Is Google Spying on You? So What? What Can You Do?
The topic of privacy as is relates to the Internet is complex, to say the least, touching on the fields of technology, society, government, law, morality, and etiquette. Given the increasing capabilities of technology (e.g. what can be found online, what’s stored online, enormous (and cheap) data storage capabilities, high-fidelity audio and video recording), the interests of large entities with vast resources (i.e. governments and corporations), and large numbers of people (i.e. anybody with access to computer) with their various interests, drives, and curiosities, the issue of privacy on the web is quickly taking center stage in the news and in our lives.
Do a Google search on “privacy” and “Google”. Google and other companies have been caught and fined numerous times for attempting to secretly collect information where they have no business doing so. Usually these companies claim that they gather this information in order to make their advertising more relevant. Often, this excuse rings hollow.
WHERE YOU CAN REASONABLY EXPECT TO HAVE NO PRIVACY
Email
Assume that anything that you email is in the public domain – attachments included! Don’t email information such as social security numbers, credit card information, or documents that may include these, such as tax returns. Don’t email anything that you wouldn’t want posted on a billboard. Don’t email anything that you wouldn’t want your worst enemy / a prospective employer / your spouse to see. Also, don’t email information you hold in confidence about others. While illegal wire-tapping laws do apply to telephone conversations, they don’t apply to email. Anything found in an email can be used against you, and by anybody.
Postings on a website, Facebook, or other social media.
“I got so drunk (see photo)”. Don’t assume that only your “friends” will ever see this. Don’t assume that if you delete your post, then it’s gone forever; these things have a way of reappearing. People have been arrested after posting details of their crimes on social media. Protection from self-incrimination doesn’t apply in social media. It goes without saying that you should avoid posting content that may (even 20 years later) be embarrassing to you or to others.
Out in public
Expect that when not in a private residence, you may be photographed or recorded (audio/video). Try to be on your best behavior when in the street, at work, at a mall, store, restaurant, etc. Don’t do or say anything that you wouldn’t want broadcast on the nightly news or feature you in a “viral video”.
WHERE YOU MIGHT ASSUME PRIVACY – BUT YOU’D BE WRONG
An Infected Computer
A compromised computer can record keystrokes (including passwords – even if they appear as *****), capture audio/video of what’s happening on the computer, record web sites visited, searches performed, in short - anything that happens on or in the computer, whether visible or not. An infected computer can then relay any of that information to any other Internet-connected computer. A microphone and/or webcam can capture sound or video of what’s going on in the room. It’s been said that some devices can record even when they appear to be turned off. With an infected computer, all bets are off.
Searches (Google or others)
Search engines such as Google cannot be expected to not save, catalog, and analyze the zillions of searches they receive every day. It goes without saying that they probably also record what browser you’re using, a computer “fingerprint” to identify which computer you’re using, and what IP your ISP (Internet Service Provider) has served up for you.
Skype, Instant Messaging, Online Gaming
Don’t assume that your conversations are in any way private. These services are not covered by illegal wiretapping laws. There’s even talk that online game players have been penalized for speaking profanity during game play.
Cloud Backup (e.g. Mozy, Carbonite)
Unless the backup company provides for a “private key”
and you take advantage of that feature, somebody at the company will have access to any and all of your data stored at their facility. Whether the company or its employees will take advantage of that capability to scan your data is a matter of trust.
HTTPS via Shared Wireless
Many locations offer free wireless service. Some use encryption and some do not. Those that use encryption share the key freely with their customers. Now follow closely. Any computer that can access the wireless network (unencrypted or having the encryption key), with the right software, can read and record the network traffic from another computer also connected. If a person were to, say, connect to his bank online to pay a bill, the spying computer could intercept the authentication into the bank and store the password sent for later use – even with HTTPS secure socket layer (SSL) sockets at work.
Computer at Work
Every site and how long you spend there may be monitored and recorded. Even if you clear your browsing history, the company firewall’s security log will show connections to external sites. Some employers will also install key loggers or other monitoring software. It’s safest to just assume that your boss has access to anything and everything you do on your computer.
WHAT TO DO?
Most of these things you’ve heard before because they’re all standard best practices:
- Invest in good antivirus software and run checks for malware periodically.
- Think before you email; think before you tweet.
- When in public, especially when at work, act responsibly.
- Speak politely. Note that this may be difficult if you’re playing a game and your guy dies.
- Don’t do anything to access your privileged accounts or privileged data at a public wifi hot spot.
- Don’t store confidential data about yourself or others in the “cloud”.
- If you plan to do anything illegal, keep your computer out of it.