We’ve been discussing the unholy trinity of GPG – Google, Privacy, Germany – a lot recently. And by “we”, I mean in one swoop all the web scene, Germany and the media here as a whole, but also my friends and I. (One of those friends works at Google, so we can bounce ideas off each other.) That is to say, these issues are discussed on many levels right now, and there’s no end in sight. Still, it’s time to share a few thoughts – less to explain anything (I don’t think I have many answers) than to order my own thoughts and learn about yours. It’s all a bit rough and unpolished – my apologies.
First, let me throw in a few factors, unordered but all relevant to the discussion:
Google has been criticized a lot in Germany for several reasons, most dominantly privacy, market domination and their mantra “don’t be evil”. Privacy has been a big issue in German media. Social Networking (most notably Facebook and the local clone StudiVZ as well as Twitter) are lagging behind the US, but are gaining traction quickly. The European Parliament just rejected SWIFT, the EU’s bank data exchange with the US. There is a very active web scene here. In the federal election campaigns in fall 2009, the government introduced de facto web censorship (framed as child abuse protection, but ridiculously badly implemented), but put it on hold recently after all experts were up in arms about it. PR agencies abroad seem genuinely scared of bloggers in Germany. There is a small, albeit very critical blogosphere. (There are probably more factors to be taken into account.)
All that just to describe the overall climate when it comes to discussions about the web in Germany. The discussions are led in a somewhat odd triangle of privacy protection, gadget lust and technophobia. (Although this could be framed differently, too. Feel free to do so.)
The main arguments are:
# Biggest Player: So in all the discussions about privacy and its protection online, Google is the most obvious target as it’s the biggest player. Google’s market penetration here is comparable to the US, that is to say that both the search and ad market are dominated clearly by Google. In my personal point of view, that doesn’t justify using Google synonymously with privacy abuse, but it sure feels like this is happening. It’s how media work, though: you need to put a name to a problem, or you can’t really discuss it.
# Privacy Abuse: Take email: I’m fairly certain that my privacy is violated more often and more strongly by all the other local free mail providers (GMX, web.de etc). Certainly you get a lot more spam there, less convenient search and not even the official mantra of “don’t be evil”. Like Google, these companies have to serve their stock holders in the first place. One fair point here: Google is bound by US law, so instead of one, there are at least two governments that could potentially enforce access to my email – Germany and USA. That, plus a number of recent privacy screw-ups like with Buzz, have made it clear that Google isn’t infallible. However, to Google’s defense, I don’t know of any incident where they maliciously gave out user data like Cisco, Yahoo or other competitors.
# Centralized Power: The most valid point I see is that against centralized power. My email, calendar, shared docs all live in Google’s cloud. One of my majors in college was political science. One thing I learned there that too much centralized power is always a bad thing as it opens the door to abuse. This is the one thing I really don’t like about Google: Too much personal information is stored there that should be on some secure server that only I could access. We all have the choice to do just that, but it comes at a price that’s so high that we can’t really pay it: We’d need special skills, a lot of time, and we’d face security risks if we tried to manage mail and calendars ourselves. I certainly wouldn’t know how to do it. And just putting my mail on another company’s server wouldn’t really seem more secure either. Today, I trust Google with my information, and their services are by far the best in the field. But what will happen when the management changes one day? So this point is a strong one.
# Overall Sentiment: Once the criticism train is rolling it’s hard to stop. Both media and consumers in Germany see Google as a synonym for the points mentioned above. So much so that media often attack Google for what sometimes seems like a reflex rather than research. The latest example: At transmediale10, the artist group FAT Labs pretended to have secretly equipped a Google Streetview Car with a GPS and tracked it while it was shooting footage of Berlin’s streets. And the media largely bought the story, buying into the David vs Goliath angle without further research. The list of media who seemingly believed the FAT Labs announcements included heavyweights like Boing Boing, Gizmodo and the Huffington Post as well as a number of German outlets. (Over at Blogpiloten.de, one of our authors mentioned it too, although cautiously.) To cut a long story short: The kind of paranoia at work here can easily develop a strange dynamic of its own. Which brings us to the next point…
# Lack of Control: Publishers are probably the most influential group at work here, but there are others too, who fight Google for pushing ahead with their own (ie Google’s) polices. This is understandable as we see a very powerful player who’s governed mostly by private interests and another country’s laws. This goes for both business and private contexts: Where we aren’t in control, we feel uneasy. (Except when talking about Apple, it seems, but that’s a whole other story.) Personally, I feel that Google is way more open and transparent than most private companies, and stick to technical standards much more. However, the basic issue is a valid and important one: Users need to be in control of their data. Today, that’s hardly the case. (Facebook, Twitter, Apple: I’m talking about you, too.) What this argument also does, though, and here’s the big risk: It provides cover to more selfish arguments, like the publishers. In their case, Google’s book scanning project is a threat to their old business model, so they try whatever they can to keep Google and other competition out. In this case it’s all just framing for their own political and economic gain under the cover of concern for the public good.
That was a lot of points – and again, I’d like to apologize for just throwing it out there without further polishing. I think these discussions are important to have.
But here’s the thing: I think the discussion is missing the point.
We shouldn’t even be focusing on just one company, it doesn’t really make any sense. Instead, we should focus on writing a set of rules that make it clear that users need to be in control. We need to define how that can work in a global network. And we need to make sure that we don’t get paralyzed by fear of technology as that would endanger innovation. (For Google’s standpoint on this, check out Eric Schmidt’s opinion piece in the Washington Post.)
