Google Plus and Identity Services
Andy Carvin was attending the Edinburgh International TV Festival and had a chance to speak to Google CEO Eric Schmidt. As reported on Andy’s post, Eric’s comment went like this:
“He replied by saying that G+ was build primarily as an identity service, so fundamentally, it depends on people using their real names if they’re going to build future products that leverage that information.
Regarding people who are concerned about their safety, he said G+ is completely optional. No one is forcing you to use it. It’s obvious for people at risk if they use their real names, they shouldn’t use G+. Regarding countries like Iran and Syria, people there have no expectation of privacy anyway due to their government’s own policies, which implies there’s no point of even trying to have a service that allows pseudonyms.
He also said the internet would be better if we knew you were a real person rather than a dog or a fake person. Some people are just evil and we should be able to ID them and rank them downward.”
Internet Identity Services
As we all know by now, Google is a business. As such their primary goal is to make money. Since their debut on the Internet scene, they have established themselves as a provider of Free Services that are at least as good as anything you can purchase commercially. But you’ll notice right away that the profit made from giving stuff away is generally pretty small. That is, unless you figure out a way to monetize it without making it an annoyance or security risk. Google has done pretty good in this regard, providing a number of highly respected services that make them some pretty decent profit but don’t make their users feel put upon to use.
One of the most valuable services that Google has developed is something they call an “Internet Identity Service”. This isn’t the type of thing that you use to prove who you are to a bank or other financial institution, or even to a government agency. Instead it’s much less obvious and much more valuable to those wishing to sell products on the Internet. By using an Internet Identity Service, sellers and marketers on the Internet can rapidly determine the exact individual browsing their site (or viewing their advertisement or whatever content they may be putting on your screen). Correctly and reliably identifying an individual means that they can easily calculate how much you might be worth to them, and which of their offerings might appeal to you. They can even engage in customization of the content to make sure they stand the best chance possible of prying money loose from your wallet or purse.
From the seller’s perspective, this makes excellent sense. It even has benefits from the consumer side of things too. After all, I’m a mid-50′s male that’s into computers and technology, but I don’t give a hang about sports or high performance cars. So anyone that has ad space on a site I visit wouldn’t want to waste their time and bandwidth showing me offers for bras, tampons, sports logo merchandise or car parts. The intelligent use of a good Internet Identity Service can improve my “enjoyment” of the sites I visit and maximize the profit potential of the advertisers on those sites. So far it’s a win-win, right?
Existing Techniques for Identity Determination
It’s a well known fact that Google’s premier service, Google Search, already engages in a form of content customization and identity detection. The back-end of Google Search keeps basic statistics about what I search for, what I click on in the search results, and a few other details they glean from my actions using their Search Service. But this method has a couple of limitations that hinder its usefulness in situations that go beyond Google Search.
Google’s own Browser, Google Chrome, offers a technique of opening a new window with most of the usual identification techniques blocked or disabled. Called “Incognito Mode”, people that use Chrome and open windows this way essentially prevent Google from doing a lot of the tracking necessary to know who is using the keyboard at the moment. This means that while Google can gather generalized statistics about what I search for and what I click on, they can’t add those statistics to my personal data on their machines. They’ve got the data, but they can’t tell who to assign it to. Chrome isn’t the only Browser that offers this feature either. Most every modern Browser offers something similar in operation. They’ve all added the feature because their customers have demanded some method of doing stuff on the Internet without “Big Brudda” staring over their shoulder.
Another limitation they face is the inability to gather statistics about usage and interest from other sites. If I’m on a site that offers gobs of data and allows me to choose something from the gob, Google most likely can’t get hold of that data. Some sites have already opened their doors to Google and their data collection goals, but most of those sites also happen to be owned by Google. Using this model, Google would essentially have to purchase every single medium- to large-sized Internet Website in order to gather the data they need. While it’s an intriguing concept to “Own The World”, the practicalities pretty much rule it out. There’s also the tendency of human beings to reject anything that seems Too Big. Whatever the reason or the psychology behind it, people start developing a certain fear and reticence to use services or purchase products from “We Own The World, Inc.”
