First Totally Bogus Privacy Issue Over Google+ Raised
from the say-what? dept
One of the first things that struck me about Google+ was that the company appeared to be bending over backwards to make the privacy options extra clear and easy to use. It seemed like the opposite of Facebook… and even previous Google efforts, like Buzz. Clearly the privacy debacle around the launch of Buzz taught folks at Google a lesson, which they weren’t going to ignore. So I was a bit surprised to see a headline claiming that there were already privacy concerns about the way Google+ worked. At first, I though that perhaps the company had missed things… but it turns out that (surprise, surprise), it looks like someone is overreacting to a basic feature:
Google’s latest stab at a social network lets you categorize the people you know into different circles, so you can share with your friends what you might not want to share with your family.
The young social network, however, has a feature that lets you reshare what someone posts. By letting you reshare, the post goes beyond the circle or circles it was intended to be seen by. This loophole was first spotted by the Financial Times.
Um. That’s not a privacy loophole. That’s how everything on the internet works. It’s how Facebook works. It’s how email works. In fact, Google’s setup here is even more conducive to privacy than pretty much everything else, because it actually gives you the ability to block that ability on each thing you share. I’m at a total loss to see how this is a “privacy issue.” It’s someone making up a privacy issue.
Filed Under: google plus, privacy, sharing
Companies: google
Comments on “First Totally Bogus Privacy Issue Over Google+ Raised”
That’s how everything on the internet works. It’s how Facebook works. It’s how email works.
In fact, it’s how all communication works since the dawn of man. You decide you *you* want to tell, and you make that decision with the knowledge that anyone can pass anything along to anyone else. If you don’t want something to spread, you better trust the people you tell.
Re: Re:
Shhhh…. They haven’t heard of whispering…
Re: Re: Re:
whshwshwswwshwshw.
(Translation: You dolt! Stop giving them ideas!)
Re: Re: Re: Re:
So basically, Google+ is one great big social Wikileaks!
FUCK!!!!
CBMHB
Re: Re: Re:2 Re:
Anything the U.S. government can do to prevent U.S. corporations from innovating …
Re: Re: Re: Re:
My Chinese whisper translator says that you said
“You Do it. Keep giving them ideas”
😉
Re: Re:
This point can’t be emphasized enough. If someone writes me a letter through the postal service (let me wait while the kids google that…) I can send a letter to a third party to repeat what was sent to me. If someone tells me he raped and murdered a girl in 1990, I can turn around and tell his wife that he raped and murdered a girl in 1990.
This ‘loophole’ won’t be stopped by anything short of mind control.
Re: Re: Re:
It’s a strange thing. When the Internet goes right, it’s a disruptive, radical medium utterly unlike anything that anyone has ever seen before ever. But when it goes wrong, well, the Internet is just like a letter.
Posting to an OSN is not closely like writing a letter. This particular OSN has led people to believe that when they post to a circle, their comms will remain in that circle. To break an undertaking as to how teh OSN will handle the personal information of a user is a privacy breach, regardless of whether or not that user is perhaps a bit naive, or whether there might be umpteen other ways for information to leak.
Re: Re: Re: Re:
This particular OSN has led people to believe that when they post to a circle, their comms will remain in that circle.
No, it hasn’t. It tells you that when you post to a circle, your communication is pushed out to that circle. It would be foolish to expect that nobody within that circle can pass it along to other circles.
Apart from this being common sense, it is specifically noted on the Privacy page for Google+ (if you have the service, go settings -> privacy and read under sharing) –
“The young social network, however, has a feature that lets you reshare what someone posts. By letting you reshare, the post goes beyond the circle or circles it was intended to be seen by. This loophole was first spotted by the Financial Times. “
And reality has a feature that lets you repeat what someone told you. By letting you repeat what others tell you, the message can go beyond the intended recipient and heard by others. This loophole was first spotted the first person who learned to talk.
Re: Re:
and be heard by others *
Re: Re: Re:
first spotted by the first person who learned to talk *
Re: Re:
Correction: This loophole was spotted by the SECOND person who learned to talk.
Re: Re: Re:
Correction: Noticed by first person who learned to talk after telling second person who learned to talk.
Re: Response to: Anonymous Coward on Jul 1st, 2011 @ 10:54am
Technically by the third…
Re: Response to: Anonymous Coward on Jul 1st, 2011 @ 10:54am
Correction: this was first found by the second person who had discovered a third person to talk to.
Today’s Big Story: Journalist, who doesn’t understand technology or the workings of the internet, writes misinformed piece about technology and the workings of the internet.
Preview of Tomorrow’s big story: Misrepresentation of internet fringe group we don’t understand, with extra misinformation parroted from other “publications”
Next Weeks Special Investigation: Idiots believe everything they read.
Re: Re:
I thought we used to be able to do strike through tags?
