Americans Need To Take A More Prominent Role To Protect Their Browsers Against Google’s Tracking

The Obama administration’s consumer Privacy Bill of Rights initiative is a very small step to a desperately needed legislation to comprehensively protect Americans from Internet tracking. Currently Americans have hardly any protections against irresponsible websites and tracking companies. The United Sates is one of the few developed countries in the world where there are no real restrictions on the Internet. In fact, websites are not even required to have privacy policies and they are free to collect just about any private information of Americans to their heart’s content- real names, credit card information, online buying habits, what websites you visited, what you “liked”, your location, your computer information, etc.

So when the White House unveiled the online privacy proposal many were optimistic, including myself. Many are still optimistic that after the Commerce Department finishes meeting with tracking companies, Internet companies such as Google, and consumer advocacy groups that some real change will come out of all this.

But are we just kidding ourselves? Should we really expect real and comprehensive protections to come out these meetings? Do you really think Google (which makes over 90% of its revenues from advertising) and those tracking companies will really allow stringent legislation to pass? I sure do not think so.

There have been attempts to have laws passed for years and they have resulted in nothing so far. In fact, bipartisan members of the US Senate have already introduced privacy protection bills before, including Democrat John Kerry and Republican John McCain. Kerry said,

“Since the 1990s, Congress has been talking about this issue and complaining about abuses but doing little to stop them. Instead of continuing the now monthly exercise of publicly scolding companies, we need to make Congress establish common sense rules of the road that protect consumers.”

He is so correct! It’s definitely common sense to want to protect vulnerable Americans from spying and intrusive data harvesting. Yet, something so obvious is so difficult to accomplish. Why is that?

Of course, much of it has to do with Google’s intensive lobbying. I wrote more on this in a past post – click here

Just last May, Google sent a strongly worded letter to the California State Senate opposing that state’s plans to introduce a stringent Social Networking Act bill.

And now, all of sudden, Google has a change of heart when it supported President Obama’s consumer privacy bill? It’s obviously because Google knows that the bill won’t change anything significantly. It’s all a public relations ploy to pacify Americans to make it look like they will get real protections – not a chance.

Jules Polonetsky, director of the Future of Privacy Forum and former chief privacy officer of DoubleClick (the now Google owned online advertising company) said,

“I think there are a lot of companies that have been concerned by the recent litigation and constant criticism who see this as an opportunity to be at the table and help shape solutions. There have been opt-out options that have been around for 10 years. They run, roughly, at about a 1% opt-out rate. ‘Do Not Track’ isn’t going to make more people opt-out. You still have to go in and adjust the settings and most of us don’t want to bother with it. What it will do is actually make that setting work…if we try to solve all of the privacy issues for the whole industry, we’ll probably be arguing for the next 50 years.”

Google and the tracking companies know that there is mounting pressure for better security on the web and now they think that it would be best if they are allowed in the conversation to produce tough laws – this way, they will have opportunity to not only look good to the public but also have the chance to significantly water-down any privacy bill.

Remember that the proposed privacy plan unveiled by the White House is strictly voluntary. Companies can reject it if they want to, but most won’t because they don’t want to look too bad in front of the public. Once they accept to abide by the bill, they will have to stick by it or face punishment by the US Federal Trade Commission (FTC) for deceptive practices. But the FTC, as noted by EPIC, has so far failed to punish Google for violating its consent order. The FTC doesn’t really have much weight.

Also, remember that the proposed Do Not Track feature will not block tracking. All it does is that it will signal to tracking companies that you wish to not be tracked. However, the tracking companies can still track you and see what you do – they just won’t give you personalized advertisements and make it as obvious to you. They will still have ability to track you under what they call “market research”.

The Do Not Track proposal is at minimum a way to share your preference with tracking companies and Google – but it’s also a dangerous false sense of security.

The best things you can do for yourself right now is the following:

1. Use a secure browser – one that has good default settings that protects your security and privacy. It’s good if a browser has anti-tracking functionality and if it blocks third-party cookies from being set on your browser. Firefox, Internet Explorer, and Safari do great jobs. According to PC Magazine, Internet Explorer 9 has the best anti-tracking tools available – click here

2. You need extra protection for your browser. Get an anti-tracking add-on downloaded to your browser that blocks tracking, full-stop. These anti-tracking add-ons will give you a list of exactly who is attempting to track you and they will block them immediately. They don’t just ask tracking companies to respect your preferences, the add-on will immediately go right in and block tracking anyway – no questions asked. I wrote about this before – click here

3. Block cookies! Make sure your browser is set to block third-party cookies. The privacy advocacy group, the Electronic Frontier Foundation (EFF), has six steps to help protect you better. Step 4 illustrates how you can make sure cookies are blocked on your chosen browser – click here

4. If you use Google’s web browser (Chrome) or toolbar – immediately go and uninstall it right now. Of all the major browsers, Google does the least to protect you against tracking. In fact, Google doesn’t even have an anti-tracking functionality on its browser – the only major browser on market which fails to do so. Asking Google to protect you from tracking is like asking the fox to guard the henhouse.

 5. Finally, you have to proactively fight for your rights! That means you can’t let Google and the tracking companies dilute the important conversations that will be happening in the coming months, which could eventually lead to comprehensive privacy legislation for all Americans. If you let Google dominate the conversation and lobby their way out of real protections for Americans, you will let Google win. You need to actively participate in this struggle by writing and calling up your state representatives in government and the White House. Say that you want real protections, not just feel good stuff!

