Does Google’s “Don’t be evil” Still Apply
Back in the stone age of information search, when Google just started off, they coined the slogan “Don’t be evil”. Many things have changed since then and the business requirements (or ambition) to know everything about us across devices and across activities (search, drive, exercise, walk on the street….) in order to maximize advertisement revenue has taken our privacy away.
Right, it is our choice.
We decided to use Google as the search engine
We decided to use Chrome
We decided to use Waze
There is one area most of us think big brother has no access to. That is, what we say to the other person in the room.
In WebRTC applications, when the application wants to get access to the microphone and camera it is required to get user consent. If the user doesn’t click that Allow button, access is not granted.
Once user has given permission for a webpage using HTTPS to access his microphone and camera there will be no need to grant access again on the next visit to that page although access can be controlled by clicking on the camera icon in the address bar.
This is not the case for every application.
Hello Google Hotword
It sounds pretty useful (to some). You say “OK Google” and search by voice. For “OK Google” to be picked up by the browser it actually needs to constantly listen to what is going on in the room. Since Google is a cloud company, the voice is sent to their servers, processed there and result sent back to the browser.
Google promises they don’t really listen to what’s going on in your room and that they don’t really do anything with this information. They say you can trust them. Should you? Your choice.
This feature is set as disabled by default in Chrome.
Google eavesdropping tool is also in Chromium
So let’s say you trust Google not to secretly activate this feature without you knowing about it and making a clearheaded decision to opt in.
There have been complains that in Chromium situation is a bit more complex.
Chromium is an open source and therefore code included in it can be analyzed by developers to verify no evil things are being added to it. When the final build of Chromium on OSs such as Ubuntu or Debian is built they use a few black box upstreams of code, code that is considered trusted and not analyzed.
Google took advantage of its position as a trusted upstream provider and downloaded to the build the Hotword model.
In a response by Google they put the blame on Debian as the one making the final build but soon after Google made a change in policy and now Chromium builds no longer download the model by default. A user will need to explicitly request for it and get it from the Chrome Web Store.
Saying, avoid Google for privacy would be naïve. Personally I use Google’s services for most of my activities.
The conclusion I have from this story is not about privacy, it is about conduct of companies. No matter how big you are and if you are a monopoly of some sort, evil and bad conduct eventually gets exposed.
Monopolies don’t last forever; they get replaced due to technology disruption or business changes. Bad conduct is a first step in that direction.
In case you were wondering about the Google “Don’t be evil” slogan. On their “What we believe” section on the Google website a softer statement is used saying – You can make money without doing evil.
Investor relations code of conduct section still hold the Don’t be evil slogan yet it says that Googlers generally apply those words to how they serve users.