The issue of privacy has long been a big interest of mine and lately I have seen it become an important topic in the world of free internet services. You can see some of my views on privacy in a previous post.
John Battelle asked a crucial question about ownership of Google search profiles on his blog, which was followed by a very interesting comment discussion. That question was: who owns my personal search history?
Something happened to me recently that turned this discussion upside down.
A couple of months ago, l was pitching our product to a VC in a coffee house in Palo Alto. He wanted to compare LeapTag to Google Personalized Search, so he logged in to his Google account from my laptop. We had a nice discussion.
A week ago, I received an email from him asking me if the following searches were ones I made recently, and he included a list of searches.
My jaw dropped! Those were all searches I made a mere half an hour earlier - two months after our meeting.
I realized that he had never logged out of my laptop, and that all the searches, personal and professional, that I had done for the last two months using my laptop were now part of his search history. He had access to all of it – as if it were his. Now who owns what?
I cannot begin to express how violated I felt. He had access to all my searches which could potentially reveal a lot about me. I had no idea what he now knew. I cannot even access those searches myself to find out. So, right now, I have no idea what my exposure is.
I think with Personalized Search, Google has created a tool that not only allows Google to spy on people but also allows people to spy on each other.
Since then I have performed a test to verify this behavior. First I created a Google account called "GoogleSpy" :-). I logged into that account from a different PC at work and then I logged in to the same account from my laptop. Google was happy to let me log into both machines and did not log me out from the other (we know from experience that Google does not log you out even after two months!). On my laptop I performed a couple of searches. Here is a screen shot for one:
Now, the only indication that something may not be right is the login name in the upper right hand corner. Busy people that we are, who notices anything in the upper right hand corner?
Then I went to the other PC. Both of my searches appeared immediately in my search history (pretty fast service I have to admit :-)). Here is a screen shot:
The first search is one I made from the PC and the last two are searches I made from my laptop.
Yes, I did give my permission for someone to log in to their Google account from my laptop. However, I reasonably expected Google to log him out after a while even if he did not log himself out. Then I realized that this is probably not a bug, but rather an architectural limitation. Google cannot tell when a person has finished using a particular computer or if in fact if that person actively uses multiple computers. For personalized search to work well, Google needs to capture all of a user’s search activity. While doing that aggressively, Google became a tool for compromising my privacy.
As a result, my search results are not only "owned" by someone else, I don't even have access to them.
I don't want to accuse Google of building spyware because I don't really think that is their intention. But in effect, Google Personalized Search can be used as spyware.
So who owns my search results? Apparently not me.
- Cuneyt
When you are logged in your email address is displayed at the top of most Google search result pages... right next to a logout link.
Posted by: Anonymous | February 02, 2007 at 06:02 PM
At the end of the day, google provide a free tool - and it is up to you if you use it. Perhaps you don't agree with their methods, or like the fact that they are recording your search info ... but you chose to use them, no one is forcing you too.
The google personal searching stuff is scary, scary how you can forget its doing its stuff until you perform a search on someone elses machine and get totally different results. Its clever and useful and does potential violate my privacy, but that's my choice, and it is the price I pay for a better service.
Posted by: mike | February 02, 2007 at 06:25 PM
Google's cookie is set until 2038, so you could wait for a while for the "login" to time out...
Yet another reason why you should put Google in Firefox's cookie domain blacklist. And if you don't use a browser that allows you to ban evil domains like google.com or doubleclick.net from setting cookies, why you should switch.
Posted by: Fazal Majid | February 02, 2007 at 10:45 PM
Personally, I would have noticed immediately if I was logged into someone's account. But I understand how this could make you feel kinda helpless if you don't notice the display in the upper right hand corner.
Posted by: David | February 03, 2007 at 10:26 AM
What fun! Hijack someone's Google account while they're away from their desk! Just get an account with a username that looks like their username. An upper-case "I" (eye) looks like a lower-case "L" (assuming that Google retains case when they display the username), and there are other substitutions that probably wouldn't get noticed.
Posted by: Daniel Brandt | February 03, 2007 at 11:06 AM
In order to protect one's privacy online, one must practice good "internet hygiene": Log out after using any service, clean your browser regularly (browser history, cache, and especially cookies), verify who you are logged in as, etc.
If your hygiene habits aren't good, you can't really be surprised when they fail to protect you from this kind of thing. Don't brush your teeth, get cavities. Don't use a condom, get STDs (or a baby). Don't log out or clear your cookies, get a stranger in your accounts.