For more information, please read these articles:

Computerworld, “Obama online privacy plan faces challenges” – click here

Bloomberg, “Obama Web Privacy Framework Boosts Chances for Rules With Teeth” – click here

Time, “Why Google and Others Are On Board with Obama’s Privacy Bill of Rights” – click here

Google Has Too Much Influence In Washington And Abroad

 The same day the White House unveiled a proposal to give consumers more rights and privacy on the Internet – it was revealed that Google hired a government insider to head its lobbying efforts in Washington. Google revealed, in a statement released Thursday, that Susan Molinari, a former New York congresswoman and a once rising star in the Republican Party, will be the vice president for public policy for North and South America. She will be replacing Alan Davidson, who stepped down in November 2011.

Ms. Molinari, a Republican, was first elected to the House of Representatives in 1990, but stepped down in 1997. She worked in television for a period and has been a lobbyist since 1999. She is married to Bill Paxton, who was also a Republican representative from New York and is currently a lobbyist at Akin Gump Strauss Hauer & Feld. Ms. Molinari has extensive ties to the Republican Party establishment, according to The New York Times. Over the years, she has donated a quarter of a million dollars to Republican candidates.

Just this past summer, Google hired an additional 12 lobbying firms to represent it – they did this after an investigation on breaches to user privacy was launched by the US Federal Trade Commission (FTC). That FTC probe eventually resulted in Google paying out millions, admitting to violating the privacy of its users, and agreeing to a 20 year consent order in which the company will regularly file assessment reports with the FTC.

Google is one of the biggest spenders among corporate lobbyists – spending $9.7 million on lobbying in 2011, nearly double the amount the company spent the previous year (an increase of 88%).

Ms. Molinari’s appointment to her new job at the company is a calculated strategy by Google to try to win over Republican support at Congress. According to the newspaper, The Hill, Google has even also been working hard to get former Republican lawmakers to join the company as lobbyists.

Google obviously wants to control how Congress votes and passes its bills by making sure to strategically place Google employees to influence outcomes. By hiring people who already know how to skillfully navigate waters at Washington and who have influence over important people there, Google can make sure it sways things in its favor.

This is especially important for Google and its advertising partners, to completely stop or significantly water-down proposed and future legislation that gives Americans more rights over their online personal data. If laws that limit Google from collecting our personal data are passed, then this is a disaster scenario for the company. You have to remember that Google makes over 90% of its revenues from advertising! Any law that prevents Google from harvesting our personal information to sell to advertisers will result in huge losses for the company. Google will fight tooth and nail to halt any legislation that gives Americans more protections online.

Google has hired other Republicans over the years as well. Google is trying to distance itself from a perception that it’s too close to the Obama administration and, in general, the Democratic Party. Former CEO and current executive chairman of Google, Eric Schmidt, has very close ties with the Obama administration. He is a major party donor to the Obama presidential campaign. In addition, Mr. Schmidt was a member of Obama’s transition advisory board and a member of the President’s Council of Advisors on Science and Technology. He had also been considered for several other positions, including a cabinet position within the Obama administration.

Over 80% of Google executives have donated money to support Obama and other democrats. This isn’t much different from how other Silicon Valley tech company workers spend their money. In 2008, the industry gave then-Senator Obama more than $9 million dollars to support his campaign for the presidency. This was three times what the industry raised for any other politician. It is expected that contributions for to Obama’s 2012 campaign will exceed that number and President Obama is depending on it. These Silicon Valley tech companies now spend more money to support Obama than Hollywood does. President Obama depends on Google and Google depends on President Obama.

The Daily Beast has a great article called “President Obama Courts Silicon Valley’s New Digital Aristocracy“, which discusses this further – click here

In a 2011 report, the advocacy group Consumer Watch compiled a report that details how Google benefits from close ties with the Obama administration. Consumer Watchdog received evidence to back their report through Freedom of Information Act requests – click here (PDF file)

According to the Washington Post reporter, Cecilia Kang, experts have said that lawmakers in Congress are suspicious of Google and feel that it has received too much favoritism from the White House. In response to this – Google is hoping that if it implants high-profile Republicans in Washington, it can start winning support in Congress. Already, there have been several bipartisan efforts made by several lawmakers to put more restrictions on Google and Google has already been grilled recently by a congressional committee made up of both Democrats and Republicans. If Google can divide Republicans by winning over some support of Republican representatives in Congress, the company can eventually conquer Congress. If successful, Google can destroy bills and/or render bills ineffective in helping the average Internet user by watering it down.

Google has already succeeded with this type of political manipulation in Britain. Privacy advocacy groups in Britain have recently accused Google of meddling to stop more stringent privacy laws. Google was able to convince a British government department to ask an independent regulatory authority to reverse its hard-line stance on Internet browser security. For further details on this – click here

So, how the heck was it possible for Google to convince the British government to do what it wanted?

Well, one major reason can be credited to a woman named Rachel Whetstone. If you recall, I first wrote about Ms. Whetstone a few days ago on my site when I gave you a breakdown of her ridiculous convoluted statement after the whole controversy surrounding Google deliberately circumventing privacy settings on Apple’s Safari browser – click here

Anyway, Ms. Whetstone, who is Google’s vice president of communications and policy, is married to Steve Hilton. Mr. Hilton is the Director of Strategy for the British Prime Minister David Cameron. Both Rachel Whetstone and Steve Hilton were godparents to Prime Minister Cameron’s eldest son (who sadly passed away three years ago at just 6 years of age).

