In the business of theology it is hard not to be controversial - Jurgen Moltmann

Monday, 11 June 2007

各位谷歌/古狗擁躉請注意 ::attention Google fans

Google is found to be the worst player in the internet business in terms of handling users' privacy, according to a recently released research by Privacy International. Read it HERE

............................................................... 

         Google各種超級強力的網上服務向來令人(我)既愛且忌。愛的當然是它的強勁功能,忌的正是強勁功能背後那無孔不入、深入個人私隱/隱私的能耐實在太過驚人。

          長期關注私隱/隱私問題的Privacy International做了一個關於互聯網上各項主要業務/服務的大型研究,近日發表了初步報告 【全文】,把Google排到榜末,列為黑色警告類別,即是侵犯私隱的情況最誇張;連很多人唔順眧的Microsoft,也不過是橙色警告,比Google還要好兩級。

          在批評Google的時候,Privacy International用了一些非常強烈的字眼,譬如說研究過程裡發現Google對私隱問題有「多處缺失和敵意」(numerous deficiencies and hostilities in Google's approach to privacy),又形容它「愈來愈能夠深入鑽探用者細眉細眼的私人生活和生活方式的選擇」(increasing ability to deep-drill into the minutiae of a user's life and lifestyle choices)。最恐怖的是,報告基本上認為,Google公司內部對私隱的態度,「明目張膽地視之為眼中釘,最無傷大雅的時候是含糊不清」 (at its most blatant is hostile, and at its most benign is ambivalent)。

          報告總括Google在私隱問題上的缺失,包括但不限於以下各點,只能剪貼如下,無時間逐一解釋了:

  • Google account holders that regularly use even a few of Google's services must accept that the company retains a large quantity of information about that user, often for an unstated or indefinite length of time, without clear limitation on subsequent use or disclosure, and without an opportunity to delete or withdraw personal data even if the user wishes to terminate the service.
  • Google maintains records of all search strings and the associated IP-addresses and time stamps for at least 18 to 24 months and does not provide users with an expungement option. While it is true that many US based companies have not yet established a time frame for retention, there is a prevailing view amongst privacy experts that 18 to 24 months is unacceptable, and possibly unlawful in many parts of the world.
  • Google has access to additional personal information, including hobbies, employment, address, and phone number, contained within user profiles in Orkut. Google often maintains these records even after a user has deleted his profile or removed information from Orkut.
  • Google collects all search results entered through Google Toolbar and identifies all Google Toolbar users with a unique cookie that allows Google to track the user's web movement.17 Google does not indicate how long the information collected through Google Toolbar is retained, nor does it offer users a data expungement option in connection with the service.
  • Google fails to follow generally accepted privacy practices such as the OECD Privacy Guidelines and elements of EU data protection law. As detailed in the EPIC complaint, Google also fails to adopted additional privacy provisions with respect to specific Google services.
  • Google logs search queries in a manner that makes them personally identifiable but fails to provide users with the ability to edit or otherwise expunge records of their previous searches.
  • Google fails to give users access to log information generated through their interaction with Google Maps, Google Video, Google Talk, Google Reader, Blogger and other services.

          申報利益/冇利益:我自己也有使用Google的幾種產品,常用的包括本網誌、Google Reader(衰貪方便)、Google Search (好難避免);其次是Calendar、Map、Scholar;儘量少用的是G Mail (個人化廣告太恐怖了),還有Google Docs & Spreadsheets (我當然有用其他網上文字處理工具)。 絕對抗拒的是Google Desktop,等於把自己電腦內的一切開放任佢武,咪搞。

          我儘可能把東西分開擺放,當係安慰吓自己咁囉。但是數下數下,原來都Google得好多。

2 comments:

Catitude said...

我第一個反應係: Privacy International係咩組織?

另一方面, 只要你部腦一同茫茫互聯網連線, 你已可假設你的私隱已經冇咁一半。

Privacy International所列舉的事情,就算 google做返晒, 其實都於事無補。又反過黎說,佢唔做亦唔一定有大問題, 只要唔好 do evil, 幫 d 邪惡政權包括中美在全球上億用戶中揀出「反動分子」,再將 d 資料交俾有關政府。所以Privacy International 挑出來的東西, 係make到headline, 但見樹不見林。

p.s. 你個click comment 全部都係讚o既....

Yam 飲者 said...

Privacy International是在1991年正式成立的一個跨國民權組織,是個human rights activists NGO,講得難聽點即是搞屎棍,現總部設於倫敦。
其成立經過和早期目標等等等等可看:http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-145834
機構簡介在這裡:
http://www.privacyinternational.org/article.shtml?cmd[347]=x-347-65428

至於Carla說,「只要你部腦一同茫茫互聯網連線, 你已可假設你的私隱已經冇咁一半。」那又怎樣?恕我無法同意這種觀點。
如果說我穿了短裙出街,就預算會有一半機會走光,或者有一半機會被咸濕佬眼甘甘,那不等於我就要不設防,走光算數,死佬望咪望,話知佢。何況我不認為穿了短裙外出就肯定有一半機會走光。

問題不在於Google或者任何其他網上服務是否do你心目中那種evil,而是它(們)這樣收集處理和儲存資料,非常危險,如警訊所說,被不法份子有機可乘。而且,怎樣才算是do evil,你的定義跟它的可能完全相反;站在某些國家的「國家安全」立場,它們繳出資料是行公義。而且所謂do evil,不一定需要跟甚麼邪惡政權有關係。

如果你附近的醫療服務機構,無啦啦當正你患了某種病,更詳細講出他們認為你的病情,原來是因為你經常網上搜羅某種病的資料,又經常上網訂購某些藥物....(其實你是替朋友買的)....
如果你貪得意用Google Map 3D image看看自己的家,赫然見到自己的愛貓在窗前的特寫 ....
那不會覺得很好玩吧?
[以上兩個都是過去幾個月曾經發生的真實事例]

PS:謝謝Carla,非你提醒,我都沒有留意那click comments全部是讚的,哈哈。那要感激設計的人了,嘻。