Google and our shrinking expectations of privacy

How much control over our information are we willing to give the online search giant and other digital companies?

google privacy

Over the past two years I’ve grudgingly come to terms with the notion that my online activities and even my physical location can be monitored, recorded, and monetized by companies whose services and apps I frequently use. And when I say companies, I really mean Google.

A lot of people feel the same way not just about Google, but Facebook, Yahoo, and any number of digital companies whose main assets are what they know about you. Yet folks mindlessly agree to intrusive terms of service and accept exceedingly liberal apps permissions, all so their mobile devices can tell them where they parked or whether an item they’ve been searching for online is available in a nearby retail store.

I’m not being critical: I am one of those people. I like that my Android phone remembers where I left my car, gives me directions to where I need to go, and autofills my search terms to save me time. While I know I’m giving something up -- unspecified information about myself -- it’s all so vague and out of sight that I accept it with a steadily diminishing level of discomfort.

But a couple of recent news items regarding Google have rekindled by innate distrust of the value proposition offered by the world’s largest collector of information.

The search giant updated its terms of service in April, adding this specific language:

Our automated systems analyze your content (including emails) to provide you personally relevant product features, such as customized search results, tailored advertising, and spam and malware detection. This analysis occurs as the content is sent, received, and when it is stored.

Letting me know where I left my car is one thing; scanning my email so I can have ads delivered to my phone and desktop is another thing entirely. It seems to be crossing a line. Assuming the line still exists.

In the same ToS section, Google assures users that they “retain ownership of any intellectual property rights that you hold in that content. In short, what belongs to you stays yours.”

Well, except your right to not have someone (or something) other than the intended recipient read your email. But when you accept Google’s terms of service, you give up that right. And this goes for emails sent and received on BYOD devices.

I know this is not new and has been going on for some time. I’m just saying that the new language really drives home how much of our privacy we’re giving up to Google and other digital companies, and I think it’s important to step back once in awhile and ask whether we’re still comfortable with the direction in which things are headed.

Here’s the direction, by the way: “When you upload, submit, store, send or receive content to or through our Services, you give Google (and those we work with) a worldwide license to use, host, store, reproduce, modify, create derivative works, communicate, publish, publicly perform, publicly display and distribute such content.”

So when we accept the ToS, we give Google (“and those we work with”) a worldwide license to use our content. It sort of puts a whole new perspective on “what belongs to you stays yours.”

The second news item involves an upcoming feature called Google Nearby that, as Android Police reports, "will allow enabled devices, with extreme precision, to know when they are near each other, and interact according to the context.”

Sounds like it could be useful -- just as many other Google services are quite useful. But check this description from a screenshot captured by Android Police:

“When Nearby is turned on for your account, Google can periodically turn on the mic, Wi-Fi, Bluetooth, and similar features on all your current and future devices. Google+ and other Google services need this access to help you connect, share, and more.”

Yes, many apps routinely access features and hardware on our devices, all of which we agree to when we accept the required permissions in exchange for downloading the software. But there’s something about the “on all current and future devices” that seems excessively presumptuous.

Turning back to BYOD scenarios, what does that mean to IT pros that “current and future devices” can interact with other enabled devices in proximity, anywhere and anytime? Are there security concerns? 

Gartner mobile research director Chris Silva said while there may be some consumer backlash to Google Nearby, "I expect this to be a feature the enterprise mobility management vendors adapt policies to restrict, taking the risk of this feature out of the equation or enterprise."

Electronic Frontier Foundation staff technologist Jeremy Gillula said he was a little hesitant to comment on Google Nearby because the rumored feature hasn't been released. Regarding whether companies with BYOD workers should be worried about this type of feature, Gillula said, "Whenever anyone has a smartphone with an app installed with privacy-invasive permissions, there's a chance those permissions could be used maliciously, not only by the app developer, but also by any law enforcement agency that decides to come along with a warrant -- or sometimes a subpoena, or in the case of the NSA, sometimes almost no legal justification at all."


This story, "Google and our shrinking expectations of privacy" was originally published by CITEworld.

Cybersecurity market research: Top 15 statistics for 2017