The Greatest Threat to Privacy Part II: Why I Worry More About ISPs Than Google
posted by Paul Ohm
In a prior post, I began to explain why ISPs pose the greatest threat to privacy in modern life. I argued that many ISPs are likely to begin to experiment with new, more invasive forms of surveillance relying, in part, on so-called Deep-Packet Inspection technology. I am grateful for the vigorous debate which followed in the comments, and I know my article will be much stronger once I incorporate what I have learned reading and responding to these comments.
The last post led only to the conclusion that ISPs pose a great threat to privacy, but to call this the greatest threat in society, I need to answer the question, “compared to what?” In particular, the most common response to my article I have heard is, “Doesn’t Google threaten privacy more?” In this post, let me explain why I worry more about the threat to privacy from ISPs than from Google.
You can hide from Google but it is very hard to hide from your ISP. Even though Google collects a lot of information about what its users do when they use its services, it cannot track what it cannot see. Whenever you leave a Google-owned or affiliated website, Google loses track of you. As you surf the New York Times, Yahoo!, Facebook, Amazon, Craigslist, or eBay, Google has no way of knowing what are you doing. When you communicate via VoIP or download files over BitTorrent, Google has no way of monitoring you.
Your ISP, in contrast, never loses sight of you (unless you encrypt your communications or switch to another provider). In a recent radio interview, I called this a “Godlike” view of the network. As a commenter to a New York Times blog post about my article put it, “Deep Packet Inspection is Adware or Spyware ON YOUR NETWORK.”
More directly to the comparative point, your ISP can see nearly everything you do through Google. Virtually no Google service uses encryption by default. Your ISP, if it chooses to watch, can see and record every Google search query, Google Calendar entry, YouTube video stream, and Google Reader request. For this reason, the threat to privacy from Google is merely a subset of the threat from your ISP, assuming of course that your ISP is watching.
This last caveat is the one that frustrates some readers. Sure, the potential threat to an ISP-gone-bad is dire, they might concede, but no ISP is actually collecting this much information. Most ISPs are respectful of user privacy, they would argue, and possess the self-control to refuse to watch most of what their users are doing.
But as I said in the last post, even if no ISPs are collecting this much information today, I predict that they will in the near future thanks to the means, motive, and opportunity at their disposal. A few commenters have rightly pushed me on ISP motive: what proof do I have that ISPs are feeling pressure to collect more information? First, Charter, AT&T, several British ISPs, and others have proposed or implemented new monitoring schemes in the past year. Second, for many years, ISPs have persistently complained about their dire financial prospects, arguing that they cannot afford to upgrade their infrastructure without new strategies for better return on investment (ROI). I know of few other plausible ways for ISPs to improve ROI, except by monetizing user secrets.
I plan to write at least one more post on this topic, but for now, let me turn it back over to the commenters. Please remember that this is a very brief synopsis of a 77 page, 34,000+ word draft, and I urge you to at least skim the article before you respond…
September 12, 2008 at 1:14 pm
Posted in: Cyberlaw, Google & Search Engines, Privacy, Privacy (Consumer Privacy), Privacy (Electronic Surveillance)
Print This Post
Responses (5)
anonymous - September 12, 2008 at 2:50 pm
Now that Google owns DoubleClick, they CAN track you on most of the popular websites.
Paul Ohm - September 12, 2008 at 3:08 pm
Yes, the Doubleclick acquisition has increased Google’s “view” considerably, but it is still less than the ISPs.
First, even if it is true that Doubleclick has deals with “most” popular websites, as you say, it does not have deals with all of the popular ones and probably with few of the unpopular ones. Millions (billions?) of sites visited by users every day have no deals with DoubleClick.
Second, I confess that I haven’t looked closely at how DoubleClick uses third-party cookies (or other things like web bugs) in four of five years, but as I understand things, when DoubleClick shows an ad and receives a third-party cookie, it learns only the URL of the site visited. As I understand it (please correct me if I am wrong), third-parties don’t even get the content of the GET or POST queries that led to the page (unless that information is stuffed into the ad href.) In contrast, ISPs have access to _all_ of the content in the entire session. Header, payload, non-content, content, everything.
Third, DoubleClick doesn’t give Google access to non-web traffic like e-mail, IM, or VoIP.
Fourth, it is easier to block third-party cookies than it is to opt-out of ISP surveillance.
Finally, I am only saying that ISPs pose a greater threat to privacy than Google/DoubleClick. I am not saying that Google/DoubleClick poses a low threat to privacy.
Logical Extremes - September 12, 2008 at 4:45 pm
Paul, I’d add to your rebuttal list:
- It’s possible to block ad servers altogether, so even web bugs and iframes get defeated.
- As long as you change your IP address regularly and do your searches without being logged in (use another browser or use Google Chrome incognito mode, for example), no cumulative dossier can be collected by a service provider out beyond your ISP.
Logical Extremes - September 12, 2008 at 6:06 pm
Forgot to mention (perhaps obvious) in my second point that clearing cookies regularly is also essential. Ideally, cookies should be cleared in conjunction with IP address change, so that there is no overlap that allows one to be correlated to the other.
GATOR - September 13, 2008 at 11:02 am
Paul:
i agree as to the difference between nebuad-isp network issues and google type, but what about:
1) what is at&t planning?
http://www.alleyinsider.com/2008/8/at-t-to-congress-google-spies-on-web-surfing-so-we-will-too
“AT&T (T) says it hasn’t yet started systematically tracking Web users, but it will in the near future.”
2) there has been much discussion about isp as a whole, but i think you should develop “models” to separate the levels of what is being done. I would think the “nebuad-isp model” would be classified as the highest level of privacy breach.
3) what about the websites that are downline from “nebuad-isp model” that would be receiving “the goods” that nebuad aka fair eagle obtained when they know the source of how they were obtained. what are the privacy legal issues there?
Leave a Reply