May 30 2012

Wow – Imagine trusting someone you know with a copy of all of your emails, a history of your online browsing, all of the videos you watch online, and the times and amounts that you watch them. Then imagine telling them everything you are searching for on the internet. Now picture the conversation one day when your friend mentions that he is sharing all of this information with just a few of his closest most trusted associates. You are assured that no more than 20-30,000 people will ever get access to this information and just like your good friend you are assured that all of those people are really really nice. You are also assured there are security measures in place so none of these associates could do something you wouldn’t like. Thinking about this scenario it is hard to picture a lot of people trusting our good friend with all of this information. It is even harder to picture anyone trusting these tens of thousands of associates to be perfectly honest and upstanding. It isn’t really the friend that is a security risk . It is all of your friends associates that would be a concern right?

This is precisely what millions of people did this spring when we consentingly went along with Google’s new privacy policy. Now our gmail information is linked to our web searching, which is linked to all of the YouTube videos watched, AND all of the time spent on the internet. That series of information is a lot of data. It isn’t necessarily bad that Google gathers this information to make anyone’s online experience better and offer more helpful suggestions. What could be really really bad though is what one of Google’s employees could do with this information if they are disgruntled. Or what if they make a human error and all of our private data is hacked by someone who specializes in online stealing of money or identities. They could have a database profile of what you like, where you live, who you communicate with, what your passwords are and a whole lot more. In very short order they could use this data to be …. You. You on the company network, you on social media sites, and even you while online banking. Piecing together this information with the Google+ service this information could even reproduce what you look like and all of your personal contact information. Wow. In effect, someone could look like you, know much of what you know about yourself, and do whatever they please with this information.

What changed this spring is that Google said we are going to store all of this information in ONE place. No more would all of this information be separated but if we sign into anything at Google this information will be compiled into one big profile of well, you.

In one bold move I would suggest Google became the possessor of one of the most coveted databases of information on the public in the world. John Millar, President of the Digital Boundary Group, who make their living penetrating and testing networks for clients told me last month. “Our success rate at penetrating a network is still 99% WHEN we can go after the users.” Now tell me hackers aren’t thinking the same thing? If I was a hacker my real target wouldn’t be the database. It would be some of the disgruntled employees at Google who have been passed over for several promotions. …. The storyline about mean hacker meets down on his luck Google Security Engineer may make good fiction. Except this isn’t a story. Writing this I became more aware that my Gmail account stays signed in at several computers I use from home and the office. So right now my online information is being collected, measured, and ads are being targeted according to my likes. No wonder my Gmail showed a beautiful full color add for a property available in Costa Rica for only $29,000 last week! (I always wanted to go to Costa Rica and did a few Google searches about the area a few months ago.)

To protect ourselves the experts say we should LOG OFF from Gmail services. We may also want to create multiple gmail accounts or Google ID’s to ‘confuse’ the database. I for one won’t be signing up for Google+ anytime soon as Google+ is another method used to gather personal data into this database. Of course, if you have confidence in Google being able to police their tens of thousands of staff and prevent any security issues these suggestions aren’t necessary. One of Google’s core belief’s is ‘Don’t Be Evil.” I trust they will stay with their core values. However, for the public perhaps we should keep in mind other time tested core values like ‘Don’t be stupid.” Or “Don’t be naïve.” Or “You have no street smarts”.

Written by Darren Boyer

Darren Boyer

Darren Boyer is the founder and president of pcit.

Related Posts: