The question of “who to trust with my personal/private data” comes up a lot when you work for Google.
Caveats: I work for Google; you should consider my bias. I drunk the Kool-aid the day I accepted the job offer. These opinions are solely my own and do not reflect those of my employer.
Habits are more effective than laws. When you consider to whom you should entrust your data – Google, Apple, Facebook, Microsoft, governments, etc – ask yourself what that entity’s record is on respecting your privacy and acting ethically. Not just “within the bounds of the law” but “does the right thing, even when it is hard”.
Does the entity disclose breaches? Act to resolve them quickly? Do they fight government intrusion or do they cooperate beyond what they are legally compelled to do? Do they fight spy agencies, criminals, and malicious actors within themselves? Is it hard even for an agent of that entity to access your data?
Decide for yourself if your trust is placed well. But you must shift your view from “don’t share my data” to “decide whom to trust”, because all modern computing services depend on placing some level of trust with such an entity.
I know where I stand. Every day I see evidence of nerds just trying to Do the Right Thing at Google. But don’t take my word for it – check the public record.
Thanks to US-American laws, the omnipresence of the NSA and the simple fact that all US-American companies have to comply with US-American laws, the simple and sad truth is that one cannot trust –any– American company anymore. It doesn’t matter if some or most people in the company try to do the right thing. The moment someone shoves a “national security letter” in their face, all that goes out of the window.
Microsoft, at least on the outside, did a smart thing: They partnered with German companies and are able to offer cloud services hosted in Germany and governed by German laws — outside of the US jurisdiction. If you don’t want to store your data in NSA country, you can sign up for Germany-based Microsoft services. Of course, there are others then to get to the people’s data, but at least it got more difficult, technically and legally.
But the biggest invasions into our privacy comes from the companies that we entrust with our data and profiles. Google first and foremost is a gigantic advertisement agency, and of course it scans and analyzes our data and profiles to supply us with perfectly matching ads. Google might not sell or hand out that information directly to its corporate customers that want to place ads, but you cannot tell me that Google is not analyzing everything it has on its servers to create a more efficient advertisement machinery. Microsoft and Facebook do it, and they’re not even trying to make a secret out of it. Apple pretends to be the good guy here, but how much can you trust a company that once said that it was “a bug” that its smartphones were collecting its customers GPS data and archiving every single movement…
But to make this short, Tyler, and in all honesty: I rather trust your judgment and take YOUR word for it than believing any company’s public record.
All the best,
Comments feed for this article
Trackback link: https://www.tolaris.com/2017/10/04/2681/trackback/