Well, the old saying, “The third time’s the charm” may not appear to be true in Google’s latest attempt to enter the social media market. Google is now testing out their spiffy new social networking platform called Google Plus (often referred to as Google+) in what they call a “limited field trial,” but it looks as though they may end up embroiled in more controversy related to privacy. Let’s take a brief look at Google’s social history, and then focus on Google’s latest social media experiment:
Google’s First Attempt
Google took its first step into social media with the launch of Orkut in January of 2004, named for its creator, Google employee Orkut Büyükkökten. Within months, Google would be sued by the social-networking software company Affinity Engines for allegedly stealing much of Orkut’s source code by a former engineer. Who was the engineer? That would be Orkut Büyükkökten. Google sued Affinity Engines one year later, alleging Affinity Engines used source code created by Google employee Orkut Büyükkökten.
The service never really gained traction in the United States, and finds the majority of its users residing in Brazil and India. The service is now hosted in Brazil. Orkut had its share of issues over the years including privacy concerns, racism, spam, and some pretty significant security flaws. Orkut is still in operation, though only 1.4% of its traffic originates from the United States.
Google Gets Buzzed
Google took a second swipe at the social market in 2010 with the launch of Google Buzz, but the service was met with controversy from the very beginning. The service was integrated into Gmail, and due to some unfortunate default privacy settings, allowed personal information to be disclosed without the consent of the user such as lists of Gmail contacts the user interacted with most.
It didn’t take long for Google to find itself embroiled in legal trouble. A class action lawsuit against Google was filed alleging that Google Buzz violated Federal privacy laws, with the settlement resulting in Google setting up an US $8.5 million dollar fund to award groups that support privacy and education online. The Electronic Privacy Information Center (EPIC) filed a complaint with the Federal Trade Commission against Google which resulted in an investigation which found Google guilty of violating its own privacy policies and falsely claiming to handle personal information originating from the European Union correctly. On March 30, 2011, the FTC published the following:
FTC Charges Deceptive Privacy Practices in Google’s Rollout of Its Buzz Social Network
Google Agrees to Implement Comprehensive Privacy Program to Protect Consumer Data
Google Inc. has agreed to settle Federal Trade Commission charges that it used deceptive tactics and violated its own privacy promises to consumers when it launched its social network, Google Buzz, in 2010. The agency alleges the practices violate the FTC Act. The proposed settlement bars the company from future privacy misrepresentations, requires it to implement a comprehensive privacy program, and calls for regular, independent privacy audits for the next 20 years. This is the first time an FTC settlement order has required a company to implement a comprehensive privacy program to protect the privacy of consumers’ information. In addition, this is the first time the FTC has alleged violations of the substantive privacy requirements of the U.S.-EU Safe Harbor Framework, which provides a method for U.S. companies to transfer personal data lawfully from the European Union to the United States.
Read the full release at: http://www.ftc.gov/opa/2011/03/google.shtm
Soldiers in the Field Test
Enter Google+, Google’s latest attempt to compete in the social media arena. Google opened the service to a limited number of users in what was dubbed a “limited field test” on June 28, 2011. The service was heavily advertised as a privacy friendly alternative to Facebook, citing its Circles feature as a way to share content only with the people you want but a growing number of users are voicing concerns related to privacy, one of the biggest being the requirement to use your real identity on the service.
Google+ Circles were designed to resemble circles of friends in real life. By posting work related content to a work related circle, family announcements and baby pictures to a family circle, and videos of weekend parties to a social circle, one could (in theory) keep the various aspects of ones life separate and avoid all manner of embarrassing or employment altering situations. But critics believe Circles do not go far enough to protect people’s privacy or prevent accidental disclosure of sensitive information. I tend to agree.
Public posts (posts not limited to specific circles or individuals) are indexed by Google Search and can be found in regular Google search results. You can prevent your profile from being indexed by search engines, but not public posts. One must keep this in mind if posting about sensitive health issues, sexual orientation, religious preferences, political views, or activism. Your real identity (if you are complying with Google’s current policy) will be associated with your public posts.
One must also take great care when posting potentially sensitive information to circles due to the ability to share other people’s posts. It is possible to disable the ability for others to share your posts, but it is an extra step utilizing a menu which must be accessed after the post is published, potentially allowing the post to be shared before the option to share it is disabled. A post that has been shared before the option to share has been disabled will persist as a shared post. A post that has been shared will persist as a shared post even if the original post has been deleted. Once it’s out there, it stays out there, and can be re-shared over and over again.