Opposition parties have accused the British government with having too close ties with Google and a prominent Conservative entrepreneur has even called Google a parasite that drains revenue. There was also the infamous “review” of British IP laws, initiated by Prime Minister Cameron, and nicknamed by others as “the Google Review”. According to reporting by The Register in the UK,

“…it was introduced with a quote attributed to the Google founders by Prime Minister David Cameron. According to Cameron, the Google founders had said they could never have founded Google in the UK, because of copyright law here. There was one slight problem: the founders had never said anything of the sort, and the claim was finally traced to Google’s European public policy director Richard Sargeant – who had led the lobbying for reform of copyright in Google’s favor”

Google will do anything to wiggle its way into any government and influence any politician. If Google can influence politicians, it then can have influence on governments. Google can control the way laws are developed and it controls which laws to dump out completely. Google has enormous power and persuasion. A single company with this much international power and influence is a deeply concerning and, quite frankly, scary.

Call up your representative in Congress and tell them to not let Google control how they vote. If important, comprehensive, and stringent Internet privacy laws for Americans have any chance of succeeding in Washington –  it will be absolutely dependent on Google failing!

Susan Molinari’s tenure is slated to begin in mid-March with the official title of “Google’s vice president of public policy and government relations for the Americas.”

For more information:

The Register, “Labour targets Tories’ Google problem” – click here

The Hill, “Google hires former Rep. Susan Molinari to lead Washington office” – click here

The New York Times, “Google Gets a High-Profile Lobbyist” – click here

TPM, “Why Google Hired Former Rep. Susan Molinari” – click here

Voluntary Internet Privacy Proposal Is A Day Late And A Dollar Short

 Yesterday, the Obama administration made a big announcement to help Internet users protect their data from third parties who collect it without your permission. The White House unveiled a consumer Privacy Bill of Rights proposal that is said to be intended to give online users back control of their personal data. Now, this might sound like great news at first, but don’t get too excited just yet. Let’s take a closer:

The Privacy Bill of Rights does not impose any immediate new obligations on online companies. President Obama said it was part of a broader plan to give Americans more control over how their personal data is used on the Internet.  It consists of seven basic protections consumers should expect from companies:

Consumers would have control over the kind of data companies collect, companies must be transparent about data usage plans and respect the context in which it is provided and disclosed. Companies would have to ensure secure and responsible handling of the data and be accountable for strong privacy measures. It also calls for reasonable limits on the personal data that online companies can try to collect and retain and the ability of consumers to access and ensure the accuracy of their own data.

The Privacy Bill of Rights has received the backing of major Internet companies, including Google. It has also received the backing of the Digital Advertising Alliance (DAA), which represents over 400 media, marketing, and technology companies. The vast majority of advertisements you see on the Internet are from members of the DAA. Their involvement in this seems like a great thing, so far – but let’s keep digging…

The Obama administration wants the proposed Privacy Bill of Rights to function as a blueprint for future comprehensive legislation that can hopefully make it through Congress. Several online privacy bills have been introduced before and have failed to gain much traction over many years. Americans hardly have any protections online whatsoever – and don’t get me started with the lack of protections on mobile devices, which is even worse! By the way, in comparison, European data protection laws have been developed since the 1980s and are much more stringent.

In addition to the seven core principles of the Privacy Bill of Rights, the DAA has finally agreed to allow a ‘Do Not Track’ button to be added to browsers. The browser-based header will signal, to companies that gather your personal data, your preferences. If you indicate that you don’t want to be tracked, the DAA claims that they will respect your preference – to an extent.

But hang on a second!

This do-not-track button has been resisted for years by the DAA and Google – why the sudden change of heart? Excuse me for being suspicious about this, but why the heck would a known privacy violator like Google be all too eager to participate in this initiative to protect personal data? It doesn’t make sense, folks.

Remember, Google is the same company that is facing a 20 year consent order with the US Federal Trade Commission (FTC) for violating the privacy of users; it is the same company that had to pay $500 million to the US government after being found aiding and abetting a con artist; it is the same company that just recently deliberately bypassed privacy settings on Apple’s and Microsoft’s browsers so that they can collect information of their users; it is the same damn company that refused to have this do-not-track button on their Chrome browser for years, while all the other major browsers adopted the do-not-track technology ages ago!

Now you expect me to suddenly buy into this believe that Google wants to do what is best for our privacy – a week before it is about to change its privacy policies so that it makes it easier to sell your personal data to advertisers? Please! I ain’t buying the garbage Google is selling – not a chance!

Julia Angwin, writer for The Wall Street Journal, brought up something important:

“The new do-not-track button isn’t going to stop all Web tracking. The companies have agreed to stop using the data about people’s Web browsing habits to customize ads, and have agreed not to use the data for employment, credit, health-care or insurance purposes. But the data can still be used for some purposes such as ‘market research’ and ‘product development’ and can still be obtained by law enforcement officers.”

So basically, what she is saying is that this do-not-track button is BS. It won’t do anything worthwhile. First of all, it is completely voluntary for the companies to adopt the do-not-track button and if they end up letting users opt-out of tracking, it isn’t going to stop the tracking. It will only limit the amount of personalized advertisements you see. For many these companies, whose sole business purpose it is to harvest your personal data and sell it, they will still see everything you do.

