Ignore the #privacy campaign - searching the internet is not a private activity. Period.

 by Martin Belam, 18 October 2006

There is a new campaign on the internet to make search engines respect a "standard for search engine query privacy". They are targeting Google, Yahoo!, Microsoft and Ask, and claim that "If these four search engines accept the #privacy standard, the world will be - literally - a better place".

20061018_poundprivacy.gif

The "Pound Privacy" campaign proposes that any search appended #privacy "should not be tracked by IP or cookie, and should not be made public in keyword tools".

Of course, there is the obvious initial gripe that the symbol # is not actually universally referred to as a "pound symbol", which many parts of the English speaking world would more naturally assume to be £.

However, aside from that, the whole concept is flawed. Looking at their homepage they state that the reasons they choose '#' were:

(1) The major search engines (Google, Yahoo, MSN) do not use the # symbol as one of their special operators
(2) All search engines by their nature capture the query and analyze it (no new form fields need be created)
(3) It is a platform-independent solution
(4) It allows search engines to still default to data capture, without burdening them to determine whether data should be stored
(5) It requires no additional software (such as proxies or privacy tools)
(6) It can be used in conjuction with existing privacy solutions.

However, they immediately go on to say:

The primary exception to this would be when the query indicates that a crime is being committed. For example, a search query that indicates the solicitation of child pornography could be excluded from the #privacy flag.

So, whilst claiming that the system doesn't burden search engines with trying to on-the-fly "determine whether data should be stored", they say data should be stored if the keywords match a list of criminal online activity. Yet how are search engines and law enforcement agencies supposed to find out the kind of keywords people are using to look for child pronography if they can no longer routinely analyse any keywords that people mark #privacy?

The whole thing smacks of a misunderstanding of the nature of the internet - using search engines to search the the internet is simply not a private activity, nor will it ever be.

Regardless of whether you tag your search term #privacy or not, you are sending a URL with your query string encoded in it via an ISP with legal obligations over data retention, across various machines on the network, and then the internet servers of the search engine have to be aware of where to address the information packets that make up the search results sent back to you. Those actions can be, and are, logged anywhere along the way.

I was concerned at the time that when AOL released their search data without properly making it anonymous we risked seeing the valuable tool of of search log analysis being demonised - and it seems to me that a misguided campaign like the #privacy one is more evidence that this is indeed happening.

Update 19/10/2006: Actually the more I thought about this last night, the more I figured that it was such an ill thought out proposal that it must surely just be a link-bait spoof by Russ Jones to get publicity for the SEO company sponsoring it - just look at how the site is overdoing the digg this/email a friend/wear the banner publicity angle.

20061019_scam.gif

2 Comments

Russ at Virante tried to leave a message here, but the comment system was not working at the time, so he emailed me instead and said it was OK to add his response to the post. Russ says:

(1) Any privacy solution must balance effectiveness with accessibility.
This one is very accessible, but not 100% effective (TOR on the other hand has low accessibility + high effectiveness)

(2) I don't see how egotism plays in here. Asking people do something so little as type in #privacy is far less invasive than requiring them to install 3rd party software like TOR.

(3) I doubt the 10 #privacy searces "some joker [found] combing their referrer logs" will be nearly as dangerous as the millions found in data leaks like those by AOL, or regularly available through public keyword selector tools

(4) It is a shame that good ideas are labeled as LinkBait just because a company backs it. Do you think the Breast Cancer Awareness Week is a sham because it was originally started by a company? Should we ignore Dove's new campaign against negative images of beauty in the media? Or is the only company in the world that you trust as "good" Google?

>> (4) It is a shame that good ideas are labeled as LinkBait just because a company backs it. Do you think the Breast Cancer Awareness Week is a sham because it was originally started by a company? Should we ignore Dove's new campaign against negative images of beauty in the media? Or is the only company in the world that you trust as "good" Google?

I don't have any problem with good ideas originating from a company, or with a company making publicity capital out of their good ideas. I simply don't happen to believe that #privacy is in any way a practical or good idea.

Instead of helping users to understand who is keeping their data (search engines and their ISPs) and why (commercial gain, academic research and "anti-terrorist" legislation), it makes people think that by simply appending a search query with a tag they are somehow in a private environment. Using the internet is not a private activity.

Keep up to date on my new blog