[Metroactive Features]

[ Features Index | Silicon Valley | Metroactive Home | Archives ]

[whitespace]
Techsploits

Search Me

By Annalee Newitz

MICROSOFT is no more creepy than Google. I know that's a strange thing to say, given the recent revelations about Microsoft giving up its search data to the Department of Justice's anti-porn brigade. But do you really think Google decided to fight the government's subpoena for its own search data because it has our privacy interests at heart?

I know for a fact that there are some extremely cool lawyers and engineers at Google who actually do give a shit about your personal privacy, but I'm not sure Google execs were persuaded by these freedom-fighters' moral arguments. I think the top brass at Google wanted to protect the company's search index trade secrets.

It also wanted something nonevil to report about its corporate ethics before announcing that it would be working with China to censor search results behind the Great Firewall.

I'm also not entirely persuaded that the information Microsoft gave up to the government was privacy-invasive. I recently spent some time at Microsoft talking with their lawyers and search-engine geeks about what data, exactly, they handed over to the DOJ.

According to Ken Moss, Microsoft's general manager of development and testing for MSN Search, his company handed over a random list of 1 million pages from its search index. It also gave the DOJ a list of terms that people searched for over a period of a couple weeks. "This data was literally two columns with search terms in one and number of times the term was searched in the other," he said. No personal data like IP addresses or cookies were included anywhere.

I'm a fairly rabid privacy advocate, and it's hard for me to see how this data invaded user privacy—unless you're talking about the privacy of searchers as a collective entity. I'm not saying Google should have handed over its data the way Microsoft did. I'm glad it is fighting the subpoena it received, no matter how Machiavellian its reasons.

But that's because I have a big problem with the reasons the DOJ has given for subpoenaing this data. It is gathering evidence to fight the ACLU's suit over the constitutionality of the Child Online Protection Act (COPA), a law that imposes harsh penalties (including jail time) on the operators of commercial websites that contain sexual materials which could be accessed by minors.

By gathering "snapshots of the web" from search engines, the DOJ hopes to prove the web is bursting with porn and that therefore kids are constantly in danger of stumbling upon it. Specifically, the government wants to demonstrate that filtering software doesn't actually prevent minors from seeing porn and that therefore laws are needed to rectify the situation.

How the hell will random information about searches and indexed webpages prove the government's point? This data will tell the government nothing about how well filters work. More importantly, the DOJ will have no idea which search terms and webpages are being accessed by minors. And that's what really worries me.

When I was hanging out with the Microsofties, one of the questions we discussed was what they would do if the government came back and asked them for age information about the people who were searching. Moss and some of his search cohorts said it was possible that the government would do this—and given what the DOJ hopes to prove, I'd be shocked if it didn't. And make no mistake—Microsoft has this information, just as Google and Yahoo! do. So does Amazon, who owns the search engine A9. "If they subpoena us, we have to comply," Moss said.

But none of these search engines has to comply, as Google has demonstrated. They can move to quash the subpoenas for any number of reasons. So it's a little disingenuous for Microsoft or any company to say they "have" to respond to subpoenas with data.

It's also disingenuous for the media and privacy advocates who know better to claim that Microsoft has handed privacy-invasive data over to the government already. Instead, we should be worrying what the government will ask for next.

More than that, we should be pushing search portals like Microsoft, Google and Yahoo! to stop keeping personally identifying data about our searches. They could discard personal information after a month, keeping only search terms and number of searches for statistical analysis of user behavior. If they purged personal data, they wouldn't have any information to hand over to pushy governments.

What I'm saying is that the real problem isn't handing search data over—it's having this data in the first place. And that's why I don't think we should let Google or Microsoft off the hook for one minute. If they really had our best interests at heart, they wouldn't be correlating personal data with search data over the long term. Period.


Annalee Newitz ([email protected]) is a surly media nerd who isn't sure whether Google is the lesser of two evils.


Send a letter to the editor about this story to letters@metronews.com.

[ Silicon Valley | Metroactive Home | Archives ]


From the February 1-7, 2006 issue of Metro, Silicon Valley's Weekly Newspaper.

Copyright © 2006 Metro Publishing Inc. Metroactive is affiliated with the Boulevards Network.

For more information about the San Jose/Silicon Valley area, visit sanjose.com.