Re: Re:
Today’s Big Story: Facebook Hires another PR firm to slam googles latest effort at social networking. Idiot journalist falls for the hype.
Social networks + Privacy don’t compute. Don’t be a member of a social network if you value your privacy.
When I whisper to a friend that I’m gay, that friend can whisper it to others, but there’s no chain of custody that I originally stated that. There is frequently doubt.
With a social network, it’s trivial to take something in confidence and blow it beyond the circle of trust. This makes “circles” fairly useless, as anything you say in any circle has the potential to be transmitted to any other circle.
My concern is
My concern is that, if people use Google+, Google pretty much owns *everything* you do on the net. Searching, mail and everything else (the Google+ part).
I’m not sure I would recommend using Google+.
Re: My concern is
If you send me a letter, I pretty much own it to do whatever I please. How is that any different?
Re: Re: My concern is
actually… you don’t own a letter you receive. the copyright resides with the creator of the letter. you could photo copy or scan it and send it around.. but there could be copyright or other consequences.. is unlikely.. unless you published it for profit.
but you definitely don’t own the letter.
Re: Re: My concern is
actually… you don’t own a letter you receive. the copyright resides with the creator of the letter. you could photo copy or scan it and send it around.. but there could be copyright or other consequences.. is unlikely.. unless you published it for profit.
but you definitely don’t own the letter.
Re: Re: Re: My concern is
So I can’t sell a letter I received from Jimi Hendrix as his estate owns it?
Doesn’t sound right to me.
Since when can you demand a letter back?
Re: Re: Re:2 My concern is
Copyright and data “onwenship” are not actually useful frames for establishing practical privacy rights. Too many philosophical minefields. Instead in places like Europe and Australia, privacy rights are created by setting controls on how businesses and governments are permitted to handle Personal Information. The resulting laws are admittedly incomplete; they don’t for example have anything to say about inter-personal privacy, and they only apply to information in recorded forms. But the laws are relatively simple, very objective, easily applied, and they dispel many of the imprecise analogies (like letter writing, letter ownership and whispering).
See also http://lockstep.com.au/blog/2011/01/26/public-yet-still-private.
Re: Re: Re: My concern is
You usually own the letter, unless there is some strange existing contract on the ownership of the paper. You can own a medium of expression without owning the copyright of that expression. The copyright and the expression are different entities in this sense.
Re: My concern is
And for each individual it’s a personal choice if the concerns outweigh the benefits.
I don’t fear Google, I don’t post things I’d be afraid my next employer or a federal prosecutor would have a problem with, and it’s a lot more convenient than programming and funding my own personal social network that interacts with the other services that are used by the people with whom I would like to interact.
Google is a lot less evil than Facebook when it comes to privacy and they make money in ways other than selling your personal information. It also makes more sense for your social network vendor to be the same as your other communications tools such as email and chat so they’ll be integrated better.
Re: Re: My concern is
AOL much?
Re: Re: Re: My concern is
No, because AOL tried to be a walled garden. Google is about enabling access to wider content and they’re not trying to own everything. Google is just providing a bunch of tools. AOL was just run by a bunch of tools. AOL also passed costs on to the users. Google passes costs on to the advertisers.
Re: Re: Re:2 My concern is
they both had to do stuff w/ the internet and therefore the exact same
Re: My concern is
“Owns” is a strong word. In general, for everything you do on the internet, a dozen different entities can retain some amount of data about your activities. The Google Privacy Dashboard actually gives you far more control over what data they keep than Facebook or any other web service. If you haven’t tried it, you should: you can erase or anonymize the majority of data they collect from their various services.
Click down arrow next to your share -> Choose “Disable Reshare”
then people have to copy and paste your text… cause thats really hard.
I wonder who authorized this guy to repeat the information the Financial Times gave?
Get of my lawn!
I wonder who authorized this guy to repeat the information the Financial Times gave?
Get of my lawn!
One limited sense
I share the sentiment of the article and the comments thus far, but I’d like to point out that there is one limited sense in which this may not be quite the same as “how everything on the internet works.”
I can repeat in public anything I can read in a private forum or in e-mail… but I can’t (easily and with publicly available information) prove that I didn’t change it or make it up. I haven’t seen Google+ yet, but if this works like Facebook’s “share” feature, the shared post documents the source of the original post… it’s no longer deniable, unless you’re prepared to claim that your account has been hacked.
I’m not sure that’s important, but it is a difference.
It would also be unfortunate if Google+ has implemented this feature so that a person sharing a friend’s post can easily not realize that the originator meant for it to be restricted. People tend to forget about things and follow the default most of the time; if posting to a selected “circle” doesn’t automatically check the “don’t allow sharing” flag so that the user must think to un-check it, hilarity will ensue.
Re: One limited sense
A very important point. In this case, the people building Google+ could improve privacy by leaving out authentication, so that the first recipient cannot prove that the forwarded message is genuine.