It was recently reported that the American retailing company Target was targeting pregnant women with creepy advertisements of things a pregnant woman might need. The only problem was that these pregnant women never informed Target about their pregnancy and were creeped out that Target not only knew they were expecting a child, but could actually freakishly guess the due date. When Target noticed that people were starting to get creeped out they decided to still send targeted advertisements, but made sure to not make it so obvious. A Target executive revealed to the New York Times:

“With the pregnancy products, though, we learned that some women react badly…then we started mixing in all these ads for things we knew pregnant women would never buy, so the baby ads looked random. We’d put an ad for a lawn mower next to diapers. We’d put a coupon for wineglasses next to infant clothes. That way, it looked like all the products were chosen by chance”

Target was able to do this because they matched customers with an ID number linked to their credit cards or other personal information. You can read more on this by clicking here.

Anyway, the point is that Google and those data analytics companies that say they will respect your information think you’re stupid. They think you won’t know better if they give you a useless button to pacify you, while they continue on doing what they have always been doing. And, unlike Target, the Internet is A LOT more invasive! The Internet is the Wild West, where there are basically no laws to protect you and it’s much easier to obtain personal information. At least Target only collects data on buying habits of customers from their own store – Google collects personal data of you everywhere on the Internet.

Mozilla Firefox, was the first browser to allow users to use a do-not-track button. Internet Explorer followed Firefox’s example soon after, and then Apple’s Safari joined. All major browsers had this functionality enabled, with the exception of Google’s Chrome browser. Mozilla executives released a statement yesterday saying that they were “encouraged” by the news of a Privacy Bill of Rights and felt proud to say that they were first to implement a do-not-track button. However, they made sure to say that while they feel optimistic about the move to increased privacy for users, they will avoid fully endorsing the proposed do-not-track button that the DAA says it will produce in about nine months:

“We want to continue to see Do Not Track evolve through the Internet’s rich tradition of open development and collaborative innovation. Do Not Track is too important to become a product of closed-door meetings rather than through open, multi-stakeholder efforts…If Do Not Track fails to materialize as a productive tool, we’ll look to develop other technical measures to ensure that users’ privacy preferences are respected”

This button will not result in anything good for users and Mozilla already pretty much knows it. This proposed do-not-track button might actually create more harm than good. If people assume that they are protected from tracking, when in actuality they are not, they will let their guard down. People will stop asking for more protections for their privacy online and on mobile devices – while, Google and the DAA will give each other a high-fives for pacifying the public. Phew! No more annoying privacy advocates giving them a hard time!

But not so fast, Google! We’re on to you!

We don’t need a watered-down, meet me halfway, a day too late and a dollar too short privacy bill of rights! We need real change! We need comprehensive and solid protections! We need to completely stop tracking, period; full-stop!

Here is something to think about: even though Mozilla Firefox was the first to implement a Do Not Track button for their users, only 18% of mobile users and only 7% of desktop users activated the functionality on Firefox. It was available for Firefox users for awhile now, and only a small percentage took advantage of it. And guess what – Google and the DAA are well aware of this fact. An opt-in button will not reach the masses, and a useless button will not go far enough to protect users.

When the White House made its announcement yesterday, the true winners were not vulnerable Internet users – the winners are Google and the DAA who were so giddy and self-congratulatory.

For more information, I highly recommend these articles:

• The Wall Street Journal, “Web Firms to Adopt ‘No Track’ Button” – click here
• The Washington Post, “Voluntary guidelines for Web privacy backed by Obama administration” – click here
• Techcrunch, “Mozilla: Welcome Google and Obama, We Invented ‘Do Not Track’ A Year Ago” – click here
• PCWorld, “Obama’s Internet Bill Of Rights Will Be Hard to Enforce: Here’s Why” – click here
• PCWorld, “Universal ‘Do Not Track’ Button: A Recipe for Disappointment” – click here
• Wired, “White House Privacy Bill of Rights Brought to You by Years of Online Debacles  – click here

 

Advocacy Group Sends 16-Page Complaint To Stop Google From Misleading Users

 Yesterday, The Center for Digital Democracy (CDD) sent a 16-page complaint to the US Federal Trade Commission (FTC) asking the federal agency to thoroughly investigate Google and stop the company from implementing its more intrusive new privacy policy, which goes into effect March 1st.

The advocacy group wants the FTC to acknowledge that Google has broken its consent order, which the company agreed to late last year. The settlement between the FTC and Google required that Google should never deceive users again and that any changes to privacy policies should be accepted by users with their full permission (Google refused to let users opt-out of the changes to its privacy policies). The FTC can levy fines of $16,000 per day, per violation, if it concludes that a consent order has been breached.

Google claims that the changes to its privacy policies and terms of service is to simply give users a better experience online, but several privacy advocacy groups (and even 36 US Attorneys General) don’t believe Google. The combining of information is really to create a clearer profile of exactly who you are and sell that personal data to advertisers. Jeff Chester, executive director of CDD, wrote:

“Google fails to tell users in its principal privacy change communications how such data collection, profiling, and targeting practices impact — and potentially harm — their privacy…Google presents the information in a deceptive way that suggests consumers will benefit from the new policy…[Google] has sugarcoated its decision in a manner designed to mislead users…It should have informed them of cross-platform data integration for targeting and the privacy implications therein”

CDD said Google’s own research, done with Nielsen in October 2011, showed that cross-platform data gathering and targeting capabilities is required to increase advertising effectiveness across TV, PC, smartphone and tablets.

