[phunel]

I'm far less worried about government intrusion than I am generally of corporate intrusion. The relationship, as it stands, consists of me willingly giving all my private communications to a third party I have no standing with. I'm questioning my own behavior in that equation much more than any scenario where a government entity serves and act on a warrant. I don't ever expect to be in that position, nor have I, but I have been in the position where my commercial and private correspondents has been violated by companies I am in competition with and employees who I no longer work with. Good luck with the lawsuit, the damage has been done in those situations.

[jrockway]

Take a look at Google's privacy principles here:

http://www.google.com/intl/en/privacy/

I can't speak for Google, of course, but my own take is that privacy is taken very seriously internally. Perhaps more seriously than anything else, actually. Google is generally open with employees with respect to source code, financial data, and access controls, they are not that way with user data. I don't have access to it, and couldn't get access to it unless it's vital to the success of my project (and then, only for a limited time period).

I even have a sticker with the 5 privacy principles stuck to my monitor's base.

[marshray]

Don't confuse "internal secrecy" with "user privacy".

That user data is company property and its secrecy is what gives it value. Furthermore, if users caught wind of just how much of it exists that could jeopardize its source.

[jrockway]

We tell users exactly how we use their data. We're even running an ad campaign on the NYC subway (and presumably elsewhere) about how we use user data in non-intuitive ways.

Here's the relevant section:

http://www.google.com/goodtoknow/data-on-google/

[marshray]

Thank you for responding. I notice that that page talks primarily about search terms (and in noncommittal terms about how much Google values privacy) and it doesn't seem to apply to the other parts of the expanding portal.

Just to pick one example, where does it say what you do with the data you collect on users when they click a link from YouTube. E.g., the page http://www.youtube.com/user/khanacademy has a link that displays on the page as

    Website: http://www.khanacademy.org

But when you click on it, it actually goes to

    http://www.youtube.com/redirect?q=http%3A%2F%2Fwww.khanacademy.org%2F&session_token=oJd2SDBY1T6kY0eXgYddT3firut8MTMyNzE5MDY5NkAxMzI3MTA0Mjk2

The information on users' link-clicking habits being skimmed from that little trick (and the many others like sourcing script from Google-controlled domains on most sites on the web), is it associated with the G+ identity? Or not? Where is this documented?