Cleaning your cookies is especially important, since many sites out there (which I sometimes end up at when I misspell a domain name) can use scripts to read your cookies and thus help themselves into whatever account you are logged into at the time. Well, it's not quite that trivial, but still pretty dangerous.
I have two different Google accounts I use for many services (one which is personal, used for serious things and for emailing friends and family, and one whose email address is given out online, likely to be spammed, and not trivially connected with my real name), so every time I visit any Google-related page, the very first thing my eyes do when looking at the page (it's almost not conscious) is to see which account (if any) I am using.
I also have more than one PayPal account, bank accounts with three banks, and three OTHER banks that offer me credit. You can bet your behind that I am never logged into any of these sites for any longer than I need to be; As soon as I'm done, it's "LogOut"!
Google puts the Google Account information on the top right for a reason. If you ignored it, and if you don't log out, then that's your fault. And if you're surprised that it did not log you out, then that's your fault too: Upon signing up for a service that holds such precious information, you should have either read about the persistence of its log-in, or tested it, rather than just assumed it works as you wish it did. You know what they say about when you "assume"...
Posted by: bernardo | February 03, 2007 at 12:24 PM
I should also add that I realize you might have never signed up for Google's search-history feature yourself. Someone just went on your computer and logged on to a service that allowed them to see the Google searches you made from then on.
I guess a good part of online hygiene is to let other people use your computer as little as possible, and to monitor them closely when they do.
Although, still, his email address on the top right of each page should have been enough for you to notice it and log him off...
Posted by: bernardo | February 03, 2007 at 01:38 PM
Wow, this article scares the bejesus out of me. I have a much different point of view then other commenters - Google's offering a free service but they absolutely have a strong obligation - if Google wants to be an Internet giant, they absolutely have an obligation to take care of your personal private information (What ever happened to "Don't be evil?"). The same way someone taking my credit card has a legal obligation to protect that from leaking out - Google absolutely needs to protect private information like what searches you are doing.
Google is playing with a loaded gun. It's potentially embarrassing here in the US, but there are plenty of places in the world where governments will "kill" for this type of information.
Posted by: Aaron Newman | February 03, 2007 at 01:56 PM
"The same way someone taking my credit card has a legal obligation to protect that from leaking out..."
Yes, but when you hand your credit card to a cashier or delivery person or whatever, then if you care about your credit card, it's your responsibility to make sure you get it back.
Is it the responsibility of the company who hosts your account (Google, your bank, your credit card company) to make it impossible for you to allow someone else access to that account? Yes, in part. But beyond a certain point, the responsibility falls on the account's individual owner. Yes, Google has the responsibility to make sure no one can access your account unless they have your username and password, or access to your computer. But it's up to you to restrict who gets access to your username and password or computer, and (if you care about your account) to monitor the people to whom you give that access.
Posted by: bernardo | February 03, 2007 at 05:16 PM
Honestly it is partly your fault for not logging yourself out of his Google account... After two months of internet browsing on various Google websites, you had never noticed the guy's email address and logout link on the top right corner?? Do you never use Google?
I do however understand your concern because I am trying to raise awareness on a security issue that stems from the same problem: the fact that people are more or less constantly logged into their Google account and often do not bother to sign out from their personal computer. This implies that all of their Google information is available for viewing by anybody who happens to get access to this computer for a couple of minutes. Google has taken steps to increase security for sensitive data (remember how you said that you couldn't access the searches in the other guy's search history ; even though you were logged in, Google asked you to re-enter the password to see this page). But there are other Google Services which are still not secured. Here's an illustrated example for Google Docs and Spreadsheets: http://lepetitradiateur.blogspot.com/2007/01/suggestion-increased-security-in.html
Posted by: Hugues de Saint Salvy | February 04, 2007 at 12:51 PM
I think this is a broader issue with online applications. When my data is stored outside my company's firewall, who knows what can happen.
I love the applications Google is producing now, but I can't trust that my data is safe.
Posted by: Jeremy Sisson | February 04, 2007 at 08:26 PM
Arggh - I can't believe how many otherwise smart people here are blaming *you* for this! Of course we should all use extreme caution, log out religiously, and change passwords BUT WE DON'T and NEVER WILL! It's up to Google to create routines that protect privacy, and in this they have failed. Not to mention that all searches are logged and tracked at Google to your IP already, giving Google total access to the search history of your machine (which is easily trackable to an individual person).