Under the consent decree Google admitted it used deceptive tactics and violated its own privacy policies when it introduced its Buzz social-networking service in 2010. The 20-year settlement with the FTC bars Google from misrepresenting how it handles information and obliges the company to follow policies that protect consumer data in new products.

Claudia Bourne Farrell, a spokeswoman for the FTC, said the agency had received the complaint and declined to comment further.

Internet users, at the very least, have the right to know the truth.

For more information, please click here and here

I would also highly recommend you read this article published on CNN by Chester Wisniewski, a senior security advisor at Sophos Inc., titled “Did Google intentionally track you?” – click here

Make Sure To Clear Your Google Search History Before March 1st!

                                                                                                                                                                                                                                March 1st is only a week away and that means Google’s new privacy policy will officially go into effect in a week. This will mean that Google will start combining all your personal data from all Google services (Gmail, YouTube, Search, etc) into one profile of you to make it easier to get to know you better and sell that data to advertisers.

Many people have sensitive data in their search history, data that you really don’t want combined. The Electronic Frontier Foundation says that this sensitive data can reveal information about your location, sexual orientation, age, interests, religion, health concerns, your politics, etc. The data can also be misconstrued – just because you search for something doesn’t necessarily mean you approve of or enjoy what you’re searching.

If you’re one of those people who still keeps a Google account or had an account with Google, make sure you delete all your searches before next week. You first need to sign into your Google account, then go to http://www.google.com/history (alternatively, you can choose Account Settings from the pull-down menu in the upper-right corner of a Google product such as Gmail, Google+, or Google.com. From the Account Settings page, scroll down to the Services header and click on the “Go to web history” link).

Click on the button that says “Remove all Web History”, then click OK to confirm. Done. But make sure to always clear your browser “cookies” before closing it – you don’t want the Google cookie monster to eat up all your personal information. I would also recommend using an anti-tracking browser add-on tool to ward off Google’s tracking devices from spying on you.

For an illustration on how to do this, click here and here

UPDATE

“Note that disabling Web History in your Google account will not prevent Google from gathering and storing this information and using it for internal purposes. It also does not change the fact that any information gathered and stored by Google could be sought by law enforcement. With Web History enabled, Google will keep these records indefinitely; with it disabled, they will be partially anonymized after 18 months, and certain kinds of uses, including sending you customized search results, will be prevented.

If you have several Google accounts, you will need to do this for each of them.”

For more information, please visit The Electronic Frontier Foundation (EFF) website – click here

36 US Attorneys General Tell Google To Stop Violating The Rights And Privacy Of Users

 Today, US Attorneys General from 36 states and territories have written a strongly worded letter to Google’s CEO, Larry Page. The letter expresses deep concern over plans by Google to gather all the personal data of its users across different services offered by the company and use it to figure you out more easily, which will dramatically further deteriorate your privacy.

The Attorneys General called Google’s lack of privacy “troubling” and they reminded Google that Internet users don’t want all their personal data harvested and monetized. Since consumers have diverse interests and needs, they should have the right to diversify themselves when using Google’s many different services, which include YouTube, Gmail, Google Search, Google Maps, Google Android smartphones, etc. Google does not allow for consumers to opt-out of this consolidation of their information, even though this is a fundamental right that should be respected by the company.

Google should allow users to opt-out of this change in Google’s privacy policies and terms of service. Google claims that they are only consolidating personal data to create a better experience for their users – but the Attorneys General don’t buy this argument one bit. The Attorneys General told Google if it was truly meant to make for a better experience – and not really meant to make it easier to sell users’ information to advertisers – then Google should have an opt-in option. Surely, if Google combining users’ personal data would somehow make for a better experience, then people would voluntarily opt-in.

“Your company claims that users of Google products will want their personal information shared in this way because doing so will enable your company to provide them with a ‘simple product experience that does what you need, when you want it to,’ among many other asserted benefits.  If that were truly the case, consumers would not only decline to opt out of the new privacy policy, but would freely opt in if given the opportunity. Indeed, an ‘opt-in’ option would better serve current users of Google products by enabling them to avoid subjecting themselves to the dramatically different privacy policy without their affirmative consent”

The Attorneys General also made sure to hit back at Google’s inconsiderate and nasty comment to those who criticized Google’s plans to combine users’ personal data. People who were criticizing the company for not providing an opt-out were told by Google to stop using Google’s services altogether. Google said that the ultimate opt-out was to quit Google’s services and that critics should accept the changes or get lost.

Although many would absolutely love to quit Google for good, it isn’t as easy as Google is making it out to seem and the company knows it. In hindsight, we know Google is a wolf in sheep’s clothing and that their famous motto “don’t be evil” was just used to make Google look good. Even the late CEO of Apple, Steve Jobs, called Google’s unofficial motto (which, by the way, they dropped in 2009) “bulls**t”.  It’s too late for regrets now. We have created a monster and it’s definitely ALIVE!!!!!!

Google is so deeply embedded in our lives and pretty much has a monopoly on search. Since Google is able to reach millions of users all over the globe, it has enormous impact. Even if the most concerned users took steps to dump Google from their lives, Google will still have a hold on millions of unwitting victims of tracking. In addition, Google is present on websites not owned by the company via their tracking tools. Google places tracking devices on millions of websites all over the Internet and they know every one of those sites you have been on. What’s even worse is that even those who reject Google’s products are still targeted by Google. This past weekend we learned that Google deliberately bypassed security settings on Apple’s and Microsoft’s web browsers to track their users. It’s like it’s impossible to get away from this monster!

