming book." A search brought up a site named Realityunlocked.com, "which offered a free download of an earlier draft of the book, and that the site violated the Trust's copyright." Google asked Grant to take the issue to court, this way Google does not have to worry about the privacy issues with handing over the information.

Posted by Barry Schwartz at 8:33 AM | Permalink

June 26, 2006

Follow-Up: School Couldn't Reach Google Until Injunction Filed

Catawba County Schools in North Carolina obtained an injunction to remove private material from Google because it had no luck getting action from the search engine after trying other routes, the district tells me. The school district also stressed that it didn't claim that Google had somehow hacked into its servers. Here's what Catawba County School's chief technology officer Judith Ray emailed me about the situation:

We asserted that Google had somehow bypassed our login information, not that they had hacked their way into the system. Hacking, to me assumes malicious intent and we never intended to imply that Google was doing anything other than spidering all the web sites available.

There is also miscommunication about "all users" being required to log in. The DocuShare server is a repository for both public and private information with logins being required for users who are authorized to view the restricted information. There are hundreds of pages of information that we share from DocuShare with users around the state. These are completely open and are not supposed to [be] password protected.

We did troubleshoot this situation by searching for the students' information at Yahoo, Dogpile, and AltaVista. We did not find any information on these three search engine returns and we attempted the searches over a three-day period.

We acted so aggressively with Google because, until the media got involved, we could not get beyond an operator at Google. We could not get operators to connect us with technical support, the legal department, or to anyone higher up in the organization. We were only given an email address to which we could submit a complain - which we did but got no response. Google has a link to submit an emergency request [see here] but on both Thursday and Friday of last week, the link took you to a dead page. Only when the news media submitted its own inquiry to Google did we get a call regarding the situation. And [Google] has been most helpful in working through this situation with us.

Of course, none of us who are employed with Catawba County Schools at the current time were involved when Xerox set up this server. We are trying to ascertain if the server was incorrectly setup/protected or if the appropriate include meta tags or strings were not included.

Google Blamed For Indexing Student Test Scores & Social Security Numbers from us earlier has more background on the injunction plus how I was finding pages from what the district said was a password protected area to still be available through Yahoo. As clarified above, some of these pages indeed didn't require a login to view.

Our story originally was headlined "Google Blamed For Hacking & Indexing Students Test Scores & Social Security Numbers" and said in one part, "the school [district] blames Google for some how breaking into a password protected area and indexing the content."

As stated above, the school district itself never appears to have said anything about being hacked, only that Google somehow got into information it believed was password protected, as it says on the home page of the district site:

We do not know how Google was able to access the secure, password-protected site. Once Google does access a site, it places a copy of the data on its own server. We immediately called and emailed Google, requesting the urgent removal of the link and site data. We have eliminated the link from our end and it appears that as of Friday night, June 23, 2006, Google eliminated the site from their end.

The hacking reference seems to come from the "