Google To Beef Up Privacy Team
Faced with a series of high-profile privacy gaffes, Google intends to hire computer "ninjas" to flag potential snafus before they pose problems.
The company recently posted a job announcement seeking data privacy engineers for the "privacy red team." The company says in the job description that it's seeking candidates to "independently identify, research, and help resolve potential privacy risks across all of our products, services, and business processes in place today."
Google's move comes two weeks after the company agreed to pay $22.5 million to settle privacy charges brought by the Federal Trade Commission. The fine in that case resulted from Google's decision to circumvent the no-tracking settings on the Safari browser.
In that situation, as in other recent gaffes, Google appeared surprised by the privacy implications of a feature it developed. The company said it began using a workaround to Safari's no-tracking settings in order to allow people to like ads with the +1 button. But once the workaround was in place, Google's DoubleClick was able to track people in order to target ads to them, based on their Web-surfing history. Google said it didn't realize that the workaround would result in tracking users for ad-targeting purposes.
News of the workaround came to light in February, when graduate student Jonathan Mayer published a report outlining how Google and three other companies -- PointRoll, Vibrant Media and WPP's Media Innovation Group -- were bypassing Safari's settings.
This isn't the only time that Google was exposed for violating people's privacy. In 2010, it came to light that Google's Street View cars collected payload data -- including URLs, passwords and emails -- sent over unencrypted WiFi networks. Google apologized for the interception, and said it intended to destroy the data.
Google also settled FTC charges stemming from the launch of the defunct social network Buzz, which exposed some users' email contacts by default.
Privacy expert Jules Polonetsky, director and co-chair of the think tank Future of Privacy Forum, says he expects that other companies will follow Google's lead and hire their own "white-hat" privacy hackers in order to discover problems before independent experts like Mayer. "It's in line with the trend in a number of areas to find problems before your critics do, and try to fix them before someone turns them into a story," he says.
Google isn't the only company that independent computer experts have caught in privacy glitches. Last year, Australian developer Nic Cubrilovic reported on his blog that Facebook was able to identify users when they visited sites with the "like" button or other social widgets -- even when those users were logged out of the social networking service.
In another example, privacy researcher Ashkan Soltani exposed analytics company KISSmetrics' use of ETag technology, which enabled companies to profile users who delete their cookies.
Polonetsky adds that hiring privacy hackers will help uncover issues, but is only a first step toward fixing them. "You need smart decision-making to deal with the flaws that you uncover," he says.
Image by Shutterstock