[joebadmo]

> Google, the institution, just has not to be evil, as they have defined evil. That there's obvious internal disquet about their new direction should be fairly disqueting to you.

Could you point me to the obvious internal disquiet? Is this in reference to Larry Page's supposed "ultimatum"? Because I was under the impression that that was a simple expression of his commitment to his vision for the company, misrepresented by a hostile media entity.

It seems to me that the bulk of your objection boils down to Google's continued and expanding collection of personal data, and an impending but vaguely characterized misuse of that data.

> That's part of the problem, I don't think anyone does really. We're in uncharted territory and part of the reason it's so tricky is so much can be inferred about you from seemingly innocuous data, or from analysing your social graph.

I generally find warnings about vague, ill-defined threats to be unconvincing.

> Once they have the data and it's been mined for further meaning, it's inevitable they'll find new uses for it.

This does not seem at all self-evident to me.

In fact, it seems to me that Google's incentives are such that it's pretty much in their interest to use the data well. They have no incentive to sell it, since it allows them to target search results and ads better. And they have every incentive to keep their users' trust. And as far as I can tell, they've taken the issue pretty seriously. The Google Buzz disclosure incident is the only accidental exposure of information I can remember, and they handled it pretty well.

[5l]

> Could you point me to the obvious internal disquiet?

It was to this [0] article I was referring. I don't think he was misrepresented, but the Larry Page quote was really beside the point.

Edit: reworded the paragraphs below for clarity

> impending but vaguely characterized misuse of that data.

There have already been a number of occasions where either Google's network was compromised [1], a rogue employee has misused data [2] or users have had their accounts hacked [3] en masse. And of course, on top of this, various government and intelligence agencies have had access to your data [4].

None of that should be the least bit shocking or surprising, because such outcomes are inevitable when a large company holds so much data. I'm not going to blame Google; none of those incidents served their interests and indeed compared to most companies Google are unusually transparent and responsive about these issues. But knowing that these things will happen regardless of their good intentions, Google should seek to minimise and not maximise the amount of data they hold on us.

> > Once they have the data and it's been mined for further meaning, it's inevitable they'll find new uses for it.

> This does not seem at all self-evident to me.

Perhaps I should have said, "it's inevitable they'll find new ways to make money from it". They're a company, after all.

> In fact, it seems to me that Google's incentives are such that it's pretty much in their interest to use the data well. [...] And they have every incentive to keep their users' trust.

Well, we could say that about any company, and yet abuses occur regularly. If you set a companies profit motive against the best interests of it's customers, the cost of a breach of trust will simply be factored into the equation. Unfortunately it is frequently the case that while a breach of trust may be costly, it's not always costly enough.

I don't think there's anything exceptional about Google here. They're not immune to corruption. Google has served us so well so far because our interests are aligned; it's the surest way to prevent an abuse of trust in the future and why I'm so concerned about their new strategy.

[0] http://pandodaily.com/2012/01/24/larry-page-to-googlers-if-y...

[1] http://www.washingtonpost.com/wp-dyn/content/article/2010/01...

[2] http://articles.businessinsider.com/2010-09-14/tech/29992918...

[3] http://www.guardian.co.uk/technology/2011/jun/01/google-hack...

[4] http://www.google.com/transparencyreport/governmentrequests/

[joebadmo]

Let's leave the internal disquiet issue aside for now.

The occasions of Google's data being compromised are notable for being exceptions, I think. Of course you're right that there's always the potential for misuse, and the only way to avoid misuse completely is to never gather data. It's parallel to the argument against big government. It's also parallel to the argument against nuclear power. But in each of these cases it's a matter of cost/benefit and risk analysis. You have to weight the risk and cost of misuse against the benefit of Google having that data. It seems that you're ok with the data Google has collected up til now, but you're worried about more data collection in the future. That's valid, but to me the benefits far outweigh the risk/cost.

Part of this is that Google's structured in such a way that its incentives are to keep the data private (within its own network) because it makes money by having sole proprietorship over it.

I think a salient distinction here is between privacy and confidentiality. Google and Facebook both collect a lot of private information about their users. But Google makes money by keeping that private data confidential, while Facebook makes money by selling the data. These are the companies' respective structural traits. And I think that's what makes Google unique.

> Google has served us so well so far because our interests are aligned; it's the surest way to prevent an abuse of trust in the future and why I'm so concerned about their new strategy.

Can you elaborate as to how this new strategy no longer aligns our interests with Google's?

[nbm]

> Google and Facebook both collect a lot of private information about their users. But Google makes money by keeping that private data confidential, while Facebook makes money by selling the data.

Facebook doesn't sell anyone's data. Facebook, like Google, allows advertisers to target advertisements to a particular demographic of users without divulging that user's identity or data.

(I work at Facebook.)

