Privacy Policy

by David Shamah The Jerusalem Post, August 15, 2006

So now it finally comes out: there's a method to the madness of Google's super-generosity in supplying users with mega-gigabytes of free storage space for e-mail, photos, and even upload/download space. Simply put, Google is in league with the New World Order/ the Trilateral Commission/ the Freemasons /the IRS /the CIA and/or the NFL (take your pick).

Or not. But it not, that begs a question: why preserve users search data, not as an aggregate, but as information derived from your user account?

The latest Internet scandal caught major search engine AOL committing a serious (from the user's point of view, of course) gaffe when it inadvertently released information about 19 million search requests made by more than 658,000 AOL subscribers during the three months ended in May. It's all over the Internet! Legal niceties prevent me from publishing addresses where one can obtain this data – which is a nothing more than a backed-up log file that somehow made its way into the public domain from an AOL server – but an astute Web search engine user should be able to find a copy of the

439 MB compressed download, expanded to just over 2 GB gzipped file in a matter of seconds (as I write this, I count no fewer than 50 backup servers hosting this file!).

So how did this potentially embarrassing (if not incriminating) information get off its backup server and onto an AOL server open to the Internet? Well, AOL won't tell, of course, but as one who was for many years a systems administrator “insider” involved in this kind of backup work, I can think of about 100 ways for a zipped backup file to end up on the wrong server or disk – not as the result of a hack by an outsider or a deliberate attempt to embarrass the company by an insider, but as part of very common day to day events that occur in a system backoffice – like, for example, having to reformat a server and copying its contents to another computer for backup, or an automated backup script directing the data to the wrong backup server.

The truth of the matter is that this information means little to outsiders like you and me; all it has is a list of search queries associated with user account numbers. Without the account data, of course, there's no way to match up specific users with the leaked/lost information. But of course that information exists somewhere in the company; and if push came to shove, the authorities could demand data that would link up specific users with search queries, to be used as evidence by law enforcement on cases involving crimes, for example.

This is a potential problem for anyone that types anything into any search engine, of course, but this case is relevant to both AOL and Google users (Google owns a 5 percent stake in AOL, which also accounted for about $330 million of the search engine's revenue during the first half of this year. AOL also depends on Google's algorithms for its search results).

On the other hand, maybe our society needs a little extra supervision now and then. Along with the run of the mill searches for information about news stories, vacation destinations, home buying and selling, etc., were a number of very disturbing searches conducted by users interested in every sordid subject known to man, including porn (child and otherwise), violence, larceny, drugs – a compendium of human woe. One user apparently is up to no good, having searched relentlessly for information on “how to kill your wife,” “how to kill a wife,” and “wife killer,” among other information (http://tinyurl.com/q8x4n). Did or will this guy actually go through with it? Considering the latest foiled terror attack (http://tinyurl.com/r4bcd), perhaps it's a good idea for law enforcement authorities to keep one eye on potential evildoers, the better to protect the rest of us.

Or maybe he was just researching information for a term paper – or a play, or a book, or “How to Murder Your Wife,” the movie (http://www.imdb.com/title/tt0058212/). Do authorities assume that this AOL user was just checking out information in an innocent manner, or do they assume that he was involved in a less than wholesome search for ways to commit violence upon his spouse? Those of us who are members of the post-Watergate generation (http://www.watergate.info, for those too young to know what I'm talking about), the answer is – or should be – the former, because everyone knows you can't trust government. On the other hand, if 9/11 was not a CIA conspiracy to get rid of Saddam or create a UN-run world or impose alien (as in outer space) rule upon humanity (http://tinyurl.com/zxkaj) – if there really is a war going on today between the forces of good and the Axis of Evil – then it would make sense for authorities to look at computer search records as a weapon they can draw upon to prevent tragedy from occurring. On the other hand, we know the abuses government is capable of, and maybe their expanded security powers in other areas should be sufficient for them to investigate whatever it is they're interested in checking out, without looking over our shoulders as we type terms into a search engine.

AOL users have no choice, because they're required to register with the servicer. Theoretically, casual (ie non-registered) users searching with Google should be harder to track down, because they have no specifics the company can identify them with. That's in theory – but in practice, Google sends you a cookie when you conduct a search, the better to make it easier to type in search terms next time. Disabling the cookie, however, will ensure that Google's got nothing on you or your computer (you can do this easily if you use the Firefox search browser; if they use IE, PC users can download a VBS script that eliminates them. Details at http://tinyurl.com/jdlsz). Disabling Google cookies, of course, means you can't use Gmail or any other Google service. Gmail, of course, is famous for the ever-increasing disk space provided for your e-mail (I'm up to 2.7 GB), as well as its encouraging users never to throw away e-mail. So far, the extensive conspiracy theories associated with Gmail have not panned out (http://www.gmail-is-too-creepy.com/), but that, I guess, is the point of conspiracies: They're impossible to believe when they're just theories, but when they actually become reality – well, the muckrakers will have a field day saying “we told you so!”

If you want to get out of the ID game and are willing to dispense with Gmail, check out the IXQuick search engine (http://us.ixquick.com/eng/), which says that it deletes IP addresses associated with user searches (retained by Google even for non-registered users) within 48 hours. Furthermore, “Ixquick.com does not use cookies that uniquely identify its users,” although it does make use of aggregate information cookies, which can be turned off if necessary. Unlike the gobbledygook those “other” guys present you with, IXQuick's privacy policy (http://us.ixquick.com/eng/privacy-policy.html) is a breath of clean, clear air, and its a great way to go if you want to make sure your searches stay out of the funny papers.

Ds@newzgeek.com