“This invasion of privacy will be costly for many users to escape. For users who rely on Google products for their business – a use that Google has actively promoted – avoiding this information sharing may mean moving their entire business over to different platforms, reprinting any business cards or letterhead that contained Gmail addresses, re-training employees on web-based sharing and calendar services, and more. The problem is compounded for the many federal, state, and local government agencies that have transitioned to Google Apps for Government at the encouragement of your company,and that now will need to spend taxpayer dollars determining how this change affects the security of their information and whether they need to switch to different platforms.”

It’s also expensive to escape Google. Google’s smarphone software, Android, is on an estimated 50% of all smartphones out there. People who purchased these Google powered phones did so under the impression that their personal information was going to be used in one way and now it’s going to be used in a different way. Google can’t reasonably expect these people to simply break their contracts and throw out their phones now that Google has plans to change their privacy policies. Google knows that these people’s personal information is “held hostage”.

Furthermore, the Attorneys General brought up another important point about the potential danger Google is risking in harvesting and combining personal data:

“Those consumers who remain in the Google ecosystem may be making more of their personal information vulnerable to attack from hackers and identity thieves. Our offices litigate cases of identity fraud with regularity and it seems plain to us that Google’s privacy policy changes, which suggest your company’s intent to create richer personal data profiles, pose the risk of much more damaging cases of identity theft and fraud when that data is compromised, a risk that will grow as instances of computer hacking grow. With this newly consolidated bank of personal data, we foresee potentially more severe problems arising from any data breach.”

The Attorneys General have asked Google to respond to their letter no later than February 29th, 2012. Google’s new privacy policy and terms of service takes effect on March 1st. Meanwhile, privacy advocacy groups have applauded the Attorneys General letter to Google today,

“We’re pleased the state attorneys general have weighed in on this important issue,” said John M. Simpson, Consumer Watchdog’s Privacy Policy director. “Google has spun the new polices as ‘improving user experience.’ In fact it’s about amassing even greater digital dossiers about you. You’re not Google’s customer, you’re Google’s product.”

The states and territories signing on to this letter include: Arizona, Arkansas, California, Connecticut, Delaware, the District of Columbia, Guam, Hawaii, Illinois, Indiana, Iowa, Kansas, Kentucky, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Montana, New Hampshire, New Mexico, New York, North Carolina, North Dakota, N. Mariana Islands, Pennsylvania, Puerto Rico, Rhode Island, South Dakota, Tennessee, Texas, Utah, Vermont, the Virgin Islands, and Washington.

To read the Attorneys General letter in its entirety, click here (PDF file)

Use Anti-Tracking Tools To Boost Your Browser Security And To Ward Off Google’s Spying

 Okay, so we all know that Google tracks your every move on the millions, yes millions, of websites all over the Internet. Google has the following tools to make this happen: Google Analytics, Google AdSense, doubleclick, googleapis, googlesyndication, etc.

It is almost impossible to escape Google. Almost every site you visit has a Google tracker on it and Google knows exactly what you did on that site. They will know what you looked at, how long you looked at it, what you bought – they even know what ads you simply hovered your mouse over without actually clicking on the ad.

We all know users of Chrome, Google’s web browser, are the most vulnerable of all – but, when it was discovered that Google deliberately circumvented security settings of Apple’s and Microsoft’s web browsers this got me concerned. Both Apple and Microsoft have now been made aware that Google bypassed their security settings and are now working to protect their users from Google’s spying eyes.

All of this got me doing a little more research on these trackers Google is so dependent on to keep an eye on all of us. As you already know, the privacy settings of responsible browsers like Apple’s and Microsoft’s make it so that it blocks third-party cookies from being placed on your browser. These third-party “cookies” are often the type of cookies advertisers use to track you.

First party cookies are usually used by the sites you visit and they do make the online experience better. For example, these first-party cookies remember some of your preferences like what language you use, it keeps you logged on so you don’t have to keep logging on when you leave the site, and they help with online shopping. So not all cookies are created equal and not all are maliciously tracking you. Also, one should obviously expect that a site you visit is tracking your movement. For example, The New York Times wants to know how many times a particular article was clicked on to determine how popular it is.

So, we expect that we will have this sort of relationship with websites we agreed to visit and we’re well aware of this relationship. However, on some of these websites there are mini-sites within those websites that also track you. Many of us are not aware that third-parties impose themselves on us and track us. There are literally hundreds of companies that track Internet users – and many of them are in business solely to collect personal data to sell to others. These are the guys we want out. They are the uninvited nosey guests who are snooping on us, and we don’t even know it. One particular page on the Internet can have dozens of trackers on it.

The good news is that there are organizations that counter these tracking companies. They build add-on applications that you load to your browser; it then blocks all sorts of trackers. Also, believe it or not, those social networking buttons you see everywhere (even on my own blog) are tracking you too. Those “Like” buttons from Facebook, Google, and Twitter – to name a few – are tracking your visit. You don’t even have to have an account with them or be logged in for them to know you have visited a page where their button is on.

Anyway, it’s definitely worth spending some time researching some add-ons to use to block these trackers. It’s great to have your browser security to its maximum level, but the add-ons give you an extra layer of security. You can find add-ons for Firefox, Internet Explorer, and Safari browsers. One add-on I like to use is Adblock Plus, which blocks creepy personalized advertisements on the web – it even blocks ads embedded in videos. So you can watch videos on the web without annoying ads playing in front on it.

