Ask Google to guarantee privacy for the future of reading

Hugh from the Electronic Frontier Foundation sez,

As Google expands its Google Book Search service, adding millions of titles, it will dramatically increase the public's access to books. More and more people will soon be browsing, reading and purchasing books online. But Google may be leaving out the privacy we have come to expect, with systems that monitor the digital books you search, the pages you read, how long you spend on various pages, and even what you write down in the margins.

To ensure that our privacy remains at least as strong online as it is in the physical world, Google needs to do more. With the ACLU of Northern California and the Samuelson Clinic at UC Berkeley, EFF has written a letter to Google CEO Eric Schmidt, demanding that Google take specific steps to protect your freedom to read privately. We've asked that Google only respond to legitimate warrants when the government comes calling, for example, and we've asked that they not share your private reading data with third parties without your permission, among other things.

Now, we need you to join us in the fight to defend reader privacy -- take action and tell Eric Schmidt that you demand the same privacy for your online reading habits that you enjoy when reading paper.

I have some misgivings about the Google Book Search settlement, mostly to do with the fact that a settlement means that Google won't litigate the fair use question of whether making a copy of a work in order to create a search engine infringes copyright. Those misgivings don't trump my delight at the idea of guaranteeing public access to all these books, and the restoration of orphan books to public hands.

But the issue of privacy is much more grave. I want Google to create a binding, written agreement to hold readers' information private, so that the future of reading doesn't include the possibility of warrantless spying on your book-reading activity. For complex legal reasons, it's unlikely that anyone will ever be in a position to give Google a settlement permitting this again, so this is it. The status quo Google sets will be the one that we end up living with for the foreseeable future.

Don't Let Google Close the Book on Reader Privacy

28

  1. Give up, privacy is dead.

    We complain about DRM trying to enforce physical world constraints onto a digital world. We, correctly, say that this is a foolish idea that can not possibly succeed.

    Yet, when it comes to the issue of privacy, people seem to be in favor of enforcing real-world constraints on a digital world.

    Face it. Information of all kinds will only get easier to access, copy, and transmit. That’s not just movies, and music, but also medical records, addresses, and everything. Trying to keep these things private is as futile as trying to make mp3s un-copyable.

    Instead of trying to fight for privacy, we should instead develop strategies to live in a world where there is no privacy. There’s pretty much nobody working on this, and it’s a ticking time bomb. So many structures are build on the assumption of privacy, an assumption which is evaporating. If we don’t adapt these structures to lose that false assumption, it’s all going to fall apart.

  2. Since when did you think the books you read had anything to do with privacy? The FBI can request the books you read from libraries. I worked at Amazon from 95-97 as lead buyer and we frequently had requests from governments agencies and willingly complied.

    Do you think Google would be the first? Right now every book you read on the Kindle goes into a database which can be freely distributed to a government agency. We worked with the feds when I was at Amazon, why would they stop now?

  3. I agree with @1: Just like we would never have been able to get web pages to stop serving up pop-up ads and instead invented pop-up blockers, the fact is we have to take matters into our own hands.

    I see the trend of developing newer browsers and technologies for private browsing increasing. Soon browsing through proxies or Tor networks and creating new logins on the fly will be basic buttons on everyone’s browser. If I think that your website knowing that I browsing from Somerville, MA will help me in what I am doing (movie times or whatever), then I’m happy to tell you. If I don’t, why the hell should you find out?

  4. privacy has always been the privilege of the rich. In time those that can will purchase the virtual identities of those that can’t and then the battle will be over those records and receipts.

  5. As passionate as I am about the topic, I have to agree with APRECHE. The horse left the barn years ago. The books we read are a small sliver of our overall profile. Our purchasing history, medical and educational records, writing styles, our on-line behaviors are much more telling of our philosophical and political beliefs. We’ve failed miserably at demonstrating the value of privacy, and we’ve failed at showing that our digital activities and the profile they create should be treated just as sacredly as our reading habits in the library. Instead, it’s all become a commodity to be exploited.

  6. I can understand why the library may have to keep track of who has what, but why do Google even need to keep track of what we have read in the past? For the purpose of recommendations surely only a limited list of previous titles is necessary or relevant. In fact, shouldn’t I be able to turn off recommendations too?

    It amuses me that they’ve gone straight for ‘only give the data to the proper authorities with a proper request’ and completely bypassed the ‘don’t keep our data unecessarily’ stage.

    Angie

  7. Oh no! What will Google do with this information? Sell me books that I’ll probably like? Damn them!

  8. One more thing.

    Even if privacy were somehow possible, I strongly believe that the immense value generated by sharing information outweighs any potential negatives due to the loss of privacy.

