MIDDLEBURGH

To inform entertain and excite my kids, Jamie, Patrick, Aaron & Sarah Middleburgh, our family and friends.

about me
photo of Dave Middleburgh
Hong Kong

counter to blogger
  powered by BLOGGER

MIDDLEBURGH DASHED

I shared with my wife and colleagues the fact that YouTube had been keeping six years of my search and viewing history. Whilst they went off to checked out their Google Dashboards I went and checked out the equivalent tools from Microsoft (Microsoft Personal Data Dashboard (beta)) and Yahoo.

It would appear most of my colleagues have used/tried fewer Google products than I ie my Dashboard appeared to have more entries than theirs. Whilst most weren't overly concerned about their YouTube history, a couple were taken aback by the amount of location history which Google held ie where they had been and when, going back months, if not years. This hadn't been an issue for me since as a matter of principle I have always tried to dis-enable and defeat location tracking on both my mobile(s) and pc(s) and so I had no location history. To a man (and woman) each of my colleagues deleted theirs and dis-enabled location tracking!

It wasn't clear if that was all they had done (and I didn't like to pry) but I had walked through every product listed on my Dashboard, looked closely at the data content; the histories and access rights and simply deleted and/or restricted access as much as I could. Essentially I tried to "wipe" all traces from Google ( a forlorn hope - more psychological than anything - I am sure it can all be resurrected .. provided that source info is still available)

I concluded that Google dashboard is way more user friendly than the Microsoft offering (still in beta), that there was no equivalent from Yahoo, and I am a Google fan boy. (More precisely I have used a lot of Google products whereas I don't/haven't used a lot from Microsoft or Yahoo)

like Google Bing and Yahoo have functionality to clear search history and dis-enable search logging but although I checked, cleared and dis-enabled, I don't feel reassured about my privacy. I doubt if I would believe an independent auditor if they swore on their mothers life that logging was truly switched off and history deleted. In fact I avoid logging on to Google/Yahoo/Microsoft. If i do , I try to remember to always uncheck the "remember me" or equivalent, and I try to remember always to log out and change sessions/clear cookies etc . In fact I prefer to use search engines like StartPage and DuckDuckGo. This all speaks to my comprehensive lack of trust in US internet companies which derives from fact that US Government uses different rules for US residents/citizens as compared to others (including me ) who are essentially deemed as guilty (of what ever) until proven innocent. I find this profoundly unreasonable and offensive.

I do have a general concern about single sign on systems and systems like Dashboard which aggregate personal data. Hack the user id/password and you have keys to the kingdom. So whilst I can understand the benefit of synchronising contacts to Google and across Google applications, I question the value proposition of displaying them through dashboard. I can't envisage a case where I would actually want to display them through Google dashboard (synchronize yes- view no!). It introduces another point of vulnerability ie if some malicious shit hacked my Google account they would have access to details of my doctor, accountant, mistress (if I had one) etc. Reluctantly I have concluded that the account needs to be secured using 2 level authentication. But just for good measure I've switched off phone synchronization, and moved my contacts the the SIM card.

I did find one "doozy" in my research. Apparently in the dim and distant past I made an impromptu suggestion on a "TRIPADVISOR" like website (NB it was not Tripadvisor). Basically I filled in a survey (along with 23 other people) which was set up using "Moderator", a Google product which logged my suggestion, vote and some details (nickname/location/email). Now the problem with suggestions and likes/dislikes is that they can say a lot about you. In this particular case it was innocuous but here's the thing... I don't remember any warnings etc.

I discovered that you can retrieve a list of all moderator "surveys" without logging in. Select one and Google returns a standard page which has a CSV download link which contains all questions,votes and questioners details except emails. Appears that a lot of surveys are soliciting opinions on functionality in games, google products etc. There are also surveys of a political nature inviting questions for town hall meetings or seeking opinions on local/national issues

Two things struck me when I downloaded one of the "political" CSV's Firstly many of the questions reflected the questioners polical/social biases and/or interests ie you can infer/identify (rightly or wrongly) people with pro/anti gay/lesbian views , similarly pro-choice, right to life etc. Secondly some of the questioners (not all) had naively used nicknames/locations which can identify them (eg through search on PIPL etc). So did anyone do a risk assessment before making this information available to the world and his mother? I don't think its adequate to say users were warned(? - Google's privacy statement says political stuff wont be shared ) or that it is obvious that users should take precautions. Clearly some did not !! What if a seriously deranged and dangerous nutcase with extreme prejudices against Gays, Minorities or Women started to mine these lists with ,malicious intent ?? The corporate mantra "Don't be Evil" doesn't mean that staff should not consider the implications of others "Being Evil". The obvious fixes would be

and will I point this out to Google .... probably!!

Labels: ,

|
 
| More