A lesser known way by which people can unknowingly or accidentally associate their real identity with a particular topic is through the use of the +1 button. The +1 button is a feature similar in nature to Facebook’s “Like.” You can indicate your approval of a post by simply clicking the +1 button, which adds your name to a list of people who have also clicked the +1 button. This list is shown on the post, and if the post is public, it will be indexed and your name will now be a relevant search term for that post and its content. Think about that for a moment.
Of course, all of these privacy concerns could be mitigated by using a pseudonym, but Google+ does not allow them. Not unless the pseudonym is the name which you are commonly known by. And if the point is to keep your contributions online separate from your real identity, that does not help you one bit.
Google’s Identity Crisis
If you’ve spent a bit of time on Google+ (or read the news), you may have noticed quite a controversy brewing over Google’s naming policy. People have been lighting torches and sharpening pitchforks over Google’s insistence that people use their real identities to participate in the service, and I can’t say that I blame them at all.
Google’s current naming policy for Google+ states:
To help fight spam and prevent fake profiles, use the name your friends, family or co-workers usually call you. For example, if your full legal name is Charles Jones Jr. but you normally use Chuck Jones or Junior Jones, either of those would be acceptable.
A Google Help article entitled “Your name and Google+ Profiles” further states:
Google+ makes connecting with people on the web more like connecting with people in the real world. Because of this, it’s important to use your common name so that the people you want to connect with can find you. Your common name is the name your friends, family or co-workers usually call you. For example, if your legal name is Charles Jones Jr. but you normally use Chuck Jones or Junior Jones, any of these would be acceptable.
https://www.google.com/support/+/bin/answer.py?answer=1228271
While fighting spam is always a noble cause, Google’s naming policy will not prevent spam from making its way through Google+. In fact, its already there. Fake profiles are going to happen whether people use an obvious pseudonym like “Uncle Chuckles” or a real sounding Western name like “Richard Weaver,” unless Google has plans to implement some sort of mandatory identity verification system. I am not sure how well the platform will do with such an Orwellian approach to social profiles.
And what of victims of rape or domestic abuse? Why should someone be forced to publicly identify themselves as “rape victim” to reach out to other rape victims for support on Google+? While one person may feel comfortable discussing the subject openly, identifying their real identity as someone who has been raped, others many not wish to continue being identified in their day to day lives with their attack. Additionally, rape/domestic abuse survivors may well wish to avoid leaving a trail of data online for their attackers to follow. With each scrap of information which is made available online, the distance between the victim and the attacker shrinks.
Rape/domestic abuse survivors are not the only people who may wish to keep their online activities separate from their offline lives. Members of the LBGT communities, religiously diverse communities, political dissidents are just a few examples where such a separation can be essential to personal safety.
Privacy concerns and personal safety aside, the policy fails to address people’s desire to express themselves in their own way. Our real names are not our real identity. The overwhelming majority of us had our names chosen for us before we developed a personality or had anything to contribute to society. They do not represent our thoughts, opinions, beliefs, or true nature. They are merely a reference point to the individual for use on tax forms and drivers licenses. Many of us go by variants of our real names, or different names altogether (nicknames), when interacting with our friends and family. We may even have numerous nicknames based on our numerous circles of friends. If Google+ was designed for “connecting with people on the web more like connecting with people in the real world,” don’t you think they would have taken this into account?
I do not believe the decision to require real identities had anything to do with spam prevention or community building. Google+ is not a social media platform. It is a data mine, we are the miners, and the ore.
+CathBea Stevenson
2 other ideas that fit more to the standards of the net
— Bruce Schneier on Nymshttp://www.schneier.com/blog/archives/2011/08/pseudonymity.html?nc=58#comment-575058
+Bradley Horowitz on nyms
“I am a pseudonymous user in many, many [online] services. I appreciate the ability to go incognito and anonymous at times,” — Bradly Horowitz, Google+ VP.
http://www.pcworld.idg.com.au/article/398375/google_feels_pain_users_who_can_t_get_google_/
Like many others, on Sept 1, I shall be deleting my Google+ profile. I’ll wait a further month & if I haven’t heard that Google have fixed their attitude I’ll be moving my email, calendar, video & documents away from their services to alternatives with their competitors (though not M$ or Apple — I think that would be a frying pan / fire situation). I believe Google have shown themselves to be bullies & frankly orwelian creeps over the nymwars issue & while it hasn’t affected me personally it affects my friends & what is a social network if your friends can’t join?