    Sharing all my photos openly with creative commons licenses on Flickr allows me to connect with friends, family, and strangers. It also gives other people material for remixing or what have you. Yet, what harm can come to me due to lack of privacy? Maybe some, but it’s worth it.

    Sharing what books I read on listal/Amazon also has great benefits. People know what books I want, have read, haven’t read, and my taste. This also helps me to connect with others, and others to connect with me. What’s the negative? The government can find out my taste? So what?

    Even sharing my medical records. What do I care if you know? I’m not ashamed of anything that is wrong with me. It’s just the state of my body. Big deal. That information can be useful to doctors, medical researchers, etc. And maybe I could even use it to connect with people who have similar medical circumstances.

    A world that has no secrets is a utopian situation, but we are unprepared for it. Too much of our society depends on secrets and obscurity to get by, rather than relying on actual security.

  9. XENO, thanks for the cold water on all this. SAMSAM, TAKUAN, the few of us that try to hide our activities only make ourselves more suspect. I’ve become a pariah where I work for speaking out on the topic. I think true privacy should be our standard. I worry that the minority of us who still care about it will become at the very least, stumbling blocks to progress and innovation and at the worst “enemies of freedom,” part of some fabricated axis.

  10. The “solution,” such as it is, is to use Google as little as possible.

    I use it only to search for professional-related material. Constraining? Not particularly. If I want to read a book, I buy it. If I can’t find it at the local book stores, I don’t read it. Does that hurt me? Perhaps, but I retain some modium of my privacy.

    “Don’t be evil” is laughable, considering the amount of information they seek to amass about “everybody.”

    Google will never agree to this proposal, because information is their business. Any company which offers “free” email…and data-mines what you have typed in order to show you “relevant” ads is not going to agree to any constraints on their behavior, because having developed these services, they feel entitled to gather every bit (no pun intended) of data about you that they possibly can.

  11. @6: this will be in your mail tomorrow: “Dear Policy-holder (FORMER policy holder): Since the medical records on you we just purchased show you were sick once we hereby cancel your coverage and are also suing you for lying to us.
    Sincerely FacelessCorp Insurance.”

  12. @ the others: go read about life under the Stasi. And remember computers make their methods look pathetic.

  13. APRECHE, you assume that the stable situation we are in will remain so, and you ignore those who are not in as privileged a place. Look at how Christian fundamentalists are(were) using google maps to pinpoint where “the sinners” are. So they can wage “spiritual warfare” upon them… http://repentamarillo.com/map.php
    It seems to be broken now, but these kind folks were mapping abortion clinics, book stores, mosques etc. using google maps. Don’t you think they’d love to exploit all that evil hippie data if they could get their hands on it? As for our medical records, what if insurance agencies could correlate that data with your eating habits, where you live, how long you have lived at each location… and suddenly your rates go through the roof, or they just decide to drop you? I suppose if you think that Utopia dictates that we all follow the same homogeneous path, then, yeah, the transparent society is a swell proposition… We can share photos, and you get the toaster you really wanted. Just be sure that YOUR ideology and life style is the governing philosophy for society.

  14. XENO, that’s a bit simplistic. All states have laws protecting the privacy of library records. They can be requested by law enforcement agencies but only with proper warrents. Librarians don’t just turn them over on request to anybody. I’m surprised Amazon did, because one of the more famous cases on reader privacy, the Tattered Bookcover case, came down on the side of reader privacy.

  15. My public library did not want to be in a position of having to hand over a persons reading list due to a security request from the government that was unsupported by a court order. They polled their patrons and with a majority approval just quit keeping those records.

  16. Apreche clearly forgets s/he EXISTS because s/he lives in a body, that is, in the PHYSICAL, not the VIRTUAL. The physical: all that mucus, blood, those cells, tissue, sweat, saliva, hair, finger nails, bone . . . and, because the body is physical, it is destined for the same thing as every other living thing who EXISTS in the physical world: Aging, illness, Death. The DIGITAL world is ones and zeros, and depends on bodies to keep it going with fossil fuel which also suggests a certain kind of death. But my hunch is, unlike bodies, ones and zeros don’t “feel” any of it.

    Sadly, Apreche has obviously never experienced the benefits of anonymity, or known the freedom of being un-observed, un-monitored, un-surveilled for extended periods of time while living in his/her body. Apreche surely has never had to apply for health insurance for any of the things that are (or one day may be) wrong with his body that he is not ashamed of. Apreche has probably never hiked in the wilderness, lived without a supermarket or in a world without barcodes, or known the joy of skinny-dipping distinct from the mania (or politics) of streaking.

    Apreche is definitely under 35 years of age, maybe even half that age.