Posted by: Joe Duck | February 05, 2007 at 12:30 PM
Folks,
Great to see a good discussion on this topic here and on John Battelle's blog. I would like to add a couple of points to the comments made here:
First of all, my bigger concern going forward is the possibility that someone could turn this into real spyware, something that only runs for a few seconds and logs you in to some bogus "Google" account. After that, the mechanism that Google has so efficiently designed would kick in and start sending your searches to the bogus account. Other variations on this may include changing your login to something undetectable by replacing the letter “l” with the digit “1,” as suggested by Daniel Brandt, above. Since the spyware would only run for a few seconds, it could be virtually undetectable.
Second, as some of you have asked, I also asked myself the question “how on earth did I miss the upper right hand corner login for two months?” Let me clarify that I never use the Google main page. I use the little search window in Firefox and directly go to the search results (you could also be using Google toolbar, for example). Here is a link that will take you to a heat map (which tracks eye movement) of Google's search results page, which shows that people almost never look at the upper right hand corner. http://www.eyetools.com/inpage/research_google_eyetracking_heatmap.htm This is probably why Google moved some of their higher-paying ads directly above the search results.
I think it is important to keep these discussions going. It is the best way to make companies pay attention and make their services better.
Posted by: Cuneyt Ozveren | February 05, 2007 at 05:55 PM
Just don't search for anything you shouldn't be searching for...and you'll have nothing to be embarrassed about...
Posted by: jelo | July 23, 2007 at 08:56 AM
Just found this topic while doing a search for what Google is up to.
I have a NEW forum linked to my new site (remotely hosted as I'm not purchasing a domain) and EVERY TIME I post, I notice a googlebot shows up and appears to be scanning my entries. The site is so new, it's not listed on any search engines yet and until/unless I get a counter going on the site itself, I'm unable to see if google is also sniffing the site. I am suspicious and became more so when I saw a news report about Google Street cam or whatever it's called.
It's not paranoia, it's vigilance - what the hell is this company up to?
Posted by: Disseminate | August 04, 2008 at 12:03 AM
this blog is great, I really like has many qualities, for one has very good subject for discucion.
Posted by: Canadian Online Pharmacy | October 27, 2009 at 10:09 AM
great blog about Google the Spy? thanks for sharing
Posted by: buy viagra | January 11, 2010 at 12:37 PM
How can I spy on Google Chrome history?
I think my 10 yr old son is looking at inappropriate webpages. is there any way to spy on his google chrome history or recover deleted history?
Posted by: buy propecia | January 25, 2010 at 09:28 AM
Thanks for all information . I'm very interesting in your blog please send any update.
Posted by: Donde Invertir | February 13, 2010 at 10:12 PM
Hello there, I'm having problems viewing your blog on my iPhone, the comment form isn't showing properly for me. (Just thought you might want to know, I'm typing this from my laptop.)
-Jessica
Posted by: How to Lose Weight | February 27, 2010 at 01:36 AM
could they not just remove the "vulgar" posts from the website and that was it?. We also remember Yahoo! giving information to the Chinese government which then arrested and jailed a Chinese journalist.
Posted by: soft cialis | March 01, 2010 at 06:43 AM
here's the thing , about 4 or 5 days ago i downloaded frostwire to download music, but the thing is i only downloaded 1 song, and a friend had told me frostwire doesn't give you viruses and he said he didn't have a virus on his and it worked fine , so i believed him, about 25 min. after i downloaded frostwire, something popped up saying i had malware , trojan, etc. Now that i used my internet i can only use yahoo, google, and certian limited amount of websites, it blocks youtube, myspace,facebook, sports , and many more websites and says that this website could contain risks and what not, but come on those three websites are trustworthy , the thing that pops up is red and it has two options install , which costs money and continue unprotected. How is it My Antivirus Norton Antivirus didn't detect anything and that crap did , how do i get rid of it
Posted by: generic viagra | March 17, 2010 at 06:52 AM
Something happened to me recently that turned this discussion upside down.
Posted by: sildenafil citrate | March 19, 2010 at 07:39 AM
Well, it's not quite that trivial, but still pretty dangerous.
Posted by: sildenafil citrate | March 19, 2010 at 07:40 AM
this post is worth a read i have already bookmarked the url for a later read.
Posted by: dll files | March 30, 2010 at 06:39 AM