[joebadmo]

First, I'm enjoying this discussion and I'm glad it remains civil. Thanks!

> As I said, it's less about the specifics of what they're doing now, and more about the apparent switch of focus from "organising the world's information" [0] to "deliver[ing] online experiences tailored to each individual's interests and social circles"

I don't see these as divergent. Information about individuals is information, too, and needs to be organized. It also affects how the rest of the information is organized.

> And it's obvious many people within the company are uneasy about this too (and do, arguably, think it's wrong)

> Does this mean "Google" thinks itself to be evil? Well it becomes meaningless to talk about Google as a monolithic entity at that point because it's made up of individuals.

It also becomes meaningless to get that granular, doesn't it? Does Google have to not be evil in the eyes of every one of its employees?

> But here we have an institution. People build institutions. We can build it in such a way that's it's likely to fail, or build it in such a way that it wont. Surely you can see it's important to make it as easy as possible for Google to do the right thing and difficult, if not impossible, for them do the wrong things.

Could you describe in what ways you think Google is building an institution that leads them inevitably toward doing evil? Maybe the part I don't understand is what lies at the bottom of the personal data mine. Is it a matter of how much data they collect? What they do with the data?

[5l]

> First, I'm enjoying this discussion and I'm glad it remains civil. Thanks!

Yes, me too!

> I don't see these as divergent.

Not divergent in the sense that one precludes the other, but where one doesn't involve me, the other is all about me. The old Google cared only about my search terms, the new Google seems to want to climb in my bed with a notepad and figure me all out.

> Does Google have to not be evil in the eyes of every one of its employees?

Google, the institution, just has not to be evil, as they have defined evil. That there's obvious internal disquet about their new direction should be fairly disqueting to you.

> Could you describe in what ways you think Google is building an institution that leads them inevitably toward doing evil?

It doesn't matter how many websites Google crawl or books they digitise, we don't have to trust them or their intentions or any of their staff. But our personal information can be used both for us and against us, and it's eventual misuse is inevitable whether by the institution, corrupt agents within it, or parties outside of it. The only thing we can do is limit the potential damage by limiting the data they hold on us.

> Maybe the part I don't understand is what lies at the bottom of the personal data mine.

That's part of the problem, I don't think anyone does really. We're in uncharted territory and part of the reason it's so tricky is so much can be inferred about you from seemingly innocuous data, or from analysing your social graph.

> Is it a matter of how much data they collect? What they do with the data?

Well they have a loosely defined need which is pushing them to collect this data. It seems fairly benign; to improve search. But where does it end? Larry Page doesn't seem to have drawn a line anywhere. Once they have the data and it's been mined for further meaning, it's inevitable they'll find new uses for it. So one leads to the other, leading back to the first.

Google is staffed by thousands of very clever people. I don't want them spending their days trying to figure me out. They're not uncorruptible. It's bad enough Facebook is at it; we really don't need Google competing with them in this endeavor. If we allow the situation to get out of hand, the winner will be the company that holds the most complete portfolio of information on us. Are you comfortable with that?

[joebadmo]

> Google, the institution, just has not to be evil, as they have defined evil. That there's obvious internal disquet about their new direction should be fairly disqueting to you.

Could you point me to the obvious internal disquiet? Is this in reference to Larry Page's supposed "ultimatum"? Because I was under the impression that that was a simple expression of his commitment to his vision for the company, misrepresented by a hostile media entity.

It seems to me that the bulk of your objection boils down to Google's continued and expanding collection of personal data, and an impending but vaguely characterized misuse of that data.

> That's part of the problem, I don't think anyone does really. We're in uncharted territory and part of the reason it's so tricky is so much can be inferred about you from seemingly innocuous data, or from analysing your social graph.

I generally find warnings about vague, ill-defined threats to be unconvincing.

> Once they have the data and it's been mined for further meaning, it's inevitable they'll find new uses for it.

This does not seem at all self-evident to me.

In fact, it seems to me that Google's incentives are such that it's pretty much in their interest to use the data well. They have no incentive to sell it, since it allows them to target search results and ads better. And they have every incentive to keep their users' trust. And as far as I can tell, they've taken the issue pretty seriously. The Google Buzz disclosure incident is the only accidental exposure of information I can remember, and they handled it pretty well.

[5l]

> Could you point me to the obvious internal disquiet?

It was to this [0] article I was referring. I don't think he was misrepresented, but the Larry Page quote was really beside the point.

Edit: reworded the paragraphs below for clarity

> impending but vaguely characterized misuse of that data.

There have already been a number of occasions where either Google's network was compromised [1], a rogue employee has misused data [2] or users have had their accounts hacked [3] en masse. And of course, on top of this, various government and intelligence agencies have had access to your data [4].

None of that should be the least bit shocking or surprising, because such outcomes are inevitable when a large company holds so much data. I'm not going to blame Google; none of those incidents served their interests and indeed compared to most companies Google are unusually transparent and responsive about these issues. But knowing that these things will happen regardless of their good intentions, Google should seek to minimise and not maximise the amount of data they hold on us.

