Jeffrey Rohrs mods. Danny Sullivan, Tim Wu from Columbia, Sherwin Wiy from EPIC and Ramez Naam from MSN are the panelists.
Danny rambles on some search history and privacy in 3 minutes to introduce himself.
Sherwin discusses EPIC, which was founded to protect digital media. (1) What search history is crossed reference with and (2) the each of acquiring info from the engines on the Web.
Ramez is here to answer questions about what search engines store and to listen and learn.
Tim is a bit late and he will join us shortly.
Danny added a kudos to Ramez for coming since the other main engines all said no.
Where does the right to privacy stem from? - Constitutional - Statutory - Practical
Sherwin expands... You are trying to prevent unreasonable search and seizure by the government. In the case of Google by DOJ, that was made in a civil case and the rights do not apply there. The EU has taken a sector by sector approach, video privacy protection law, but there is not a lot of law on the civil side for data protection but on the criminal side there is law. He then goes through some john versus doe cases.
What happens when we search? - Information gathered on the searcher? Ramez said when a user issues a search, they know query search, scope of search (web, images), IP address, if you have searched before with that computer (cookie on computer) and that is the bulk of the data. The life span of the cookie is "fairly long." Danny adds that Google's cookie lasts until 2038, the likelihood is that your computer will not be around for more then 2 years, so your cookie will likely expire within two years. Sherwin commented on the IP address, that most often you use your computer back to your home or office and then you can track it back to the isp and then all it takes is a court order to get that data from them. Danny adds they can get all of your information, historically. Jeffrey asks, what is the common run of the mills where this data is getting asked for? Sherwin said often when someone posts negative comments on a forum and companies try to track the forum users with this and this is a major issue. Ramez said for MSN, this DOJ request is the first time they have ever been asked for user data. All that was asked for was a list of query terms over a period of time and some search result pages and it was not personally identifiable, no cookies, no ip and no time of day info sent over. Danny adds that most of the time, in a criminal case, a court will seize a computer and look at search data on a that computer - which is slightly different.
Tim just showed up and he is providing an intro to himself. He teaches law at Columbia law school. He worked at router industry. His interest in search privacy is the economic importance, it is usually framed as the issue of a civil liberties issue. For example, looking for new jobs or diseases they might have.
What happens when we personalize, personalized search... - Considerations include; convenience, consolidation, content targeting and storage.
Ramez said the key thing here is the settings, what you track, stocks, news sources. (1) On your machine, in your cookie, you store this info and (2) you can login and server side we store this information.
Danny said now we can show people my search history and top searches, top sites. Now they have my profile. Yahoo has a similar thing where they can track you and serve ads later (Yahoo Fusion) also AlmondNet does this (I covered this session yesterday - "Targeting Search Ads By Demographics & Behavior"). You really do have a search profile that is identified as you, as much as you share with them about you.
Ramez said there is a concept of a value exchange. They want the convenience of the content. Look at Amazon, and they do a lot with your information. He is not talking about A9, but Amazon itself. Jeffery went to amazon and all these weird books on "play" music came up, which was hilarious.
Sherwin said you cant have a true exchange of value unless you have two informed parties. People must be educated on what they are giving up. You must know what info is being kept, how long and how private is that information. There will almost always be an out for legal disclosure.
What happens when we toolbar search, software on my PC. Tim responds one interesting thing that the law becomes associated with this is European law. All these things are ways to collect data. What is interesting is that European has the most strictest laws on this. Often search companies may think the US law is settled but when they take it to Europe can cause legal issues for a company. The EU said the proportion of what you give versus what you get is out of match.
Sherwin adds that with Google Desktop across computer systems, that gets you to the 3rd party issues, where your data is stored somewhere else. You do not get much protections.
What happens when we do desktop search? - Exposure of all files/data - Saarch across computers - Data indexed and held by the desktop search provider
Ramez said that if the user opted in to give MSN additional data, then they will send up additional data as to what pages searchers for. This is opt in only. MSN is trying to make privacy agreements easier to understand. Goals of MSN is complete transparency, making it easier for non techie people to understand, and providing the nitty gritty of what they are storing.
Danny adds that everything on your computer is at one point at Google. So that is a concern. But its Google, so many more people may use it. So its more of an issue. This does not happen automatically, you have to download the program, install it and so on.
Tim said its an increasingly problem. As much as you trust the US government, you have to worry about other governments on how to "control their citizens." Chinese gov't cares a lot about free speech. US about pornography issues.
Danny adds that people can be searching on private data, i.e. search for a disease on a person's name. But it was not personally identifiable. But they asked for so much information, a month's worth of search data. How you going to store all that data? It open the specter that they want to do data mining, but in this case they don't want to. But the fear down the line they might want to. That freaks people out. Aside from the govt issue is the corporate issues.
What happens when we map? (satellites, Google Earth, etc.) - National security - Professional security - Personal Security - Public Policy
Ramez doesn't have the detailed answers to the questions.
Jeff said there are black holes in Google Maps and who controls that? Does Google do that or does govt do it or can the end user do that. A9.com shows you "block view" and you can see individual people and faces, this is a major issue. World Privacy Forums worked with them to create an opt out for this.
Ramez just announced a street view feature with no opt out, but expect it soon. :)
Danny said this information was out there before Google, Yahoo, MSN and Ask made it popular. With NASA, etc.
Is Anonymity Possible Online? - Privacy Options -- Education -- Vigilance -- Third Party Software -- Legislation -- Litigation -- Go off the grid (aka unplug from the matrix) - Advocacy Group -- EPIC -- EFF -- Others
Danny added why did you make this software without adding password protection? At first it indexed encrypted Excel files, now it does not.
Tim is getting very abstract, since he is in academia, which is kinda cool, but I'm not typing his remarks now.
Sherwin stressed the option of going back. Once you disclose the information, can you take that back at a later day? If you don't have information to give away, then you won't have these issues, so shred the data.
Danny is talking now as "a common sense expert" and as he talks Tim Wu is shaking his head with disappointment and is ready to argue with Danny. Tim has yet to speak. But now Tim is nodding in approval, but Danny is on a different slightly topic. Danny wants to see the ability for people to say, hey, press this button to delete your search history.
SES NYC Tag: sesny2006