Forum Moderators: open
Dear Netscape:
I read your privacy policy, and I have a very specific question for you. Your policy hints at this question in only the most general terms, and is no help at all in answering this specific question.
I am concerned about your operations with respect to Google, Inc., which is operating as your agent for searches from your site.
For nearly two years I have unsuccessfully tried to address the issue of Google's cookies with the unique ID in them, that expire in year 2038. Google has not responded to my concerns. I know that the domain netscape.com does not have access to cookies planted by google.com, but I am also concerned over the fact that Google records not only their cookie ID and the search terms from the searcher, but also records their IP number (this is stated in their own privacy policy).
The fact that the IP number of the searcher is recorded, presents a situation where increasingly, this qualifies the search terms used by the searcher as "personally identifiable information." With the expanded use of broadband, many Web users now have a static IP number. Moreover, with the Patriot Act passed by Congress last year, federal authorities no longer need probable cause to order this sort of information from an entity such as Google, Inc.
Information about an average Web user's search terms is much more valuable than information about which links were clicked, since search terms are a concise summary of the user's state of mind at that point in time.
My question is this: does the backend feed you now have with Google, for search requests from your site, involve sending Google the IP number of the searcher along with the search terms requested?
If so, is this done informally by Netscape, or is this required by the contract you have with Google?
Finally, if this is indeed occurring, may I request that you specifically add this information to your privacy policy?
Thank you,
Daniel Brandt,
PIR president
[ contact info ]
-meannate
No probable cause is required, and librarians served with these orders face prosecution if they talk about it.
The Patriot Act contains additional provisions related to the Internet. These grant additional powers to the feds, and they apply to Google.
While almost all "powered by Google" sites go directly to www.google.com for the search (including the Washington Post's Google search box), the situation is different with Earthlink, Netscape, and aol.co.uk. These three (and the upcoming main AOL feed) do not send your browser to Google for the search. There is no reason why Google should require the IP number of the searcher on these new "powered by Google" sites that get the feed through their own back door.
That's why I'm curious about what the policy is on these new feeds. Google has shown no interest in reconsidering their 36-year cookies, and no interest in periodically purging their IP and cookie databases. If on top of this, Google is requiring the IP number from AOL and others, I feel that the public has a right to be informed of this.
At these three places that use the Google feed, I got some advertising cookies and a couple of harmless cookies (one expired after a day and the other in three weeks). This suggests that they are not fixated on data retention the way that Google is. So while cookies and logging are indeed an industry-wide phenomenon, it's also true that search terms are a particularly sensitive type of information. At the same time, Google, Inc. has proven to me over the last two years that they are particularly insensitive to the social issues involved in their data retention policies.
The CIA had to dump the cookies on their search site when I complained last March. It took less than a day to get action. What's the logic of enforcing a reasonable policy on the CIA's site (which I suspect gets under 50,000 searches per day), while allowing Google, at 150 million searches per day, to keep their cookies for 36 years?
And why shouldn't a "powered by Google" site be able to protect their own customers, by keeping that customer's IP number from being sent to Google?
George Orwell's 1984 often springs back to mind when I consider privacy issues. The only distinction where privacy is concened seems "is it technically feasible to spy on us all?"
In "1984" there was omnipresent spying and "Thought police" took action on very thoughts of an anti state nature.
Enough fiction.
The Post:
---------
Technically it would NOT be feasible to monitor everyone’s mail in detail.
The Public, the Internet and Email:
-----------------------------------
Various European states are discussing that all emails and all web site / web page accesses be logged and be available ad infinitum.
Technically it is possible to monitor and store. Governments want access to this.
Workers, the Internet and Email
-------------------------------
In the work place employers increasingly want to eavesdrop on employees. As it is their equipment and their time they perhaps have a right.
Technically this is easy.
International Email Fax and Telephone:
--------------------------------------
The US admits monitoring satellite uplinked data, telephone, fax, email etc (“carnivore” since renamed). A former security chief admitted data collected was shared with commercial parties.
Technically it is possible to eavesdrop on communications transmitted through airwaves.
Note satellite & facial recognition cctv omitted.
The principle behind these applications appears that when they become technically feasible and budget is available, they are done!
How far would this go?
Suppose it is technically possible today to monitor the thoughts of every human on a continent.
Governments could then catch anyone:
- having anti government thoughts,
- having illegal thoughts,
- thinking about taking a terrorist action,
- Thinking “whatever they wanted to catch"
Would that be ethical ?
Is there an ethical argument for drawing a line in the sand?
Is there some ethical argument that Google, a private organisation may assist this data collection?
If so what is it?
Actually there is a more optimistic way of looking at it which is to say that we still effectively have the same privacy we always had.
When two people are talking together, face to face, they have still normally complete privacy. Perhaps apart from God :-)
Where human invented communications mediums are concerned you can be completely sure that humans somewhere are listening or logging! oh and I guess therefore so is God :-)
I always prefer to be optimistic
My question is this: does the backend feed you now have with Google, for search requests from your site, involve sending Google the IP number of the searcher along with the search terms requested?
In response to my June 24, 2002 inquiry, Netscape replied that when a user conducts a Netscape search from Netscape's website and the search results are generated by Google under contract with Netscape (i.e. the search results page displays the phrase "powered by Google"), Netscape does not send the user's IP address to Google as part of that transaction.
Since Netscape is a division of AOL Inc., hopefully this practice will also apply to other AOL sites that use Google.