Germany needs to sort out what Jeff Jarvis calls the German Privacy Paradox. While he argues by way of a sauna (read yourself), here’s the point I found most important in his thoughts:
What’s the harm that can come from revealing something else about oneself, as adults fear young people are doing in excess in Facebook and the web? The issue, I’ve long said, is not privacy but control: We have a right to control our information and how it’s used. But all this talk about privacy could make us withhold more than ever; it could make us downright antisocial. So I’ll ask again, what harm will come from publicness? Where’s the line?
These are really the questions we need to ask ourselves. Could we try not to live more privately and in less competition from the likes of Google? Certainly. But at what cost? (Again, as a disclaimer: Personally I’m a strong believer in a sharing economy, and I live pretty publicly on the web, so I’m biased.)
My take, in a nutshell, is this: On one hand, we need to make sure to give companies (here: Google) a lot of leeway to innovate before regulating. On the other hand we need to make sure to set a framework of rules that puts the users in charge of their own data.
This is a tough balance to find, but it’s what we need to do. Otherwise it’ll be either stagnation or a privacy disaster. Both aren’t good. And none of those is better than the other. So let’s set aside our critic’s and fanboy’s hats and have this discussion, and try to notice when some industry is trying to sell us their interests as public interest. Listen to your BS filters. It’ll be a long process as technology advances, but we shouldn’t just sit there and watch, but go out and help define the new rules of engagement.
5 Comments
A hat tip to Doc Searls’ latest project: ProjectVRM (http://cyber.law.harvard.edu/research/projectvrm) It basically sets out to venture into the exact field you described here: define a distinct set of rules, which put the user back into control over his data (VRM stands for Vendor Relationship Management) and if implemented well, will put everyone better off, both vendors and consumers.
I think it all boils down to how we envision our future to be and what values we want to hold in respect. Once we decide on that, it is fair to assume that society will react to developments that are not in accord with what it believes in. Google seems to try to function by its “do no evil” doctrine and in contrast to various other plattforms (StudiVZ anyone?) they seem to be making a good job of it (or of hiding their misdemeanors). At any rate, I agree that persons (whether they be private or legal) need some free space to innovate. Whether data (which ones?) needs to be private or public (and to what extend) depends on your set of values. Why not try setting up some “what if?” scenarios to explore this? i.e. “What if everyones data about all aspects of their life was public all the time?”
According to Clay Shirky a big part of the privacy discussion is connected to the transaction cost for communication (I don’t recollect the precise quote …).
And there is something to that, I think. Before the Internet it was much harder to tell something about yourself and especially in a form that could have been as easily re-shared as a flickr photo for example. But it’s not only what others could do with our information, but what we are prepared to share about ourself. The amount of personal information has increased and there is no end in sight. On the contrary, I think we will be sharing much more information. There is probably a Moore’s Law kind constant in there.
So, if it’s very easy to share information about ourself and people can as easy re-share this information, it’s only natural that we are seeing more information about ourself. But in relation to societal standards we aren’t really ready for that. Most of us did experience a life without the Internet and our perception is – as it should be – “tainted” by that. And that’s ok, because we should be able to create the right environment for ourself. It will be very interesting to see the guys and gals who are being born today in 15 years time. They will scare the shit out of us. ,)
Google, being in the business of connection people to information, is an obvious target, because they are so good at what is so easy, but at the same time very scary too.
@Ahmet: I’m liking that idea – what would happen if everybody’s data was private all the time? (And how could other weightings of privacy look like? (Maybe location would be exposed at all times while status updates were hidden? Maybe my phone number would be open, but my website locked up?)
@Igor: Agreed, the transaction costs are a really important factor. About the societal standards, though – has a society every been ready for a substantial change? Can that even be possible? I’m thinking (and this is mainly a gut feeling) that a society gets ready when the changes start, rather than it sits down (so to speak) and thinks about what’s next and then gets ready. Disruptive change doesn’t seem to work that way… But yeah, we should be able to find not solutions, but at least ground rules that would ease the transition into new phases of development.
@Martin: Thanks for the Doc Searls link!
I know this is on here for a felt eternity by now, still I couldn’t get the following out of my head:
(quoting from above in “# Centralized Power”) “…We’d need special skills, a lot of time, and we’d face security risks if we tried to manage mail and calendars ourselves. I certainly wouldn’t know how to do it…”
Yes you would. In a way. Literally following the do-it-all-approach you’re sketching probably not, but the approach would be to decentralize among the big players: Your search with Bing, your docs with Google, your mail with gmx, And so on. You’re addressing the even stronger concerns with other mail providers and it wouldn’t surprise me to find you’re right. But the point is really the centralization, not who’s the very most secure or not. I remember concluding an Analytics vs etracker debate on privacy, years ago, with “Heck yeah, the same data is collected – but the ones get to connect it with the rest of their stuff, the others don’t even have that stuff.” This is still true.
That said, I’m lazy on this myself and not a role model at all when it comes to applying such a decentralization strategy to my daily life. Still, in times where “avoid, avoid, avoid!” seems to be all that comes out of a mouth of a Consumer Protection Minister ( http://is.gd/96wO0 ) one wishes for someone, somewhere to educate the people to such approaches and strategies.