In 2010, talking about the evolution of search, Google chairman Eric Schmidt told the Wall Street Journal that “I actually think most people don’t want Google to answer their questions. They want Google to tell them what they should be doing next.” I think that’s amazing and while I’m happy for them to personalize my search experience by anticipating what I’m likely to want, doing so involves the tracking and storing of a lot of my personal data. Having worked at Google myself, I am pretty certain they really try to live up to their “Don’t be evil” company motto (tax arrangements notwithstanding), but the question still remains as to how exactly they go about predicting what I want next, and how secure is that information once gathered?
Google Now, covered in depth last month, accesses your phone’s GPS to track where you are and where you were, noses through your Google Calendar and Google Contacts to help it figure out your plans, reads your Gmail to find items such as tracking information for packages on their way to you, and rifles through your search history to deduce stuff like which sports teams and stock quotes you follow. It is just one example of how Google is shifting from a reactive search experience towards an anticipatory one.
Given the recent NSA “Prism-gate” revelations, it’s only right to be concerned that all this personal data is readily available to be abused by the likes of GCHQ or NSA; your governments. Microsoft, Yahoo, Google, Facebook, AOL, Skype, YouTube and Apple, the companies involved, vehemently deny giving the Obama administration backdoor access to users’ data. While it certainly seems that no one is “tapping directly into the central servers of leading U.S. Internet companies,” these corporations are obliged to respond to official requests. In fact, Google and Facebook have actually released figures about how many requests they receive and Microsoft and Twitter are about to follow suit.
The UK’s GCHQ has had access to Prism since at least June 2010, prompting controversy and questions about its legality. William Hague in his response to the House of Commons defended GCHQ, the legal framework it operates in and the challenges intelligence agencies face in stopping terrorism, but refused to comment on this relationship with Prism. He said “To intercept the content of any individual’s communications in the UK requires a warrant signed personally by me, the home secretary, or by another secretary of state… Every decision is based on extensive legal and policy advice. Warrants are legally required to be necessary, proportionate and carefully targeted, and we judge them on that basis.”
While I’m sure most people would advocate the surveillance and interpretation of an individual’s personal data to save lives, what happens when instead of terrorists, those fighting for civil liberties or reform are targeted? My biggest concern is the interpretation of what is “proportional” and who should be “carefully targeted.”
GCHQ facilitated surveillance of members of the 1980′s British miner’s strike, whilst an investigation by the US senate uncovered decades of serious, systemic abuse by the US government of its eavesdropping powers; tapping into phone calls of civil rights leaders, reading the mail of political opponents and spying on anti-war groups. This lead to the introduction of the Foreign Intelligence Surveillance Act in 1978 that made it a criminal offence for government officials to eavesdrop on the electronic communications of Americans without first obtaining a warrant. Since its amendment in 2008 this act is perceived to be legalising what, according to the 1978 Act, should be illegal as “The law gives the government sweeping surveillance power without requiring it to identify the targets of its surveillance”. The Regulation of Investigatory Powers Act, introduced in 2000 in the UK, has a similar remit to the US’s 1978 act, and now, the introduction of the proposed Communications Bill will see everyone’s emails, internet and social media use stored for 12 months just in case it’s needed.
In 2012, UK officials made 9226 data requests to Microsoft and 2883 to Google for access to the content of documents, videos, photos and emails. These all went through this “legal framework.” What are more concerning are the 500,000 requests to telecoms companies for data that doesn’t meet this ministerial threshold and can be approved by junior officials. This is simple data like phone numbers, times and locations of phone calls, often referred to as metadata; data about data. It could be argued that this sort of simple information won’t ever be looked at and even if it is, you’re probably not doing anything illegal so it won’t matter. No one could infer any meaning from this information, could they?
Well, in fact, it seems that governments could potentially use this metadata to map your every move. While the content of communications is obviously quite revealing, it’s the “who,” “when” and “how frequently” that can be even more so. If, say, a politician was revealed to have repeatedly called an illicit hotline after 2:00 a.m., or an individual rang a suicide prevention hotline from Golden Gate Bridge, no one would need to know what was said on the call to draw any conclusions; it’s all about inference. Furthermore, powerful computer algorithms can analyse millions of pieces of metadata to expose patterns and to profile individuals and their associates. Ironically, the affair of the former head of the CIA, General David Petraeus, was revealed through email metadata.
So, in terms of my data being surveyed or collected; I do like seeing the product I didn’t have time to buy on Amazon in a display ad, or a card on my Android from Google telling me there’s traffic on my way home. It is slightly unnerving that they’ve figured out what I was about to buy and where I work and live, but I trust them and you can always opt out. Let’s hope that the main purpose of data collection remains to anticipate what we want before we want it so advertisers on Google can advertise effectively, liberating us of our money rather than giving governments access that will affect our liberties.