In a world embedded with multi-layered technologies and multi-channel communications, traditional notions of privacy are being used as yardsticks to measure infringement. As Roscoe Pound stated, law is minimum morality. So long as an internet service provider does not breach the law, I cannot fathom how users of internet services can impose higher thresholds of morality upon service providers. Right to privacy should be looked at purely from a legal perspective and not measured from a moral threshold.
Google?s new privacy policy does not, in any manner, breach the privacy laws applicable in India. To contain information and limit its usage to a particular service, without inter se transfer of information amongst various services provided by a single service provider, is to impose extralegal restrictions on service providers. In a world driven by mergers and amalgamations, it is but natural that information collated by a particular service provider can ultimately find its way, in due compliance with the laws, to another service provider. That being the case, it would be otiose to expect Chinese walls between multiple services being provided by a single service provider.
Multiple other service providers, and many large ones at that, have already changed their privacy policies to provide free flow of data amongst their various services. By raising a hue and cry, when Google does so, are users applying differential thresholds to different service providers?
It is ultimately the user?s discretion to use as many or as few Google services. One can have a Google account and choose to use Gmail, but not use Google+. Google provides the flexibility to choose any combination of services being provided by it. The privacy policy changes do not affect users? existing privacy settings. For example, if a user has already used privacy tools to opt out of personalised search or advertisements, the user will continue to remain opted out and the alleged breach of privacy, therefore, is fictitious.
Technology provides for multiple privacy-protection measures. If a user does not wish for his information to be collated and shared, he has the choice to chat ?off the record? or browse in ?incognito mode?. Logged-in users can also edit or turn off search history and control the way Google tailors advertisements to users? interests. A conscious user should therefore use technology
to protect privacy, rather than expect the service provider to be the safe-keeper.
While the collation of data by Google allows Google to target more relevant advertisements at the user and provide improved search results, it also helps surface one?s own data when the user needs it. I would rather prefer for search results to be more relevant to me than question the technology by applying extralegal and moralistic thresholds. A search for ?polo? for me should provide information on cars rather than on a game that humans play on horses. It is of no relevance for me that the game originated in Manipur in India. I would rather want to know whether the car comes with GPS.
If a user really expects higher thresholds of privacy, he/she can achieve that by the creation of multiple email accounts for different purposes. For example, information from a work account will not be synced with data from a personal account, by Google. Integration of user information across services for a particular account will be restricted only to that account.
If a service provider provides multiple services, I would prefer that the service provider has a comprehensive set of terms and conditions across all services, rather than provide specific terms and conditions for each service. All users are not lawyers and would prefer that the terms and conditions be simple, straight-forward and precise. Google?s new policy does exactly that.
The author is a constitutional and technology lawyer, and the Secretary of the India Section of the International Commission of Jurists
Nishant Shah
Whether we like it or not, we live in a world that is rapidly being Googlised. Apart from its core functions like search and email, we consume Google services and products around the clock and around the click?YouTube, Calendar, Docs, Google+, Google Reader, Google Analytics et al. On March 1, 2012, our increasingly co-dependent relationship with Google will reach a new stage of commitment as Google consolidates its privacy policies for the entire Google universe. If you are logged into your Google account, all your information across Google?s different platforms will be clubbed together to form a comprehensive profile of what you do online.
Google has suggested this will personalise your interactions with Google platforms. The videos you watch on YouTube might influence your search results; the links that you click on will affect the advertisements displayed to you; the mails that you read will establish proximity with your friends on Google+ … A comprehensive profile of who you are, what you do, what you like, what you share and what you hide will be created. Google has shown unmatched commitment to transparency on user data retention, storage and usage over the years. However, a centralised profile on users rings a few alarm bells for me. There are three use-cases that immediately crop up with apocalyptic implications.
Death of anonymity: One of the biggest strengths of the internet, as a space for both political dissent and freedom of expression, is that it has allowed people to talk through their avatars without putting themselves in conditions of bodily harm. So, it was good to have a scenario where my activities on YouTube did not get mapped onto my more identifiable profile on Google+ and did not get correlated with my personal interactions on Gmail. Mapping all the actions of a user who might want a more distributed identity might lead to precarious conditions for users living in critical times.
Negotiation with governments: While Google claims that it is committed to protecting the safety of its users, we know that it is eventually subject to the rules of the countries that it operates in. In the past, say in skirmishes with China, we have seen that despite its powerful status, it is not exempt from the demands of different governments. Given the current state of negotiations around censorship that are ongoing in India, it is a little scary to think how users? data can be abused by authoritative government officials. A multi-tiered, distributed system offers users safety which a consolidated one doesn?t.
Inter-platform repercussions: If something I do on a platform gets flagged as objectionable, does it
mean that all my rights to Google World get revoked?
Hidden data collection: One of the things that a lot of people don?t realise is that Google, in its attempts at enriching our user experience, collects more data than you disclose. So, apart from the personal data that you have more control over, there is a range of other data?pages you visit, the time you spend there, links you click on, comments that you write, information you share, etc?which form a part of Google?s algorithms for you. Consolidation of this data through services like Ad Sense and Double Click might also expose you to third party advertisers who might abuse this information that is about you but not under your control.
Google?s consolidation of its privacy policies across platforms signal a new wave of information management on the web, where the earlier free-form distributed information practice is getting mapped on to the physical bodies of the users. While it might lead to better web services, it also means that we need to be more aware of our information practices and start preparing for a web that is going to demand more accountability from its users than ever before.
The author is a digital humanities scholar and Director-Research at the Bangalore-based Centre for Internet and Society