> > Once they have the data and it's been mined for further meaning, it's inevitable they'll find new uses for it.

> This does not seem at all self-evident to me.

Perhaps I should have said, "it's inevitable they'll find new ways to make money from it". They're a company, after all.

> In fact, it seems to me that Google's incentives are such that it's pretty much in their interest to use the data well. [...] And they have every incentive to keep their users' trust.

Well, we could say that about any company, and yet abuses occur regularly. If you set a companies profit motive against the best interests of it's customers, the cost of a breach of trust will simply be factored into the equation. Unfortunately it is frequently the case that while a breach of trust may be costly, it's not always costly enough.

I don't think there's anything exceptional about Google here. They're not immune to corruption. Google has served us so well so far because our interests are aligned; it's the surest way to prevent an abuse of trust in the future and why I'm so concerned about their new strategy.

[0] http://pandodaily.com/2012/01/24/larry-page-to-googlers-if-y...

[1] http://www.washingtonpost.com/wp-dyn/content/article/2010/01...

[2] http://articles.businessinsider.com/2010-09-14/tech/29992918...

[3] http://www.guardian.co.uk/technology/2011/jun/01/google-hack...

[4] http://www.google.com/transparencyreport/governmentrequests/

[joebadmo]

Let's leave the internal disquiet issue aside for now.

The occasions of Google's data being compromised are notable for being exceptions, I think. Of course you're right that there's always the potential for misuse, and the only way to avoid misuse completely is to never gather data. It's parallel to the argument against big government. It's also parallel to the argument against nuclear power. But in each of these cases it's a matter of cost/benefit and risk analysis. You have to weight the risk and cost of misuse against the benefit of Google having that data. It seems that you're ok with the data Google has collected up til now, but you're worried about more data collection in the future. That's valid, but to me the benefits far outweigh the risk/cost.

Part of this is that Google's structured in such a way that its incentives are to keep the data private (within its own network) because it makes money by having sole proprietorship over it.

I think a salient distinction here is between privacy and confidentiality. Google and Facebook both collect a lot of private information about their users. But Google makes money by keeping that private data confidential, while Facebook makes money by selling the data. These are the companies' respective structural traits. And I think that's what makes Google unique.

> Google has served us so well so far because our interests are aligned; it's the surest way to prevent an abuse of trust in the future and why I'm so concerned about their new strategy.

Can you elaborate as to how this new strategy no longer aligns our interests with Google's?

[nbm]

> Google and Facebook both collect a lot of private information about their users. But Google makes money by keeping that private data confidential, while Facebook makes money by selling the data.

Facebook doesn't sell anyone's data. Facebook, like Google, allows advertisers to target advertisements to a particular demographic of users without divulging that user's identity or data.

(I work at Facebook.)

[joebadmo]

Thanks for the correction, I didn't know that. Is there somewhere in the Facbook ToS that I can reference? I tried to find it, but couldn't.

[5l]

> The occasions of Google's data being compromised are notable for being exceptions

So far, but the risks are only going to get worse. Eventually the value of our data, at least in aggregate, will exceed the costs of defeating Google's security (assuming it's even as good as the money they put into it). And please don't forget, the government can take a peek anytime for free.

> Google makes money by keeping that private data confidential, while Facebook makes money by selling the data

They use it for exactly the same purpose. To sell ads. Neither platform has, or likely ever will, sell our data outright. That is absolutely the last thing I'd be worried about.

Of course, like the government, you don't know who will be in charge tomorrow or what their intentions might be.

> These are the companies' respective structural traits. And I think that's what makes Google unique.

All institutions will try and do terrible things if you set up the wrong incentives.

> Can you elaborate as to how this new strategy no longer aligns our interests with Google

We are paying for this with our privacy. I'm not sure how much clearer I can get. Improvements to Google's index used to cost us nothing. Now they cost us our data. The more data they collect, the more money they will make. That sets their interests squarely against ours; yes, true, we want good search results. We also want the government to arrest all the terrorists. I'm not prepared to live my life as an open book to achieve these results.

> to me the benefits far outweigh the risk/cost.

You've asked me a lot of questions, let me ask you some. What happens when the benefits no longer outweigh the risks but Google tell you sorry, our profiling isn't finished yet. What if through some change in your personal circumstances the data they hold suddenly becomes damaging to you. What will you do if they go too far? Will you know straight away? Will you have time to make a decision? Will you be able to tell them to stop? How will you get Google to delete your data if you want them to leave you alone? Are you expecting the government to step in and help even though they're directly benefiting from all this data collection? Are you perfectly happy that they have access to it all? Would you so willingly hand over the same data to them directly?

[joebadmo]

> We are paying for this with our privacy.

I agree, and my point is that it seems like a pretty fair deal to me.

Maybe where we differ is that I sort of see the end of privacy as a foregone conclusion. Credit card companies already have way more (and maybe more important) information about people than Google does, and sells that data with absolutely no compunctions. I think data is only going to get harder to control in the future.

But back to the point of the thread: I don't think data collection is evil in and of itself, and so I don't think it's fair to call Google "evil" until they actually do something evil.