Legal advocates push for Google Books privacy

(Credit: Google)

Google should promise to protect the privacy of consumers with its Book Search service, the ACLU, Electronic Frontier Foundation and Samuelson Law Technology & Public Policy Clinic at UC Berkeley Law said in a letter to the search giant on Thursday.

"Under its current design, Google Book Search keeps track of what books readers search for and browse, what books they read, and even what they 'write' down in the margins," the groups wrote in a letter (PDF) to Google Chief Executive Eric Schmidt.

"Given the long and troubling history of government and third-party efforts to compel libraries and booksellers to turn over records about readers, it is essential that Google Books incorporate strong privacy protections in both the architecture and policies of Google Book Search," the letter said. "Without these, Google Books could become a one-stop shop for government and civil-litigant fishing expeditions into the private lives of Americans."

In 2006, the U.S. Attorney demanded that Amazon turn over book purchase records of 24,000 customers, the groups said in an e-mail statement.

Specifically, the groups are calling for Google to promise to respond only to properly issued warrants from law enforcement and court orders and notify readers if information about them has been requested; allow readers to search and browse anonymously; give readers control over their purchases and data and prevent others from viewing their activities; allow readers to give books to others without tracking; tell readers what information is being collected and maintained and why data has been disclosed if it has.

Google also should keep search log information for no longer than 30 days and agree not to share reader activity with third parties or link data collected about use of Book Search to any other Google services without user consent, the groups said.

A Google Books representative said it's premature for Google to say what its privacy policy will be, but that Google will continue to discuss the issues with advocates.

"We have a strong privacy policy in place now for Google Books and for all Google products. But our settlement agreement hasn't yet been approved by the court, and the services authorized by the agreement haven't been built or even designed yet," Dan Clancy, engineering director for Google Books, wrote in a blog post on Thursday.

"That means it's very difficult (if not impossible) to draft a detailed privacy policy," he wrote. "While we know that our eventual product will build in privacy protections--like always giving users clear information about privacy, and choices about what if any data they share when they use our services--we don't yet know exactly how this all will work. We do know that whatever we ultimately build will protect readers' privacy rights, upholding the standards set long ago by booksellers and by the libraries whose collections are being opened to the public through this settlement."

Google has negotiated deals with publishers for current works and is also digitizing public-domain works. For out-of-print books still protected by copyright, the company reached a $125 million proposed settlement with U.S. publishers and authors that awaits court approval.

Critics complain that the deal, which is scheduled to be implemented in October, would effectively give Google a monopoly over books that are in copyright but out of print. Google argues that the agreement will make millions of books hidden on library shelves more accessible and give publishers and authors a new opportunity to profit from them.

Earlier this month, the U.S. Department of Justice said it was launching a formal investigation into the proposed settlement. And European Union regulators are also taking a close look.

[0ri0n]

Google has built a reputation of developing invasive technology first, and reluctantly curbing anything back if a courtroom can make them. Whether it is googlemap vehicles rolling through private property or a city without permission, to web search bots that ignore prohibitive coding standards and technology to track every which way you use it. Just because it may not look like a bug designed by Q in a James Bond film, Google tracking technologies work the same as an invasive monitoring of an individual's private life. Law enforcement would be required to obtain a warrant, but because Google subjects EVERYONE to the same type of bugging, somehow it is acceptable?

Who gave them permission to store my information? Or yours? And what penalties in the event it is compromised or released to someone I have not authorized? Since when did my personal profile become public information for any corporation to aggregate as a lucrative commodity without permission? And without liability, or regard for the liability generated in my life??

[ddesy]

You better look around, because you will soon realize that blaming Google isn't the answer. There are plenty of companies that gather and share information, and many are more intrusive. Google really isn't all that bad.

[Mr.Californian]

There is a distinct difference between Google's "bugging" and that of the government that you (and many others) seem unable to comprehend. The government will arrest you if you say oil and bomb and america in the same sentence, but Google doesn't do anything with your data to you personally. They use it for statistical purposes to improve the product.
And you gave them permission. If you are unreasonably paranoid about what you search for (and what reason you have to be is another concern), simply don't use it. There is no reason you *must* use Google Books, or any other product you are scared of. What liabilities does it "generate" in your life? You know, companies who sell physical goods also track what people buy, so that if one product is doing worse, they can work on that. It is much the same for Google except the methodology, because traditional companies' methods do not work on the Internet.

The legal advocates in this matter, however, are entirely reasonable in their requests and I hope that Google will listen to them. Privacy is only a concern when someone who has the power to act on the information obtains it.

[0ri0n]

DDESY: No one is blaming Google, but drawing attention to corporate bugging. Its a common unethical practice to aggregate my personal information (for whatever purposes) without active authorization and without a voice to simply state "I do NOT want you to have my information at all". This isn't a matter of overlooking the practice because Google 'really isn't that bad', its a violation of everyone's life on a personal level no matter how you look at it.

MR. CALIFORNIAN: The issue isn't who will arrest you (though information from Google has been used as evidence in court cases below) but the unauthorized aggregation of of personal information without requiring any active decision to participate (or not) from those that are being 'bugged'. Its warrant-less monitoring.
Paranoia is not a part of this, having control of my personal information is, and I gave no such permission to Google (or any other company) and see no option to simply refrain from participation of the aggregation of my information, regardless of the marketing/product improvement spin you want to put on it. Google evidence has been used in civil lawsuits, google. vehicles will roll up on personal property to snap pictures and ask questions later, googlebots ignoring 'disallow' instruction sets for their searches. You may want to do some research first before blindly assuming that this kind of practice does not generate a liability in my life, or yours. Personal information is always an asset. ALWAYS. If you do not think so, ask yourself 1.) How can a search agent become so profitable doing nothing but search results, and 2.) How easily can your life be affected when your information ends up in the wrong hangs? No one has asked me specifically to gather this informaiton, nor has allowed an option to abstain from any of it. But when these databases are compromised, by the time I find out, it is too late. When my information is sold, because it IS an asset (and therefor a liability to me) I have no proactive control to prevent this. At best, it is an opt-out chase.

People should have the power over all of their information. This exchange of my information for use of a product should not be a cloak-n-dagger affair, with only a vague definition of the type of information being gathered listed in a buried privacy statement and no way to control it, or abstain from it or even know how long it will be retained before being expunged.

[jessiethe3rd]

Sorry but any company that tries to keep the slogan, "Do no evil." is definitely not a company to be trusted. Companies are basically psychotic money hungry sociopaths. The only thing that matters at the end of the day is the $$$ they make and the return to the shareholders. Your information has been monitized by Google... that's a scary thought when you think about it.

[BearPuppy]

Thank you for this. EVERY person who uses Google-anything should be aware that their privacy has already been compromised by Google and its so-called "Privacy Policy". And if you think that it isn't important, or you have 'nothing to hide', re-read American History 101, McCarthy and the 1950's.

Kudos to Ms. Mills.