Technically, of course, it's my fault. Still, granting other people access to my Gmail account isn't really what I had in mind.
At South by South West (SxSW), the annual music, film and interactive festival held in Austin, Texas, Danah Boyd delivered a keynote address on the difficulty of defining the private and the public in the social-networking age.
Her premise is that people feel their privacy is being violated as soon as they lose control not only over whether their information is public, but how public it is.
She cited some scary examples. Facebook, for example, would prefer its users make as much of their information as public-facing as possible. To that effect, it popped up a message asking if you wanted to change your privacy settings. One 12-year-old girl, who with her mother had carefully set up her account so she could chat with her friends, but remain well-hidden from the abusive father she had escaped, didn't grasp the significance of the pop-up, and simply clicked through.
Sorry Google, but when I click “log out”, I mean, “forget all about me”.
Ivo Vegter, ITWeb contributor
Google had made an equally egregious error when it launched Buzz. Suddenly, contacts and connections that everyone had a reasonable expectation would remain private, were revealed to the world. In the case of journalists and many others, this included contact details for highly placed figures who wouldn't want their e-mail addresses broadcast to the world. Buzz thought we were just chat-buddies with a coterie of CEOs and ministers.
Its error, said Boyd, was not technological, but human. Not only did it not ask customers whether they'd mind their data used differently, leaving them feeling violated, but it introduced a fundamentally public-facing activity, like social networking, into what had hitherto been a very private platform, e-mail.
I have long been of the view that Google's pious motto, promising not to be evil, is both trite and wrong-headed. For a start, only suspicious people have to promise not to do wrong. Besides, Google has the potential of doing just as much evil as anyone else in the technology industry, and possibly more. It owns more of our data than most other companies. For smooth integration of all those lovely cloud services, it relies on privacy settings that would make a whore blush. And the biggest danger is not just self-serving deliberate abuse (although one cannot discount it), but accidental privacy violations.
I was struck with an example just this morning. I happen to still have the Nokia Booklet 3G, which I had on loan for my SxSW trip. It was supposed to have been collected three days ago, but wasn't. Since I enjoyed it so much... wait, sorry. As a security precaution, I took it with me on holiday.
However, it was supposed to have been sterile. All my data, passwords, cookies, logins, pin codes and dodgy pictures involving Texan cross-dressers were supposed to have been deleted.
I know how to do this. I've reviewed computers before. On an unfamiliar platform, or when I'm in a hurry, I'll just restore the device to factory settings, where possible. In this case, I simply went through the software I used, and deleted anything that could be used to get into my bank or e-mail accounts.
Imagine my surprise, then, to fire up the machine this morning only to find a cute little pop-up in the corner announcing my new Gmail messages. How on earth did Google know who I am?
I went to the Gmail site, and no, it had no idea who I was. So it couldn't be that.
It turns out that Google Talk was still active, still set to load on Windows startup, and still logged in to all my Google services, even though I had clicked “log out” on the Google Web page. Despite having logged out in my browser, clicking the mail icon in Talk logged me straight back in, without asking for a password.
Sorry Google, but when I click “log out”, I mean, “forget all about me”. I mean, “I may be on a compromised public machine over which I expect to have no control in the near future”. It means, “sod off”.
Sure, I should have thought of Google Talk. Sure, I should have just restored factory settings. Sure, a really public machine might be better set up with user accounts to automate this sort of thing (although I doubt it, in many cases).
However, this is a clear case where even a fairly experienced user had insufficient control over his own data, simply by virtue of the proliferation of services and logins and their neat integration by Google.
And that, argues Boyd, is when one might feel one's privacy has been violated. I concur. Google sure can be evil.
Share