PCworld published an article yesterday on “Do Not Track Plus”, which does a great job blocking tracking. You can read it by clicking here

CNET also has an article on stopping the “tracking paparazzi”, click here

ITWorld published four great articles – these two are on tracking on the web (click here and here)

This one discusses the popular anti-tracking add-on called Ghostery. Many of you might already be aware of Ghostery or already use it. Well, you probably want to read this article then. Ghostery is owned by Evidon, formerly known as The Better Advertising Project. (Click here)

Of course there will always be those who criticize anti-tracking add-ons by claiming that they will destroy the free Internet because ads pay for the content you see. I don’t buy this argument one bit. The last article by ITWorld discusses this further (Click here)

Are You Sure You’re Fully Protected Against Google’s Tracking?

 Are you protected on the Internet? What can you do to better protect yourself? What browsers do the best job in protecting your personal data? What is the government doing to proactively introduce laws to protect you?

With so many social networking websites out there and since more of us are spending more of our time on mobile devices than ever before, we need to make sure that we are fully protected from people who want to harvest our personal data.

Google’s social networking site, Google Plus, and its mobile device software, Android, use applications developed by outside companies. When you choose to load these applications (apps) to your profile on Google Plus or to your Smartphone it will allow these apps to gain access to your personal information. These apps can gain access to your phone address book, to your photos, pinpoint your location, retrieve your friends’ contact information, etc. There is a treasure trove of personal data that these apps companies get a hold of – and goodness knows what the heck they do with it all. It’s bad enough that Google is monetizing our personal data without our explicit consent – but it can go further than that.

“Last year, a study by Stanford University graduate student found that profile information on an online dating site, including ethnicity, income and drug use frequency, was somehow being transmitted to a third-party data firm. The data that third-parties collect is used mainly by advertisers, but there are concerns that these profiles could be used by insurance companies or banks to help them make decisions about who to do business with.”

Many people don’t realize what they can get themselves into when they agree to let these companies access their personal data – and Google couldn’t care less about making sure to protect you. Google leaves advertisers to self-regulate themselves and it is often the case that these apps do not even need to ask for permission to access your information. As long as Google can cash its check, it’s happy. You, on the other hand, are left to fend for yourself.

This is why it is critical you arm yourself with knowledge and then take the necessary steps to protect yourself – do not depend on Google to do it for you. Google does not see you as its customer, you are Google’s product! Yes, YOU are Google’s product. Your personal information is gold to Google.

“Personal information is the basic currency of an Internet economy built around marketing and advertising. Hundreds of companies collect personal information about Web users, slice it up, combine it with other information, and then resell it.”

Google’s browser, Chrome, is the only browser that does not block tracking. Google wants your personal data exposed to spying eyes because Google makes over 90% of its revenues from advertising!

If you use Google’s browser, you are the most vulnerable of all. However, we have already seen this past weekend how Google deliberately exposed Apple’s and Microsoft’s users to tracking too by circumventing the browser security of Safari and Internet Explorer. Both Apple and Microsoft have now taken further steps to protect its users from Google.

If you want some information on tracking cookies and how to protect yourself, CNET has an article on this: click here

So, what is the government doing to protect people from these companies?

“United States has no overarching restrictions. Websites are free to collect personal information including real names and addresses, credit card numbers, Internet addresses, the type of software installed, and even what other websites people have visited. Sites can keep the information indefinitely and share most of what they get with just about anyone. Websites are not required to have privacy policies.”

Americans are the most vulnerable, which is why Americans need to take online privacy more seriously. Contact your representative in Congress and ask them to introduce comprehensive laws to protect your personal data. I have discussed on this site before about several bipartisan members of Congress and the Senate who are especially concerned about Google and want to introduce tougher legislation to protect your privacy.

The Europeans have it much better, though. European regulators have stringent laws to protect its people and they are in the process of establishing a “right to be forgotten“. This right will give users the power to demand companies like Google to delete all their personal information when requested. This is so important.

Of course, Google has been devoting a lot of time and resources in lobbying against this “right to be forgotten”. Google spends millions on lobbying now than it ever did before. In 2011, Google spent $9.7 million on lobbying – nearly double the amount it spent the previous year.

For more information on all this, Reuters published an article yesterday: click here

Déjà-vu, Microsoft Says Google Bypassed Internet Explorer Security Too

 Whoa Déjà-vu!

Today, Microsoft has come out with a strong condemnation of Google for bypassing the privacy setting of its browser, Internet Explorer. In a blog post by Microsoft’s Dean Hachamovitch, Corporate Vice President, Internet Explorer – he exposed Google’s lack of respect for Microsoft’s security setting and how Google deliberately circumvented a security tool put adopted by Microsoft to protect its users from spying eyes.

By default setting, Internet Explorer is designed to prevent tracking cookies from being set on the browser and keep out those who want to track your every move on the web from seeing what you’re doing.

Internet Explorer uses something called P3P (Platform for Privacy Preferences) – it works by allowing websites to send information about their privacy policies to the browser, which the browser then reads and makes a judgment to allow or prevent cookies to be set on the browser. It’s a good thing for users because the browser makes sure to check a website’s privacy policies for you before you even have to. This security setting also prevents companies whose sole or main business objective it is to collect personal data of you to sell to advertisers. These companies usually use “third party” cookies, which are the notorious tracking cookies people hate so much. Keep in mind that over 90% of Google’s revenues come from advertising.

