But there is another side to Google, one the company would just as soon you not think about. It's what happens each and every time you look up an old boyfriend or a political organization you heard mentioned on television the night before. Or maybe you're a student trying to track down a terrorist group's Web site for a paper you're writing. Or a church elder who likes to look at pornography. Who knows?
Google knows. According to Lauren Weinstein, an Internet activist and privacy expert based in southern California, Google keeps track of every search that's made, as well as the Internet location of the computer from which the search is taking place -- and then stores that information for possible future use. Moreover, he says, it would not be terribly difficult to trace those searches to the person who made them. That's you and me.
Such tracking is common on the Internet. Amazon.com knows what kinds of books and music you like, and it puts those products in front of your eyeballs at every opportunity. Internet-service providers such as America Online and Microsoft's MSN collect enormous amounts of data about their customers. Same with Yahoo!, which -- with personalized services such as My Yahoo! -- is also more zealous than Google about trying to get its customers to sign up and thus identify themselves.
For all anyone knows, Google is handling private information more responsibly than many other corporations are. So why single out the Internet company everyone loves? For two reasons: First, it's the only online service that virtually all of us use regularly -- 10, 20, 50 times a day; and second, the famously sparse user interface exudes an aura of anonymity. You don't have to register -- you're not even asked to register -- for basic Google services such as searching for Web sites, news and pictures. At Amazon, you know you're being watched. But you might be surprised to learn that Google is watching, too.
"Google has some wonderful products. I use it all the time. I'm as dependent on it as anyone else is. But that doesn't change anything," says Weinstein. "The 'Google is so neat' kind of haze that surrounds this has blinded people into failing to think one step beyond."
WEINSTEIN, THE CO-FOUNDER of People for Internet Responsibility, first publicly questioned Google's privacy practices last month with a post on his weblog (lauren.vortex.com) titled "The Dark Side of Google." Among other things, he wrote, "Google has created a growing information repository of a sort that CIA and NSA (and the old KGB) would probably envy and covet in no uncertain terms -- and Google's data is virtually without outside oversight or regulation."
Here's how it works, according to Weinstein. Every computer attached to the Internet has something called an "Internet protocol," or IP, address, which is a string of four numbers separated by decimal points. At work, your IP address is likely that of your company's dedicated network; it never changes, and anyone who obtained that IP address would be able to trace it back to your workplace, if not necessarily to your desk. At home, if you're using an Internet-service provider such as AOL or EarthLink, you have what's known as a "dynamic" IP address -- that is, your IP address changes on a fairly regular basis.
Still, a Google search could be traced back to you if someone knew you were using a particular IP address at a particular time -- information that Google does not have, but that your Internet provider does. Someone armed with a subpoena -- say, your soon-to-be-ex-spouse's divorce lawyer or an FBI agent who's curious about your interest in chemical warfare -- could pay a visit to your Internet provider to find out who was using what IP address when. This is exactly how the music industry has busted illegal file-sharers: investigators cruise services such as KaZaA and LimeWire looking for the IP addresses of computers on which copyrighted files are available for download. After they've got that information, they need only pay a visit to EarthLink or wherever to match the numbers with names.
Perhaps none of this is particularly surprising. But Weinstein offers an additional wrinkle: He claims Google is actually storing all this stuff so that it can go back and conduct market research or develop new products. Or respond to that subpoena. This struck me as truly innovative and troublesome, so I asked Weinstein how he knows this. His response: "My source on this is a former highly placed Google person whom I have met with face to face. To protect him, I have not publicly stated his name. But I am satisfied personally, having known him for many, many years. He certainly would have been in a position to know. That's as far as I can take that, unfortunately."
It wouldn't be fair to disparage Google on the basis of anonymous information once removed. But the thing is, the company doesn't deny it. I sent an email to Andrew McLaughlin, Google's senior policy counsel. But rather than respond, he forwarded my email to the company's public-relations staff. After several days of polite back-and-forth, company spokesman Steve Langdon sent me an email statement that I quote in its entirety: "Privacy is an issue about which Google cares very much. In all the products we develop, we pay very close attention to how the products and their features relate to user privacy and we make design decisions and policies to protect privacy. Google also provides users with information about privacy in our privacy policies that are posted on our web site."
That's true. The most relevant part of that policy would appear to be this: "Google collects limited non-personally identifying information your browser makes available whenever you visit a website. This log information includes your Internet Protocol address, browser type, browser language, the date and time of your query and one or more cookies that may uniquely identify your browser. We use this information to operate, develop and improve our services." But claiming that your IP address and cookies are "non-personally identifying information" is, at best, a gross underestimate about what a skilled investigator could do with it.
"When you amalgamate all the results of this sort of tracking, especially if you've got a dedicated IP address where people can zero in on a specific household, a remarkably clear picture of who you are and what you think and what you believe" can be assembled, says Steven Rambam, a private investigator based in New York who uses online databases for much of his work. "Everything that you're interested in and everything that your daily life is focused on can be recorded and tracked back to a particular machine."
Last July, for NPR's On the Media program, Rambam demonstrated how easy it is. Within 10 minutes, he had found co-host Brooke Gladstone's Social Security number, previous addresses, how much she'd paid for her current house, even the name of her sister. Rambam told me that he supports the idea of public information being publicly available. "Frankly, I think the average person has a right to see if their nanny used to be child molester, if their tenant stiffed the previous three landlords," Rambam says. "There has to be an intelligent balance, and, frankly, I think that's where we're at right now."
