Comment by robobenjie
15 years ago
It seems to me that what he thought he was referring to was cases like a subpoena for child pornography. The cases when google is obliged to divulge personal information are reserved for cases in which someone is seriously believed to be evil. When people read his quote I think tend to think of embarrassing things they themselves have searched for, but no one is going to subpoena (or even care) about your search for "nurse + handcuffs".
When I use google I know that there is some probability of the results getting hacked or leaked or subpoenaed or looked at by a google employee trying to improve search. However the expected value of that embarrassment (probability of someone I actually care about seeing it X how embarrassed I would be) is very low, and, for me, doesn't even come close to outweighing the benefit provided by the suite of google products. On the otherhand (and I think this is Erik's point) if you are using google to do something that would legitimately land you in jail the expected value of bad-stuff is much higher. (Actually both the probability of getting subpoenaed and the level of bad go up).
I feel that there is this idea that everything you do everywhere on the internet can and should be totally private and that any chance that it isn't is seen as removing a fundamental right. In my opinion the internet is more like a trail out in the middle of the wilderness: usually no one sees what you do and its probably ok to have sex with your girlfriend without anyone knowing, but if you start burying bodies out there the FBI can and will use that against you.
When people read his quote I think tend to think of embarrassing things they themselves have searched for, but no one is going to subpoena (or even care) about your search for "nurse + handcuffs".
How about in a divorce trial, when character is at issue, and you are fighting for child custody rights?
More generally, the argument of as long as you aren't doing anything wrong, why should you be worried has been debunked, I think rather convincingly in places like http://news.ycombinator.com/item?id=984088 hopefully the discussion can continue.
I worked for a company that routinely provided user-uploaded child porn to the FBI along with user details. The EULA gave us the right to do this although I'm not sure how explicitly this was stated. I'm ok with this, but it's a slippery slope downward.
Thats interesting. How do you avoid the liability of possessing child pornography? Invariablly, someone needs to see it before it can be passed on, and it has to be stored somewhere + communicated. Is there protections in your local laws?
We off-shored the manual review of submitted images! And, it was perceived by management/legal that proactive cooperation with the FBI would alleviate the risk of being charged with distribution of child pornography. As someone peripherally involved, I had to sign a release stating that I would not claim harassment because my job involved viewing sexually explicit images.
Never in my life had I imagined writing an email to a VP stating that I had just burned a CD of kiddie porn for her only to receive a terse "Thanks!" message back. We did this on a dedicated machine which could easily be wiped/re-imaged.
1 reply →
The problem is more fundamental. The more of your life you conduct through the centralized conduit of your internet connection, the more power someone who controls that conduit has over you.
Cases like child pornography are the wedge justifications for putting into place controlling mechanisms, and cheered on by lots of well-meaning people. But once the controlling mechanisms are there they can be used and abused for political and commercial gain by police both public and secret.
The inherent non-visible, automatable and centralizable nature of such controls makes them more powerful than any real-world analogue. No large conspiracies, long chains of command or big bribes for armies of cronies are needed for historically unprecedented manipulation of the futures, careers and freedoms of people and companies. I don't think one can trust the law to catch up or to be effective in restraining those with the power. The bogeymen of terrorism and child molestation are more than effective enough to frighten the councils of old men who largely control court decisions.
IMO, decentralization and transport encryption, to the point that real-time centralization of control is infeasible, ought to be baked into the design of such a vital infrastructure. The privacy problems are going to get worse. We're still waiting for the big scandal, the hidden nuke test that went wrong, which will make this need obvious to the public at large. If we're unlucky, we might never see that scandal.
Maybe no one in the western world cares about your search for nurse+handcuffs, but what about in China? Iran? How do they comply with the laws in those countries?