Google busted on privacy – AGAIN.

big surprise – not! – Number Six

From the Seattle PI:

“….“Unlike every other browser vendor, Apple enables cookie blocking by default. Every iPhone, iPad, iPod Touch, and Mac ships with the privacy feature turned on,” Mayer pointed out in his paper.

Apple advertises this like so: ”Some companies track the cookies generated by the websites you visit, so they can gather and sell information about your web activity. Safari is the first browser that blocks these tracking cookies by default, better protecting your privacy. Safari accepts cookies only from the current domain.”

But it turns out there are a few ways for companies to get around these limitations. The one that Mayer’s paper focused on was inserting special code to place trackable cookies in Safari. He found four companies doing this: Google, Vibrant Media, Media Innovation Group and PointRoll.  This all sounds really bad.

Google discontinued the practice after being contacted by the Journal, which makes it sound even worse.  At the very least, Google and the other companies had no business doing this without making it crystal clear to users. It seems at odds with the reasonable expectations of savvy users who either choose Safari because of its default privacy protections, or were under the impression that they couldn’t be tracked while using it….”

And the followup rebuttal to Google from Mayer – a choice excerpt below (more if you click through), emphasis added is mine:

“…Rachel Whetstone, senior vice president of communications and public policy at Google, started the statement by saying:

The Journal mischaracterizes what happened and why. We used known Safari functionality to provide features that signed-in Google users had enabled. It’s important to stress that these advertising cookies do not collect personal information.

Mayer responded:
This was technically possible, therefore it was OK? What? I sure hope Google isn’t making an argument like that. There are all kinds of things we know are technically possible.

Whetstone’s statement continued:
Unlike other major browsers, Apple’s Safari browser blocks third-party cookies by default. However, Safari enables many web features for its users that rely on third parties and third-party cookies, such as (Facebook’s) ‘Like’ buttons.

Mayer said:
Google’s response …  is it’s unfair that Facebook gets to do this and we don’t, because they host the services from Facebook.com and we split ours between Google and DoubleClick.

There are three responses to that. The first is, so what? You’re still circumventing a privacy feature. If you wanted to do this, you could have hosted this off of Google.com.

The second is, this isn’t a social feature like Facebook, admittedly it blurs the line between social and advertising. But we’re not talking about social widget that exists for sharing with friends.   The purpose of this conduit is just to put the ‘+1′ button on ads. It seems like a lot of energy for what is unambiguously a lame feature. I don’t know how many users have clamoured for ‘+1′ ads.

The user is giving up some privacy in exchange for lining Google’s pockets.

Third, when has any good privacy counterargument begun with, well, Facebook does it too?….”