However, just like in the case of Apple’s Safari browser, there was a loophole in Internet Explorer’s privacy setting too. As early as 2010, the loophole was known about and could have been exploited by any company which had to will to exploit it. Of course, true to character, Google exploited it.

Since Google neither abides by nor respects the P3p security protocol, it obviously should have been rejected by Internet Explorer. The browser should have not allowed Google’s website from setting tracking cookies. But Google tricked the browser by changing the code the browser uses to read the privacy policies of particular websites.

Instead of Google leaving a certain area in the code blank after the browser asked Google to submit its privacy policies, Google inserted the following text: “This is not a P3P policy!”

The browser does not read human language; it reads code that only computers and technically skilled people can decipher. So when the browser security read Google’s text, it didn’t understand it and so it resorts to doing the same action it would do if that area of the code were left blank – it allowed Google’s cookies to be set. You can read how this all works in more detail by visiting Microsoft’s blog (click here)

Microsoft says that they are actively investigating more ways to protect its users now and has contacted Google to ask for the company to respect the privacy of all Internet users no matter what browser they use. In the same blog post, Microsoft said they come out with a Tracking Protection List available on Internet Explorer 9 that will prevent Google and others from trying to bypass security.

When asked to respond on the latest allegation of privacy and security violations, Google has so far declined to comment.

For crying out loud, Big Google, RESPECT our privacy!

What we need is government intervention to introduce laws to protect Internet users. In the United States, there are hardly any protections for Americans. This is getting ridiculous. People need to demand protection from their representatives before this gets too out of control.

A Breakdown Of Google’s Statement After Being Exposed Spying On Apple Users

The morning after The Wall Street Journal exposed Google’s tracking of unsuspecting Apple users, Google released a statement in an attempt at damage control. The statement, however, is a shameful display of Google’s expertise in twisting the truth and spin. Let’s take a closer examination of the full statement:

Friday, February 17th, 2012 – Rachel Whetstone, Google’s senior vice president for communications released this to the media:

“The Journal mischaracterizes what happened and why. We used known Safari functionality to provide features that signed-in Google users had enabled. It’s important to stress that these advertising cookies do not collect personal information.

Unlike other major browsers, Apple’s Safari browser blocks third-party cookies by default.  However, Safari enables many web features for its users that rely on third parties and third-party cookies, such as “Like” buttons.  Last year, we began using this functionality to enable features for signed-in Google users on Safari who had opted to see personalized ads and other content–such as the ability to “+1” things that interest them.

To enable these features, we created a temporary communication link between Safari browsers and Google’s servers, so that we could ascertain whether Safari users were also signed into Google, and had opted for this type of personalization. But we designed this so that the information passing between the user’s Safari browser and Google’s servers was anonymous–effectively creating a barrier between their personal information and the web content they browse.

However, the Safari browser contained functionality that then enabled other Google advertising cookies to be set on the browser. We didn’t anticipate that this would happen, and we have now started removing these advertising cookies from Safari browsers.  It’s important to stress that, just as on other browsers, these advertising cookies do not collect personal information.”

 Henry Blodget, who writes for Business Insider, wrote that people would need a “PhD in reading-between-the-lines to figure out” what Google actually means by this ridiculous convoluted statement. Google tried once again to deceive people by the way they phrased and worded their statement. The company obviously thinks the general public is too stupid to see right past their truth bending.

 The first sentence of Google’s statement does not entirely dispute the reporting by The Wall Street Journal. The “known Safari functionality” that Google refers to is what The Wall Street Journal called a “loophole” in Apple’s browser security and which Google exploited. It was “known” because the loophole was discovered as early as 2010 and some in the tech community knew about it.

And signed-in users had NOT enabled it – Google did. Google changed the code to trick the Safari browser into thinking the user was filling out a form and it then permitted a tracking cookie to be set. Apple users clearly thought that they were being protected from tracking, so shame on Google for trying to blame the victim.

 As for the claim that tracking cookies do not collect personal information – well, that’s a load of bull, because these cookies hold a lot of personal information. This is what Jonathan Mayer, the Stanford University researcher who first discovered what Google was doing, had to say in a telephone interview:

 “We have a design document that directly contradicts this statement. The social personalization cookie contains a copy of (a user’s) account ID. I don’t know what definition they’re using (for personal information), but a user’s account ID is included in any reasonable definition. That’s the account that lets you pull up their email, search history, the videos they’ve viewed, the list goes on and on.”

 In an amusing mockery of the last two paragraphs in Google’s statement, Henry Blodget offered this analogy, in the communication style Google used, to give you a sense of how ridiculous Google’s logic is:

 “I was walking down the street past a friend’s house, and I thought my friend wouldn’t mind if I went in and watched TV and ate some food. There was a window open, so I climbed through it. While I was in the kitchen, I saw some cash. In a situation that I did not anticipate when I climbed through the window, the design of the house enabled this cash to be scooped up by my hands.”

 This tactic of deception Google has been using for so long to cover its dirty tracks is getting tired. What’s most hopeful, though, is that the general public is becoming increasingly more knowledgeable about what Big Google is really up to. We’re on to you, Big Google – we are becoming resistant to your BS.

 You can read the entire transcript of the telephone interview with Stanford researcher, Jonathan Mayer, where he disputes nearly every point made by Google – click here

 For some background on everything discussed here, CBS News did a great job covering what happened – click here