Better still, they could build in an optional (default-off) Google+ cryptographic signature system. If I want to send you something confidential, I leave off the signature; if I want to nail my colors to the mast, I put it on.
(Note that in the real world, some people tend to believe gossip, and some others tend to be believed, even without proof.)
Re: Re: One limited sense
If you send me something you don’t want me to be able to share, what will prevent me from simply taking a screenshot of it? There has to be something on it that tells ME that it is from YOU otherwise it would just be considered a spam from some Anonymous Coward.
As others have said, there is NOTHING that can prevent someone sharing information given to them by another person.
Re: Re: Re: One limited sense
You seem to have a couple of different concepts mixed up. I’m not sure exactly where to argue with you.
Do you agree that if I send you something (in a controlled system like Google+) you can be sure that it came from me? (If not then there’s really nothing to argue about here.)
Do you agree that you can fake a screenshot? That is, change the text but keep the “From: Beta” at the top? Or just make up the whole thing?
Do you agree that without strong authentication (e.g. a cryptographic signature) it is impossible to tell whether a screenshot has been tampered with?
There is more than one kind of information; having a copy of some data is not the same as having knowledge of its provenance.
P.S. there is a very clever way that I can prepare a message with a cryptographic signature that only you can authenticate, but I think the math would be a little inappropriate for this forum.
Re: Re: Re:2 One limited sense
You’re right, but I think this distinction is kind of irrelevant to the question of whether or not this is a “privacy issue”
Firstly, you’re not really talking about privacy, you’re talking about culpable deniability. Privacy through uncertainty is no real privacy at all.
Secondly, while Google+ makes it easier to pass something along, it doesn’t change the root concept: that information doesn’t necessarily stop at the intended recipient. That’s just a fact, and anybody adopting a new communication platform who expects the opposite is expecting magic.
easy vs possible
Eh, I don’t know if this is a “privacy issue” in the sense of some serious failure on their part. But a lot of privacy has more to do with ease of information sharing than whether it’s possible *at all*, and more to do with the clarity of norms than explicit prohibitions. Someone COULD copy the contents of a private e-mail (or, by hand, the contents of a private letter) and forward it to hundreds of friends. But that would be both effortful and rude. If I share a photo with my “Friends” circle, I realize they COULD save and reupload it if there’s not sharing functionality built in… but they’d have to be big jerks (and ergo probably not “Friends”) to make the effort to do so if I’ve signaled via my settings that I don’t expect these pictures to be more widely circulated. It’s not a question of the service “violating my privacy,” which is the unhelpful frame of most of these stories, but facilitating social signalling about the information norms we expect friends, peers, and colleagues to respect.
Not an issue
Beyond the other arguments that the issue here is basic human communication rather than a technology issue…
“In fact, Google’s setup here is even more conducive to privacy than pretty much everything else, because it actually gives you the ability to block that ability on each thing you share.”
I’m pretty sure this should nip 100% of this issue in the bud before it becomes an issue. With this feature, the only reason something wouldn’t remain private is if the original poster forgets to make it private, and if they do, then the fault doesn’t lie with Google, it lies with the idiot who forgot to check the damn box.
Or in other words, this is another case of a flawed user, not flawed technology.
Another example of Russell's Law
Many years ago, when I was writing crypto code during the first bubble, I had a stock answer for the marketing folks asking for impossible things, like workable DRM. Eventually, I boiled it down to what I called Russell’s Law:
“You can’t encrypt past the intended recipient.”
Taking privacy seriously
Ok, so I am not going to argue that e-mails can’t be fowarded. Of course people should assume that anything they write to the Net can be let loose (and so I have a personal e-mail policy to never write anything, ever, that I couldn’t live with being splashed on a billboard, and that habit has saved my bacon several times).
But …
The privacy issue highlighted here is not totally bogus. I continue to be shocked by the barely disguised loathing that so many netizens have for privacy advocates. Please, think about the issue for a few minutes before flaming anyone who feels that perhaps Google hasn’t lived up to its privacy promises (and please allow for people’s skepticism in these early days of ‘plus’ given Google’s troubled and two faced history).
Privacy is fundamantally about control. Information privacy laws and principles (in places that legislate them) are concerned with protecting individuals against intrusions by government and businesses. The principles call for minimising the collection of Personal Information (collecting no more than is necessary), telling users what is being collected, from where and for what purpose, and undertaking to safeguard information once collected, in particular promising to not put it to unforseen secondary uses.
In the Google+ case, it’s great that they are making the circle GUI so clear and overt. It’s terrific that they provide for limits on how information put into one circle can be disclosed to other circles. But if the system allows those limits to be circumvented, in effect misleading people about the limits that have actuallu been put on their information, then that’s a breach of privacy.