    Apreche’s lack of knowing his/her parents, grandparents (his or her “peeps”) history and heritage, and more importantly, their wisdom, and where they found freedom and joy, is what makes it easy for Google to grab power from Apreche. Apreche is not aware: s/he has an opportunity to shape and define “personal”, “private”, “public” and with a little effort, just like in the revolutions and birth of the merchant class of the 18th century, to see even further that s/he CAN participate in shaping the meaning and limits of profit in our own time of Late Capitalism. Maybe it could be done with less bloodshed. It might be useful to be able to distinguish sharing from surveillance, exchange from exploitation. Maybe it is just too much work to think (and feel) about all that.

    Suggested Primers: Blade Runner, Lawrence Lessig, and the artwork of Janine Antoni.

  17. Apreche wrote:
    > Give up, privacy is dead.
    >
    > We complain about DRM trying to enforce physical world constraints onto
    > a digital world. We, correctly, say that this is a foolish idea that can
    > not possibly succeed.
    >
    > Yet, when it comes to the issue of privacy, people seem to be in favor
    > of enforcing real-world constraints on a digital world.

    DRM and privacy are different in critical ways that mean you can’t just reduce them into a real-world/digital-world dichotomy. You must take into account who is affected by the policies, and to what extent those people are affected.

    DRM is primarily a consumer conflict — its existence affects what people consume and how freely they can consume it, and every now and then, it has an influence on what people can say. These things are important, and we fight with the knowledge that DRM’s historical failure to restrict will more than likely be matched with failures into the continuing future.

    Privacy, on the other hand, is more frequently a human rights issue — its existence influences an awesome range of human experience. The effects of privacy (or lack thereof) can be consumer-flavored, like whether or not you get junk mail. It can be personal finance-flavored, affecting whether or not you are granted a car loan or a mortgage. But it can also be life-or-death-flavored, like whether or not government agents beat down your door and throw your wife in prison for tweeting about protests against a stolen election. This makes privacy more than worth fighting for, even if we acknowledge (like we do with entertainment media and DRM) that in a digital world, privacy will be ever more difficult to protect.

    > Instead of trying to fight for privacy, we should instead develop
    > strategies to live in a world where there is no privacy. There’s pretty
    > much nobody working on this, and it’s a ticking time bomb. So many
    > structures are build on the assumption of privacy, an assumption which
    > is evaporating. If we don’t adapt these structures to lose that false
    > assumption, it’s all going to fall apart.

    Developing new technologies structured under an assumption of the lack of privacy is an important part of the overall strategy, but unfortunately it will never be enough. Privacy-enhancing technology is always needed, but it will always be undervalued by its potential users, because no one knows how much privacy is worth until after they lose it in a way that injures them. Moreover, most of these technologies are defensive — they require the articulation of a threat before the construction of a defense.

    Fighting for better policies from companies and better laws for ourselves is the offensive half of the strategy for better privacy. Better policies from companies like Google can construct better expectations amongst the public; better expectations can lead to higher standards in law. This process is a critical pathway that requires committed participants in the long-term, because the law is a place where people without immediate power can write in better defaults that acknowledge their lack of simple power (because it’s easy to have your data collected and kept and shared), but also their rights and equalities as human beings and citizens (because you have a right to know who’s collecting, and for your information not to be kept or shared by entities worth defending against).

    > A world that has no secrets is a utopian situation, but we are
    > unprepared for it. Too much of our society depends on secrets and
    > obscurity to get by, rather than relying on actual security.

    “Actual security” is a myth. Human life and the operation of society are, in truth, exceedingly fragile. A world with no secrets but “actual security” is an impossibility, and a world with no secrets is (similar to this one, perhaps) a world of endless risk and exploitation.

  18. It is important to remember we EXIST because we live in a body, that is, in the PHYSICAL, not the VIRTUAL. The physical: all that mucus, blood, those cells, tissue, sweat, saliva, hair, finger nails, bone . . . and, because the body is physical, it is destined for the same thing as every other living thing which EXISTS in the physical world: Aging, illness, Death. The DIGITAL world is ones and zeros, and depends on bodies to keep it going with fossil fuel (which oddly, suggests unsustainable Life). My hunch is, unlike bodies, ones and zeros don’t “feel” any of it.

    Sadly, we now have an entire generation, if not two, that have obviously never experienced the benefits of anonymity, or known the freedom of being un-commodified, un-observed, un-monitored, un-surveilled for extended periods of time while living in his/her body. Most of these bodies have surely never had to apply for health insurance, or to ask a third party (not a doctor) to get care for any of the things that are wrong with his/her body (ashamed or not). There are scores of young people who never hiked in the wilderness, lived without a supermarket or in a world without barcodes, or known the joy of skinny-dipping distinct from the mania (or political purpose) of streaking.

