A woman's hand is touching screen on tablet computer for Google search engine.
Data Privacy Concerns with Search Engines

Data Privacy Concerns with Search Engines

In an age where the Internet is simply an indispensable part of life, the use of a search engine is possibly at the foundation of the user experience. This is a world where near instantaneous access to information is not simply a ‘nice to have’ for researchers and writers, it is at the bedrock of our modern consumer society. Is the way in which we find takeout food, restaurants, household furnishings, fashion – and yes even friends and lovers. In short, without search engines the machine that powers our modern world begins to falter.

We are increasingly reliant on search engines – but it may be instructive to understand just how much data Google is now handling. Within Google’s range of products, there are seven with at least one billion users. In its privacy policy, Alphabet (Google’s parent company) outlines its broad and far-reaching data collection. The amount of data the company stores is simply staggering. Google holds an estimated 15 exabytes of data, or the capacity of around 30 million personal computers.1

However, it is worth noting that Google is not alone in the search engine space. There are other players such as Microsoft’s Big. Yahoo Search and Baidu. All of them are mining data. However, there can only be that one ‘Gorilla in the Sandpit’ – and that is undoubtably Google. To explore just how search engines may infringe on our rights to privacy Google gives us a yardstick to what they would characterize as ‘best practice’.

Nothing in life is free … Including search engines

Consumers are becoming increasingly aware that the old maxim of ‘nothing in life is free’ is even more applicable than when it was penned. In fact, there is an associated saying ‘if something is free you are getting exactly what you pay for.’

Herein lies the problem with the use of search engines. They offer an essential service – but that service is certainly not free of cost. That cost is a certain level of intrusion into our lives in the form of search engine companies like Google gathering data about our online habits and using that data to fine tune marketing efforts (often by selling that data to third parties for their use).

But that is only the outcome of using a search engine. For many consumers and consumer advocate groups the real problem lies deeper than that. It revolves around awareness and permission. Are search engine companies free to gather and use our data without explicit permission- can we opt out of such an arrangement?

The answer is both yes and no. Reading search engine company user agreements it becomes clear that we (at least historically) we have been empowering companies like Google to use the data that they gather in almost any way that they see fit. But lately we have seen a huge effort by search engine companies to make sure that consumers are aware that they can limit the amount of data that is gathered. That was not always the case – user agreements are almost never perused with great care. Most people are not freelance attorneys and are defeated by the legalese and intricacies of most user agreements and outlines of privacy policy.

However, the real problem is that although the gathering of data and the leveraging of that data for profit may represent a betrayal of the relationship between consumer and search engine company there is a larger issue at stake, beyond even the right to privacy – and this is data security.

Google has a far from perfect record as regards security – but it is better than many other tech companies. However, mistakes do happen. In 2009, there was a bug in Google docs that potentially leaked 0.05% of all documents stored in the service. Taken as a percentage this does not seem like a terribly large number, but 05% of 1 billion users is still 500,000 people. Google has no room for error when it comes to data protection.

Another fact worth noting is that Google’s Chrome browser is a potential nightmare when it comes to privacy issues. All user activity within that browser can then be linked to a Google account. If Google controls your browser, your search engine, and has tracking scripts on the sites you visit (which they more often than not do, they hold the power to track you from multiple angles. That is something that is making Internet users increasingly uncomfortable.

A fair trade of service for data

It may seem that consumers should automatically feel extremely uncomfortable about search engines making use of the data that they gather from user search. However, as uncomfortable as it may seem to some consumers are entering into a commercial relationship with a search engine provider. To return to a previous argument ‘there are no free lunches’. Search engines cost money to maintain. Their increasingly powerful algorithms are the result of many man hours (and processing power) which all cost huge amounts of money. In return for access to vast amounts of information we are asked to tolerate the search engine companies use of our data. In most instances this will have a minimum impact on the utilitarian value of a search engine. Is this not a tradeoff that we should be willing to tolerate?

However, there is a darker side to search engine companies harvesting and using data that they have gleaned from consumer activity. Take for instance the relationship between government agencies and search engine companies. Although the National Security Agency in the United States has refused to confirm (or deny) that there is any relationship between Google and itself there are civil rights advocates who are becoming increasingly vocal about the possible relationship.

As far back as 2011 the Electronic Privacy Information Center submitted a Freedom of Information Act request regarding NSA records about the 2010 cyber-attack on Google users in China. The request was denied – the NSA said that disclosing the information would put the US Government’s information systems at risk.

Just how comfortable should we be that the relationship between a company like Google and the NSA sees that government agency acting as a de facto guardian of its practices and potential weaknesses when it comes to data protection – and by extension privacy?

It’s complicated

The search for a middle ground between the rights of the individual to privacy and the bedrock of data protection vs the commercial relationship between themselves and search engine companies is fraught with complexities. What is becoming increasingly clear is that a new paradigm must be explored. One that will protect the commercial interests of companies that offer an invaluable service and the rights of the individual. Whether that relationship will be defined in a court of law or by legislation remains to be seen.