It’s obviously not for Google to make absolute promises about disclosure. Clearly information can be cut & paste from a Google+ account by a disrespectful account holder and sent on by e-mail or whatever. So I don’t say the Google+ weakness identified here represents a grievous privacy breach. But nevetheless, it should be taken seriously, because privacy is about control and promising to provide controls.
Re: Taking privacy seriously
It does provide controls: you can disable re-sharing on any of your posts. It also informs you in the Privacy settings that posts can be re-shared.
The only thing that could be said here is that these controls and that information are not quite as prominent as they could be – but honestly, as someone who has used the service for a day, that seems to me like a simple design flaw. I suspect it will be fixed before the full release, and nothing about it feels like a nefarious or even negligent act of deception. Designing an interface for a service that complex is not easy – there are a tonne of controls and indicators to be sized and positioned, and decisions have to be made (the Share button itself is quite small as well). The re-share controls aren’t hidden, they just aren’t dominant.
So really what I take issue with is people treating this as some sort of misstep or failure on Google’s part. They’ve built a damn impressive service here, but the privacy vultures are ready to throw it under a bus over a button being slightly too small.
No, there's a genuine problem here
Having been surprised by this myself, there is a *genuine* problem with the Google+ privacy model on this point: it gives you the *impression* of doing one thing, while actually do something else entirely.
First, let’s go back to Facebook. When someone reshares a link on FB, it drops your description and any comments. Other kinds of post (photos, status updates, checkins) aren’t easily reshared at all – you have to copy/paste them and the same goes for the descriptions you give posted links.
Now, move to G+ and by default resharing is enabled for everything you post. G+ still drops the comments, but keeps your description. This is generally a good thing, but there’s a few aspects to it that annoy me:
1. The resharing status is hidden away in a submenu rather than being visible when making the post
2. Posts to limited groups still enable resharing by default (the default should be the other way around – easy resharing of public material ala Twitter retweeting, but require a bit more effort to reshare nominally private material – such as copying and pasting or posting a comment to say “Hey, could you enable resharing on this, please?”)
3. And this is the kicker: resharing BREAKS the access controls you have configured on your photo albums
I have all my photos on Picasaweb as an offsite back-up. I shared a few of them with my Friends circle while playing around with G+. One of my friends reshared one of those posts and it meant all of *his* friends could now see the photos in that album.
Could my friend have made copies of my photos and redistributed them to other people against my wishes? Sure, but he wouldn’t do that. What happened was that completely innocently and inadvertently, he bypassed the access controls I had chosen to place on my photo albums, because that’s the way G+ is currently set up to work.
However, this is just a beta – this is almost certainly the kind of bad interaction between features Google will fix before Circles goes live.
Google already fixed this issue btw. Pretty sure another poster pointed this out as well.
See:
https://plus.google.com/108159551615224338529/posts/hrCkgmkoQPn?hl=en&tab=wX
Re: Re:
Doesn’t sound fixed to me – no mention of eliminating the ability for resharing to bypass the explicitly set photo album access controls (which *should* be completely independent of what you post to your stream, but currently are not).
Not a bogus privacy issue and Google should know better - perhaps I should file a lawsuit?
For the last few years I have been developing a ‘Corporate Social Network’ that a large company can put into their intranet.
We are a small business trying to do our thing and do it well.
The concept is for users to create for themselves (or for specialists/experts to create) ‘Learning Circles’ on topics or on anything of interest. As a user, you can then join them, be invited into one or just browse content from public circles.
In these Learning Circles, you place content – from articles, research, videos to events, downloads, project plans – basically any types of content that you might want to group together.
Initially targeted at the Learning space, it became apparent – very quickly – that the concept goes way beyond that and the the whole system is a fantastic social network in general and specifically for large multinationals..
If * I * can see the problem of privacy issues when somebody reposts content from a private Learning Circle into a public one, OR EVEN comments on a public article that has been reposted into a private Learning Circle (ie. the reply is private and should not bee seen publically) and that * I can program the solution easily and logically *, for heavens sake, Google should be able too as well.
Whats hacks me off is that we have been showing and testing our software to some very large companies and now suddenly Google uses the concept and also using a name for these groups that is sooooooo similar to the one we came up with – coincidence? Probably, but who knows.
Okay, I know I have no case to argue that we have been ripped off, but it does annoy me. If Google try to patent the Circles concept though, I have serious prior art.
If anything, Google is spending the big bucks we can’t in educating the market on our behalf and I’m pretty certain that they have a ways to go to match all the features and benefits of our software.
As this website shows us time and again, best to compete in the market than get drawn into legal fights.
There will be many more to come.
If you follow the trail of breadcrumbs back to the source, there’s no doubt in my mind that you will find ‘Experiment 626’ bearing a striking resemblance to a love child conceived by Mark Zuckerberg and the Basset Hound that lives next door to him.