[joebadmo]

Thanks for the correction, I didn't know that. Is there somewhere in the Facbook ToS that I can reference? I tried to find it, but couldn't.

[nbm]

You can read more about how ads work in non-legalese at:

    https://www.facebook.com/about/ads/

In non-legalese, how Facebook uses information it receives on users:

    https://www.facebook.com/about/privacy/your-info#howweuse

The actual data use policy:

    https://www.facebook.com/full_data_use_policy

The path to these last two - click "Privacy" at the bottom of a Facebook page.

[5l]

> The occasions of Google's data being compromised are notable for being exceptions

So far, but the risks are only going to get worse. Eventually the value of our data, at least in aggregate, will exceed the costs of defeating Google's security (assuming it's even as good as the money they put into it). And please don't forget, the government can take a peek anytime for free.

> Google makes money by keeping that private data confidential, while Facebook makes money by selling the data

They use it for exactly the same purpose. To sell ads. Neither platform has, or likely ever will, sell our data outright. That is absolutely the last thing I'd be worried about.

Of course, like the government, you don't know who will be in charge tomorrow or what their intentions might be.

> These are the companies' respective structural traits. And I think that's what makes Google unique.

All institutions will try and do terrible things if you set up the wrong incentives.

> Can you elaborate as to how this new strategy no longer aligns our interests with Google

We are paying for this with our privacy. I'm not sure how much clearer I can get. Improvements to Google's index used to cost us nothing. Now they cost us our data. The more data they collect, the more money they will make. That sets their interests squarely against ours; yes, true, we want good search results. We also want the government to arrest all the terrorists. I'm not prepared to live my life as an open book to achieve these results.

> to me the benefits far outweigh the risk/cost.

You've asked me a lot of questions, let me ask you some. What happens when the benefits no longer outweigh the risks but Google tell you sorry, our profiling isn't finished yet. What if through some change in your personal circumstances the data they hold suddenly becomes damaging to you. What will you do if they go too far? Will you know straight away? Will you have time to make a decision? Will you be able to tell them to stop? How will you get Google to delete your data if you want them to leave you alone? Are you expecting the government to step in and help even though they're directly benefiting from all this data collection? Are you perfectly happy that they have access to it all? Would you so willingly hand over the same data to them directly?

[joebadmo]

> We are paying for this with our privacy.

I agree, and my point is that it seems like a pretty fair deal to me.

Maybe where we differ is that I sort of see the end of privacy as a foregone conclusion. Credit card companies already have way more (and maybe more important) information about people than Google does, and sells that data with absolutely no compunctions. I think data is only going to get harder to control in the future.

But back to the point of the thread: I don't think data collection is evil in and of itself, and so I don't think it's fair to call Google "evil" until they actually do something evil.

[5l]

> it seems like a pretty fair deal to me.

To heavily paraphrase Benjamin Franklin: those who would give up privacy to obtain moderately more relevant search results, deserve neither privacy nor relevant search results.

Privacy is freedom, knowledge is power, convenience is safety.

> Maybe where we differ is that I sort of see the end of privacy as a foregone conclusion

It might well be, but that doesn't mean it's not worth fighting for in the meantime. I don't believe human society is evolved enough to handle a complete loss of privacy quite yet.

> Credit card companies [...] [sell our] data with absolutely no compunctions

You've just reinforced my earlier point. This is precisely why we don't want Google to profit from our personal data. I want Google to stay on my side.

> I don't think it's fair to call Google "evil" until they actually do something evil

I didn't. But as I said earlier, if they allow themselves to enter into a situation where they're either forced to do "evil" or can't tell if what they're doing is "evil" or not, they are not adhering to the spirit of their motto.

However I think at this point we should call it a day and agree to disagree as we're starting to go around in circles. I did very much enjoy the discussion though and it gave me much food for thought.

I'll leave you with this:

Privacy has to be viewed in the context of relative power. For example, the government has a lot more power than the people. So privacy for the government increases their power and increases the power imbalance between government and the people; it decreases liberty. [...] Privacy for the people increases their power. It also increases liberty, because it reduces the power imbalance between government and the people. (Bruce Schneier)

...and the last word, if you want it!

[joebadmo]

Fair enough. And to be perfectly honest, I do go back and forth and the issue of privacy. It's certainly a complex and important issue, and I'm glad that there are reasonable people on both sides of it.

On a meta-level, I find that while I'm rarely swayed in the course of an argument, I often internalize some part of the opposing argument and at some later point find myself with a more nuanced, if not completely different position.

So, thanks again for the great discussion! I also enjoyed it quite a lot, and it definitely gave me plenty to think about. It's always a pleasure to have an intellectually honest discussion, and for all the lamentations about declining quality of discourse on HN, I find myself having plenty of great ones like this.

My name's Joe, and you should let me know if you're ever in Portland, Oregon so we can get some coffee or something!