Google’s new Street View service – which displays 360-degree photographs of streetscapes in 25 British towns – has made it a challenge getting pages proof-read in the Wired offices this week. First, we spot the magazine’s associate editor in a skirt in a West London street (to be fair, he insists it is a kilt). Then we discover that Google’s face-blurring algorithm has bizarrely pixellated Bobby Sands’s face on a Belfast mural, presumably to protect what the software assumes is his privacy.
But Simon Davies, who runs a generally estimable campaign group called Privacy International, isn’t much amused. Street View, Mr Davies complained to the information commissioner this week, “has created numerous instances of embarrassment and distress”, and so he pledged to bring a legal test case.
Why? A 15-year-old had complained to Privacy International that Google snapped him carrying a skateboard “which his parents had expressly forbade him from using”; oh, and a married man was captured “speaking at close proximity with a female colleague”. Forget ID cards, registers of children’s DNA and government trawling of our e-mails – in Street View, we have finally identified the ultimate threat to British citizens’ liberty.
Well, no, actually. Although some of those photographed exiting sex shops or being sick in pub car parks may have prompted panicked deletions by Google’s public-relations machine, the public sphere remains essentially public. Despite the creeping incursions of French-style privacy legislation, one can still lawfully capture images from and of the British public commons – so it’s an absurdity for those sneaking a work-break cigarette, or flirting at a bus stop, to claim that somehow their rights have been breached by a passing camera. A right to absolute privacy in public? Get over it.
No, the real public threat from Google is its ever-inflating scale as an unregulated profit-seeking company to which we are entrusting unprecedented swaths of confidential information. What was once simply a niftily effective search company now serves as a personal calendar, an e-mail archive, a store of our word-processing documents, a video repository, a mobile-phone-tracking service, a road-travel itinerary – a vigilant monitor of our medical obsessions, physical movements and political leanings. And that’s fine, provided Google is transparent and sensitive about how it collects and uses our personal data, and that it guards it unfailingly. But as Privacy International pointed out, after a survey found Google to be the worst-ranked leading internet company for respecting user privacy, it is secretive, even hostile, about the use to which it puts our data, often for an indefinite length of time. That is something that should concern us all – especially with the boom in cloud computing.
Previously, we stored most of our data on computers that we controlled in our homes or workplaces. Today, as we rely increasingly on a “cloud” of distant servers to host our e-mail or calculate our taxes, we are shifting such information at an unprecedented scale to networks administered by private corporations. So let’s say you’ve archived your family photos on Google’s Picasa, your confidential accounts on Google Docs and revealed your sexual preferences during searches of Google Images. Admit it: you have no idea how this might be used to help advertisers to target you personally, or governments to profile you surreptitiously.
I write as an admirer of a company whose innovations have enriched our digital lives. But I worry that its dominance is outpacing governments’ ability to challenge it. Two years ago I warned about the online trail Google collected about you “for ever”, all linked to a personally identifiable Internet Protocol address. I suggested that their proposed $3.1 billion acquisition of DoubleClick, the ad-serving business built on “understanding” internet users, gave a worrying indication of its corporate thinking. DoubleClick had made proud assurances about users’ privacy protection, until its CEO was forced to admit the company had made a “mistake by planning to merge names with anonymous user activity across websites in the absence of government and industry privacy standards”.
Earlier this month, Google launched “interest-based advertising” – what others call behavioural targeting – serving advertisements to users based on their online activity. Yet Google is not simply monitoring what you do at its own pages – it is also tracking your interests as you access other unrelated websites. A key benefit, it says, is that it will be able to serve you adverts that more accurately reflect your interests. But do you really want one company to know so much about you? Privately held data has a habit of leaking out. As recently as March 7, a security flaw meant that private papers stored at Google Docs could be accessed by unauthorised users. Mistakes happen – but the volume of data that the firm holds makes it a target for malicious hackers.
Then there is the immutable law of the digital age that data collected for one purpose may be used for purposes never originally intended. We have no idea how future technologies will exploit our historic data trail in ways that may disadvantage us. Will life insurers penalise our past medical search queries, or the tax office fret that we are aspiring to products beyond our declared income?
What we do know is that one database has an innate desire to merge with another to create ever more detailed personal profiles. Wired journalists have been investigating how broadcast, telecoms and internet businesses are planning to mine our viewing and clicking data as never before. Already, your TV set-top box can provide a vast information trail, allowing analysts to know whether you’ve fallen asleep, who in the family is using the remote according to how they navigate the menu, and what (based on the shows and ads they view) they want out of life. Now, let’s imagine how much more powerful this information would be if linked to other personal databases – not just your internet trail, but your purchase history at the supermarket.
Add to this near-future scenario interactive digital billboards that recognise faces and serve targeted ads based on what the database knows about you. And then crunch in real-time mapping of your precise location, based on signals emitted from your mobile phone. All, of course, benign services that will benefit the consumer by targeting special offers when in the vicinity of a store … But have we debated sufficiently how we want such information to be used, and what is being done to ensure that it does not fall into the wrong hands?
Google – did I mention? – has a rather cool mobile-phone tracking program called Latitude, which lets you know where your friends are according to signals emitted from their phones. Again, all perfectly fun, and Google makes both parties opt in to being tracked. But let’s just imagine that a jealous partner gains access to your unattended phone and enables Latitude without your knowledge. Or government bureaucrats, never satisfied with the extent of their power to track the populace…
This is the moment for us to demand clear answers from the tech industry’s data crunchers, not only Google, and to educate ourselves about what we are giving away. Because when one unaccountable company knows where we are, who we’re e-mailing, what’s in our work documents, what we’re buying and thinking – well, that starts to add up to real information.
David Rowan is the editor of Wired magazine, which launches in the UK on Thursday