These are both hurdles that Google needs to overcome in order to branch into that next plateau of Identification Service that will net them an income stream of previously unimaginable proportions. If they can find a way to knock down both of those, they will keep their users in a blissful state of happy ignorance, even allowing them to cloak themselves in their Incognito Shields .. and still have an absolute lock on who they are and what they want from the content providers. Obviously the stakes are the highest they’ve ever been, and Google is perfectly positioned to do it.
Facebook and Privacy Concerns
The current Darling of Social Media is a little enterprise known as Facebook. For various reasons they have managed to attract a user base that is incredibly large and cuts across virtually every social and psychological group there is. They even managed to draw in and lock down some of the most hesitant computer users, computer-phobes and casual users. I’m pretty sure Zuckerberg et al didn’t start off to accomplish that sort of market penetration, but they succeeded anyway. Somewhere along the way they discovered how valuable their user base could be to them, so they started working on ways to leverage that resource to their benefit. Except Zuckerberg is an impatient child and an idiot at times … and he blew it.
There was a time not that long ago when Zuckerberg and his management staff went on an all out attack against “Internet Privacy”. There were many interviews that could best be described as “Infamous” because they declared that no one on the Internet should have any expectations of privacy. Basically he was making statements that went against human nature and belied his true intent. He frankly didn’t care if people were anonymous or not. What he really wanted was the right to tag people with an identifier so he could collect his usage and preference data and reliably assign it to their record in his database. In short, what he said and what he wanted were different … and the public caught on.
Predictably, the next reaction was backlash. Before long their engineers had to start making changes in Facebook that let people recapture their anonymity and keep it. They did their best to make it as cryptic and difficult as possible, but even the Cable News Shows started airing daily segments on ways to turn off all of Facebook’s precious data mining hooks. Suddenly his precious user base resource started cutting more and more wires that let him sell his data for good money, and there’s pretty good evidence that they’re not going to let Facebook reconnect them either. He broke their trust with his disingenuous claims and now it’s too late for them to go back to rebuild that trust again. Oops .. well, haste makes waste Mark. Sorry!
(Facebook has recently decided to change how their users specify various privacy settings, however these only cover settings that control who can see things posted on the site. They do not alter how your personal data is protected nor affect your level of anonymity. Those settings are still hidden away behind cryptic and complicated options screens.)
Google+ and Your Real Identity
Let’s go back and look at Eric Schmidt’s comments, starting with this one:
“He replied by saying that G+ was build primarily as an identity service, so fundamentally, it depends on people using their real names if they’re going to build future products that leverage that information.”
First of all Google Execs are not techno-doofs. They know technology quite well. Mr. Schmidt’s statement, from a technology perspective, is total hogwash. As any database wonk will tell you, the record identifier doesn’t have to be anything specific, just as long as it’s unique for each record. In the case of an Internet Identity Service, Google has been using unique identifiers that consist of mixed letters and numbers for some time. So the name you use on their service really doesn’t matter to them … as long as you use the same name in other places. That last phrase is crucial. If you use a different pseudonym on every site you visit, the value of that identifier is destroyed. But rather than try and convince people to start using the same pseudonym everywhere, Google made the decision to get people to use the same name .. their REAL name .. everywhere. Not only is it easier to get people to use their real name, but that also allows them to mine sites that don’t allow (or don’t focus on) pseudonyms.
Your Real Name
Internet Sites and Services fall into two broad categories, those that you use for recreation and general fun, and those that you use to perform real-life business. For example, I log into about 20 different websites per day. Of those sites, most of them allow me to log in and have on file only my internet pseudonym. But there is a small number, less than a handful actually, that not only has on file my real name but also has other such crucial identifiers as my Social Security number, my real home address, my phone number, etc.
