Beware what you read and what you opt out of…

A few years ago, in an article published in New Media & Society (2007), I attempted to draw attention to a recurring problem with respect to user privacy online: the lack of transparency surrounding the data collection/sharing/use practices make it almost impossible for even the most “savy” user to actually challenge corporations’ “interpretations” about who we as individuals are… The problem gets even more complicated when we start confusing “data security” with privacy and somewhat falsely believe that coupled with higher consumer knowledge, opt out systems will be able to protect the privacy of individuals (no…not consumers, we are individuals).

In a recent entry, blogger, security and privacy analyst Christopher Soghoian provides some very useful examples from Google.  For those of you who are too busy to read the rest, the gist is that when you opt out of Google’s web history etc. all you are doing is stopping Google from using the data (but the data remains in their servers):

Consider this snippet from the Frequently Asked Questions page for the Google Web History service:

You can choose to stop storing your web activity in Web History either temporarily or permanently, or remove items, as described in Web History Help. If you remove items, they will be removed from the service and will not be used to improve your search experience. As is common practice in the industry, Google also maintains a separate logs system for auditing purposes and to help us improve the quality of our services for users. For example, we use this information to audit our ads systems, understand which features are most popular to users, improve the quality of our search results, and help us combat vulnerabilities such as denial of service attacks.

As this page makes clear, Google does not promise to delete all copies of your old search records when you delete them using the Web History feature. No, the company will merely no longer show them to you, and will no longer use that information to provide customized search. I’m sure this was an honest mistake on Mayer’s part, right? As the company’s vice president of search products and user experience, its not like she should actually be expected to understand the fine grained details of the company’s policies for search and user privacy.

In other words, shall the Big Brother or one of the smaller brothers need data about you, it stays there. And all you are left with is the rightfully and comfortingly false belief that Google or Yahoo or else is protecting your privacy.