Create an Account
username: password:
 
  MemeStreams Logo

Big Google and Big MemeStreams and Big Brother

search

Decius
Picture of Decius
Decius's Pics
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Decius's topics
Arts
  Literature
   Sci-Fi/Fantasy Literature
  Movies
   Sci-Fi/Fantasy Films
  Music
   Electronic Music
Business
  Finance & Accounting
  Tech Industry
  Telecom Industry
  Management
  Markets & Investing
Games
Health and Wellness
Home and Garden
  Parenting
Miscellaneous
  Humor
  MemeStreams
Current Events
  War on Terrorism
Recreation
  Cars and Trucks
  Travel
Local Information
  United States
   SF Bay Area
    SF Bay Area News
Science
  Biology
  History
  Math
  Nano Tech
  Physics
Society
  Economics
  Politics and Law
   Civil Liberties
    Internet Civil Liberties
    Surveillance
   Intellectual Property
  Media
   Blogging
Sports
Technology
  Computer Security
  Macintosh
  Spam
  High Tech Developments

support us

Get MemeStreams Stuff!


 
Big Google and Big MemeStreams and Big Brother
Topic: MemeStreams 11:19 pm EDT, Apr 24, 2005

This post concerns MemeStreams and privacy. Its long, and the MemeStreams specific discussion is at the end. If you are concerned about privacy please read it.

dmv wrote:
] They probably weren't interested in figuring out what you were
] looking for.
] But evil?

I want to make it clear that I'm not particularly concerned about how Google plans to use the data Google is collecting. I'm sure they are merely interested in providing the best search experience they can provide. I don't think Google is "evil." I agree that the people who are spreading the "Google is evil" meme are usually exaggerating and typically think when companies become too large and successful they become evil by virtue of their success. I do not share this point of view.

However, I DO think Google is negligent. I'm concerned about how OTHER people who access this data use it. If you have a static IP, or if I know your Google cookie, or if I have information from your ISPs logs about dynamic IPs assigned to your account and the associated timeframes, I can subpoena all of Google's logs of every search you have performed going back as long as Google has been around. This isn't hypothetical. People are actually doing this.

Google, and most other search engines, refer to the webserver log information they retain as anonymous information in their privacy policies. This is misleading. This information is not anonymous. It is possible to tie it back to individual people accurately.

Because Google is such a good search engine a lot of people use it frequently. It is their gateway into the information on the Internet. They tell Google everything they are looking for. By looking at this log information I can get a pretty good idea of what those people have been thinking about. This is incredibly invasive. Big brother is recording everything you search for on the Internet. In certain circumstances this information will be revealed, particularly when you are a defendent in a civil or criminal proceeding.

While the same sort of log information might be obtained from any other website on the Internet, it is a particular concern in the context of Google, because Google is so popular, and because Google is a gateway into all of the other sites. You can learn much more about a person from their Google logs then you can from just about any other website's logs. Google is now in a unique position where their web server logs are an extremely valuable resource for surveillance if and when they fall into the wrong hands. Failing to handle that responsibility in an appropriate way is negligent.

This isn't happenning enough to have large numbers of people concerned about it, but it is happenning, and it is going to happen more over time. Ultimately, it is going to be a problem. The responsible thing for Google to do would be to expunge these logs after a reasonable period of time. Otherwise, people will eventually change the way they use Google. Thats not in Google's interests.

] I found it far more questionable that memestreams had to
] record not only sessions but click throughs. While logged in.
] Had to, necessary evil, but as I used to point out to Bucy, he
] would never put up with it for a site he didn't personally
] know the operators of.

Presently this characterization of how MemeStreams works is inaccurate, and therefore the conclusion suggested here is unfair.

The reputation system does not store specific information about individual clickthroughs in the database. It stores aggregate information. DMV clicked on links posted by Bucy N times. DMV clicked on links posted by Decius N times. Etc... Thats it.

In theory someone could subpoena this information, but they would simply be able to tell whose links you prefer. As that is the point of the site, it is really unavoidable. However, I do not think it is particularly intrusive, and obviously this information is not disclosed to third parties under normal circumstances.

There are scenarios where this information could be problematic, but I think only if your government was particularly repressive. If a court ordered that that this information be revealed, and it was considered either illegal or highly questionable to prefer certain MemeStreams users, there might be a problem.

This is not a practical problem in western societies today. If it were, a centralized reputation system like MemeStreams would be a bad technological solution to the reputation systems problem. As it is, there are lots of advantages to having a centralized system that we can take advantage of because we don't live in a repressive society.

Its also worth pointing out that you are not required to connect any personally identifying information to your MemeStreams account. You must connect a functioning email address, but anonymous email addresses are easy to obtain. This requirement simply exists because you can use MemeStreams to generate email, and so I need a functional return address to tie those emails to.

However, your MemeStreams cookie does connect your computer with your account, and we are currently saving all of our web server logs, which do store detailed information about clickthroughs tied to user accounts and IP addresses. This kind of data retention is not different from the data retention performed by other websites on the net that require accounts. Also, I think that the intrusiveness of MemeStreams is not as significant as that of search engines. Having said that, I think this is a problem. Rattle and I have started discussing a policy of expunging server logs. This post will hopefully further that discussion, but there are a few things we need to figure out before we start deleting stuff.

There have been some discussions of storing more clickthrough data in the reputation system in order to make it more responsive to changes in your preferences over time. This discussion makes it clear that privacy considerations need to come into play in terms of how those changes get implemented. Thanks for underlining that concern for us.

Big Google and Big MemeStreams and Big Brother



 
 
Powered By Industrial Memetics
RSS2.0