    This group is definitely under 35 years of age, maybe even half that age, and suffer from a lack of knowing his/her parents, grandparents (his or her “peeps”) history and heritage. More importantly, they don’t know their peeps’ wisdom, and where their peeps found freedom and joy, or where they worked for justice. This is what makes it SO easy for Google to grab power. If you are not aware that you have an opportunity to shape and define “personal”, “private”, “public”, Google has already won. In the revolutions (and birth of the merchant class) in the 18th century peeps participated. You, too, CAN participate in shaping the meaning and limits of private, public and especially profit in the digital age and digital frontier in Late Capitalism. All without facing bloodshed and the guillotine. Police and FBI are another matter, of course.

    “Real” difficulties come, to physical bodies, if you can’t distinguish sharing from surveillance, or exchange from exploitation. Or protection from profiling. Just because a horse is out of the barn does not mean you can’t train him/her, ride him/her, or maybe even win the race and experience the thrill of clearing hurdles. Maybe it is just too much work (physical, requires action) to think and feel (virtual, requires contemplation) about all that when we are so behind on our texting and twittering and shopping Amazon’s suggestions.

    references: Lawrence Lessig, BLADE RUNNER, Janine Antoni (for notions of the “self”)

  19. @#15

    And what makes you think Google is just handing over information without legal warrants? In my example I showed how this has always gone on and still does go on but the article spreads fear and panic about a company that gathers information assuming that they will immediately share the data with the entire world in their search engine. As if I can type in your name and suddenly pull up every book you read. AINT GONNA HAPPEN!

  20. I think some of you misunderstand me.

    I’m not saying privacy is wrong. I definitely see the benefits of privacy, and I think it would be nice to have some.

    What I’m saying is that maintaining privacy is impossible. It’s as impossible as making DRM that works. It’s as impossible as making a free energy machine.

    Even if you want it, even if you successfully argue that it’s good to have it, that doesn’t matter. You can’t have it. It’s better to realize that now, and plan accordingly than to build a tower upon a foundation of false hope.

  21. tomatillocacti
    I have had all the experiences you named, aside from being over 35, and yet still agree with Apache. In fact, I would go further…

    Not only is privacy well on its way to death, but I say good riddance. I don’t think the current situation is good – I think the problem is it doesn’t go far enough!

    I’m not going to live my life in fear of people uncovering my secrets – I have none*. The only thing I have to worry about, the only thing that has ever truly mattered, is the things they keep from me. It is not knowledge that gives people power over others – it is more knowledge. The people in charge already have that, always have had that.

    *Except my passwords. In a free knowledge Utopia I would need those either, but well … Utopias have a poor track record.

  22. If Google knowing things about you worries you, couldn’t you solve that by generating lots of useless random information and mixing it in?

    A script that bombards it with random search requests, reads random books etc. in between your genuine usage.

    You could even spam yourself on gmail with lots of generated (Markov chaining or something) or harvested emails to mask your real ones from their automated reader thingy.

    If medical records aren’t private, people are going to do stuff like not tell their doctor they’re ill, so they won’t lose their job or have to pay punitive insurance premiums.

  23. The EFF seems to be asking for assurances. But a better thing to ask for would be specific technical mechanisms that limit the gathering of tracking information.

    An example of a specific technical mechanism: the ability to download entire collections of books in a standard, beacon-free format onto, say, an SD card at your local library, with neither a Google login nor a library login.

    Some libraries require logins for Wifi access, but this wouldn’t have to work that way.

  24. Griffin – you have no secrets?

    Then please tell us: What are the names, addresses, phone numbers, and birthdays of your family members?

    And if you have no family, do you think everyone is in the same situation as you are?

  25. Apreche, what you are missing is that people want to hang on to *some* privacy. Yes, you are right if you are saying that *total* privacy is not possible. You didn’t use that word, but you imply it with your sweeping generalization that “maintaining privacy is impossible.”

    Just because total privacy is impossible, let’s not dismiss the legitimate desire for, and possibility of, maintaining *some* of our privacy where doing so actually is possible.

  26. @2 xeno: “The FBI can request the books you read from libraries.”

    They can ask, sure. If the library doesn’t maintain records on you they’ll come away empty-handed, though. My library lets you opt out of having records kept. If yours doesn’t, you should lobby them to. (In fact my library may require you to opt in if you want records kept, I don’t recall. That would be preferable of course.)

    In other respects, cat out of bag, yep.

  27. Simply said, Google is in the forfront of giving all into to all. They hold nothing sacred, therefore cannot be trusted. I have a gmail account that i intend to end.

    Good bye gmail. i hope you lose all of your “customers” that you care nothing about

Comments are closed.