Gladstone, who was on the receiving end of Rambam's investigative efforts, told me that she felt "a kind of generalized queasiness, a kind of tightening in the pit of my stomach" to see how easy it was to dig up personal information about her. She adds, "I suppose you could go off the grid, but that's just not the way most of us want to live. I like my credit card, I like having a cell phone, I like participating in the financial institutions to the extent that I have a mortgage. I like to partake of the fruits of our democracy. But now it's all so easy. It isn't that a lot of these records weren't public before. It's just that it's instant and it's global."
And that's exactly it. You don't want to be bothered to protect your identity. Life without privacy is seductive -- first, because you don't necessarily realize how compromised your privacy has become, but second, because it's nice to visit Amazon.com and get those book recommendations tailored to your interests. It's great to log on to AOL and see the weather forecast for your small part of the world. It's helpful to be shown custom-delivered advertising when you search on Google.
"The dark side of Google is actually part of the light side," says Kevin Bankston, an attorney with the Electronic Frontier Foundation, in San Francisco. "All of these companies are trying to move toward trying to personalize your Internet experience and make it a better Internet experience. But that means collecting and studying an enormous amount of information about you. In many cases, consumers are willing to make that trade-off."
In other words, Orwell was wrong. Huxley was right. We're not losing our privacy because the forces of evil and oppression are taking it away from us. We're losing it because we're giving it away, whether we know it or not. What we're getting in return is stuff, convenience, information, an easier way of life. And we like it.
SEVERAL YEARS AGO, a computer-privacy expert named Latanya Sweeney tracked down confidential information about former Massachusetts Gov. William Weld's health from a database of state-employee insurance claims that was supposed to be anonymous. She knew he lived in Cambridge. With that as a starting point, she obtained publicly available voter-registration records, and then used those to make the match. Other electronic alchemy was involved, too, obviously, but the point is that she had no problem doing it. "Only six people had his birth date, only three were men, and he was the only one in his five-digit zip code," Sweeney told Newsweek in October 2000.
Sweeney, who is now director of the Laboratory for International Data Privacy at Pittsburgh's Carnegie Mellon University, did not respond to emails or a phone call seeking comment. You'll find some pretty creepy things linked from her Web site, privacy.cs.cmu.edu/people/sweeney. Like CameraWatch, a compilation of webcams at universities, cities, beaches, even jails. The other day I sat transfixed, manipulating a camera by long-distance as a student walked across one of the campus quads at George Washington University. Did she even have a clue that she was being watched?
According to Sweeney's Web site, there are an estimated 10,000 such cameras in public places across the United States. Cameras are catching traffic violators -- and, reportedly, occasionally causing accidents, with drivers slamming on the brakes so as to avoid a roboticket. And it's not all government and big business. Spyware has invaded our computers, watching what we're doing and reporting back to sleazoids unknown or surreptitiously turning our computers into untraceable propagation machines for email spam and illegal file-sharing. Combined with the data-collection activities of Google, AOL, Amazon, Yahoo!, et al., it can seem as though we have already crossed the threshold into a perpetual state of surveillance.
And it's getting worse, all in the name of more service and greater convenience. Late last year, Google announced a new project to digitize millions of books at academic and public libraries, including 40,000 volumes at Harvard. Older books whose copyright protections have expired will be available in their entirety; newer books will offer some highlights so you can see whether they're what you're looking for. How great is that? Yet, soon, the books you read can be added to the personal data about you that will be available online. Take out a Google Gmail account or use Google to browse Usenet groups, and you'll become a registered member of Google -- making it that much easier to tie you to your online activities. Amazon is rolling out a service called A9.com that takes customized search to another level -- but only if you register. For that matter, what about those discount cards you carry for the grocery store and the pharmacy? Sure, you save money. But there's another kind of cost: Your every purchase is tracked.
In such a world, Section 215 of the USA Patriot Act almost seems obsolete -- or, maybe, supercharged by initiatives being undertaken by private industry. Section 215 allows government agents investigating terrorism to conduct secret searches of records from libraries, bookstores, doctors' offices and the like with minimal judicial oversight. It won't be too long before Google and Amazon will have amassed exactly what the feds are looking for. And if there is another major terrorist attack, you can be sure that investigators will want to know who's been reading what books online -- information that would be impossible to obtain, obviously, if it involved cash-paying customers in the non-virtual world. Now, granted, if there were, say, a ricin attack in the Washington subway system, it would be hard to argue that government agents should not have access to any records that might help them find the perpetrators. The point is that ever-improving technology is making such clashes between public safety and civil liberties all the more likely to take place.
Ari Schwartz is associate director of the Washington-based Center for Technology and Democracy, which advocates for a whole range of privacy protections. For example, under current law, Web-based email services such as Gmail or Microsoft's Hotmail, which store your mail on a remote server, are less protected from the prying eyes of the government than email that you download to your own computer, as is generally the case if you're using a program such as Microsoft Outlook, Entourage or Eudora. Schwartz's organization wants to eliminate those anomalies. But what's essential, Schwartz says, is for Congress to take a more comprehensive approach to privacy. "At some point," he says, "we need to create something that's more general so that we don't have to write a new privacy law for every new technology that comes along."