But there is another trait of those latter sites that I believe Google has misunderstood. Every place where I use my pseudonym has advertising on it that comes from other sites, other services and promotes other stuff not related to the site I’m on. And I’m okay with those ads too. Sometimes I click a banner or follow a link, and sometimes I even purchase something from one of those clicks. But my level of comfort with seeing advertising from others on those sites is very high; I don’t mind in the least that those ads are on the pages.
However, those sites that have my real life details, that I log in with and trust my financial and government identification details with … if they show me ads for some other product, service or site … I’m outta there! Okay, I won’t stop using my bank’s website or my cell phone’s website, but I damn sure won’t click a link or banner for anything that might lead me off their site either. In fact, those sites will sometimes need to take me to another site as part of their genuine service .. and without exception they always stop me at a page that says “We’re now about to send you to a site we don’t control. If you don’t want to go there, click Cancel.” This is because they recognize that most people want their real identities kept on an isolated island, a virtual bank vault with no windows, doors or escape hatches out or in.
Ropes to the Outside World
Google+ can solve their problems of obtaining a valid and certified Identity no matter what name I plug into my profile there. But they can only do that to those sites that I’m willing to allow connections from or to outside properties. Like many Internet Savvy people, that does not include those sites where I’ve plugged in my full real-life details. But Google+ has set their sights on bridging that gap too, and the method they intend to use is that single identifier .. my “Real Name”. In order for them to tie those ropes and make those connections, they’ve got to get me to enter a real name they can cross-check and match up. But given the (rational) fear and reticence to do that, how can they force their way in? Even when they have my real name, by what manner can they encourage those institutions to open their books and allow Google to connect my records together?
It’s An Evil World Out There
I believe the answer to that question is contained in Mr. Schmidt’s statement as follows:
“Some people are just evil and we should be able to ID them and rank them downward.”
There’s been a lot of changes in our world, especially here in the USA, since the world’s focus has turned to International Terrorism. For us Americans, September 11th, 2001 was the beginning day of a gradual process that has seen our privacy and anonymity slowly eaten away. I’m not a conspiracy theorist or even a fear-monger about the loss of personal privacy. I’ve willingly given over a lot of my personal details to the government for various reasons. What I’ve given up has been because I can see the benefits to society and me personally. Granted there are some details that have no doubt been surrendered absent my knowledge, but overall the net effect has been to improve my safety and the safety of others.
However the mantra that “Evil Is Out There” has also been used more and more to justify peeking into things that really won’t improve anyone’s safety. Because of the fear and hysteria of people, and the general “Top Secret” nature of most of those agencies doing the peeking, it’s very difficult if not impossible to ascertain if they’re really right in wanting that access. But when it comes to commercial enterprises like Google, there absolutely is no reason they should be allowed to take a peek. But right or not, Mr. Schmidt’s statement above indicates they think they should be allowed. And that scares me.
I really have no problems with Google wanting to improve the efficiency and veracity of their Internet Identity Service. I relish the idea that someone eventually will stop thinking I want to buy tampons and car parts. But I will not tolerate, nor should anyone else allow a commercial enterprise such as Google to position themselves to be the arbiter of our inherent evilness or societal worth. It’s difficult enough when a government agency is involved in that process, and they are supposed to be public entities with mechanisms in place to prevent abuses. But a company, worse yet a private company, has no such legal requirement to divulge their internal methods or data. In fact, quite the opposite is true; they have specific protections under the law that allows them to keep that data secret and out of the eyes of anyone else.
If we allow companies like Google, or anyone else for that matter, to make value judgments about us as people then we agree to a sacrifice of rights that no one can recover and no one can justify. It would be the first step down a slippery slope from which there is no way back.
So while I am concerned that Google+ won’t allow pseudonyms on their new “Social Networking” (Internet Identity Service) website, I am much more concerned over the statements of their CEO and the direction they seem to be taking with their ability to tie all of our personal data together. It heralds a path to danger that needs to be stopped .. and stopped soon lest we all find ourselves suddenly judged “unworthy” by an entity we neither elected nor can fight.