Google Privacy Director Alma Whitten Leaving 73
Gunkerty Jeb writes "Alma Whitten, the director of privacy at Google, is stepping down from that role and leaves behind her a complicated legacy in regards to user privacy. ... Whitten has been at Google for about 10 years, and while she has been the main public face of the company's product privacy efforts in the last couple of years, she has been involved in engineering privacy initiatives for even longer. Before becoming the privacy lead for products and engineering in 2010 in the aftermath of the Google Street View WiFi controversy, Whitten had been in charge of privacy for the company's engineering teams. During that time, she was involved in the company's public effort to fight the idea that IP addresses can be considered personally identifiable information."
Re: (Score:2)
scarier. way scarier... Oxymoron Incarnate kind of scary
Re: (Score:2)
Re: (Score:2)
Aren't the Preacher and The Choirboy essentially the same position?
Re:easiest job ever (Score:4, Funny)
Not really. It's one of the things where it's probably better to be the one who is behind.
Google + Privacy? (Score:2, Insightful)
Re: (Score:1)
"You can easily go and use someone else's IP-address."
And it's somehow impossible to use someone else's home/mailing address? The point is: you probably can only use someone else's IP address or home/mailing address if they (in some way) consent to it (e.g. providing proxy/VPN services, providing Tor services, etc.). No, IP spoofing doesn't count... you can spoof TCP SYN packets, but you won't be able to actually establish any connection (obviously, ICMP and UDP are different, since they're stateless protoc
Re:Google + Privacy? (Score:4, Insightful)
No, just like a street address, it does not identify you. It does lead straight to your home though. One requires someone to drive to your house. The other requires a LEO call to the ISP to ask for the address to drive to your house.
It doesn't identify *you*. Just like you can have your mail delivered to a friend, neighbor or PO box, *you* are linked to it. It still leads back to you, no matter how many layers of distractions are involved.
Your IP or mailing address cannot be used to prosecute. They can be used to point investigators towards who to prosecute.
Re: (Score:3)
Same with street addresses. I'd have to start digging in the court files, but I distinctly remember a case where someone was charged with drug manufacturing and was acquitted because the only thing they could field against him was that chemicals for manufacturing were delivered to his address but they couldn't prove that it was actually him ordering or receiving the items in question.
It's fairly trivial to "abuse" someone else's address. All you have to do is intercept the delivery guy and tell him that you
Re: (Score:2)
Google is a company that makes money by offering services in return for advertising.
If you dont like their terms, there are options for that. [youtube.com]
Re: (Score:2)
Google is the only company that violates your privacy?
Re: (Score:2)
Just so I understand your point, which person is being identified by the wifi cafe's public ip address? Assuming the ISP keeps those type of logs, which person is being identified by the public address given by your ISP?
"Personally Identifiable Information (PII), as used in information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context" - This is the definition from wikipedia, if you are happ
Re: (Score:2)
Get a PO box, a remailer service, a hotel room (yes, you can have mail sent to your hotel), and a cheap apartment in a different town. You can send mail from, and receive mail to, it.
Re: (Score:1)
You CAN'T keep your IP address private - that's how Internet works, dummy! - and it ISN'T personally identifiable information thanks to all variables like dynamic IPs, public WiFi spots, TOR exit nodes, running proxies and everything else.
You seemingly want to argue that Google shouldn't be able to personally identify you without your consent - that one's good point and I doubt many would argue with that - but for some reason you're arguing a moronic and wrong point that "IP (that you're broadcasting for ev
Re: (Score:3)
Re: (Score:2)
If you use a VPN to a diskless box that keeps no logs, certainly you can untraceably (at least to local enforcement) use another's IP.
Re: (Score:2)
The flaw here is that the average person is quite able to tell whether someone is living under their roof. Now imagine the average person being as "observant" offline as they are online. They wouldn't even notice someone sitting on their couch switching over to football every time they want to watch their soaps.
Re: (Score:2)
Interestingly, when the discussion comes around to MPAA using IP to identify, many on slashdot would claim that IP is in no way evidence of anything for a wide number of reasons-- insecure Wifi, multiple household users, DHCP, etc.
Obviously the two arent exactly the same, and obviously I cant accuse YOU of a double standard, but slashdot as a community certainly seems to have a double standard.
Re: (Score:3)
Tobacco companies have a Health director, so Google having a Privacy Director shouldn't seem so strange...
Re: (Score:2)
It goes along with the US government having a Department of Justice.
Unclear On The Concept (Score:1, Interesting)
The last two companies I worked at had officers sending stern warnings about how important corporate privacy was in one gmail while in another gmail saying how they expected employees to all be on google docs for sharing corporate spreadsheets and product planning, etc.
It must be nice being google. It's like having thousands of US corporations all volunteering to install your listening devices throughout their offices.
Re: (Score:1)
Does the same apply to printer manufacturers, lawyers and accountants, etc? Doing anything remotely inappropriate with corporate (or personal for that matter) information would destroy their business model. Stop watching Microsoft advertisements.
Re: (Score:2)
Erh... forward those mails to the CISO and ask him for his input. Should be fun.
What's an Oxymoron? (Score:2)
Panopticlick / Google can track you quite well. (Score:5, Insightful)
Well, on the one hand, the idea that IP addresses are not personally identifiable information is of benefit to the masses when arguing against RIAA/MPAA attacks saying "this IP address downloaded XYZ, thus the current user of said IP address is responsible", because an IP address is not a personal identifier.
.
On the other hand, google can then say that they keep track of IP addresses and other information which combine to become personally identifying information.
.
See the EFF's site Panopticlick [eff.org] to see the huge amount of identifiable information your web-browsing leaves behind, especially if you have javascript enabled. If google argues that your IP addy isn't personally identifiable info, then they can't get in any trouble for keeping track of it, even though in combination with your "user agent string" and the leaked browser information, they certainly can keep track of you.
Re: (Score:2)
Personally identifiable facts separated from there other facts my be PI without actually being enough to identify on there own. Knowing only your birth date I can't do much but if I have your birthday and full name I can come up with a much smaller list of candidate people who might be you.
There need not be a direct connection between some datum being characterized as PI and using it as a unique and reliable identifier. That said, I don't disagree with googles position; having to treat IP addresses as PI
Re: (Score:1)
If they'd require your real shoe size - would that make it personally identifiable as well?
What's needed is laws against tracking, not redefinition of "personally identifiable" that'll bite you in the ass later.
PS: By the way, I can see how your shoe size'd be a nice data point for marketeers: "Someone with his shoe size and user agent bought sport shoes today, mark him for Nike and Reebok ads in 6 months"
How many hours a week? (Score:2)
Surely it's not still April 1st somewhere? (Score:4, Insightful)
OXYMORON (Score:1)
"Alma Whitten, the director of privacy at Google"
Well.. (Score:1)
Re: (Score:1)
Re: (Score:1)
Google goes to extraordinary lengths to anonymize usage data. There are only like 4 people in the whole Google that have access to the RAW logs, other people get them only after anonymization and any attempt to gain an access to RAW data ends up with immediate termination.
The question is if this practice would continue after Alma's departure, or she left because there was something being cooked she disagreed with.
What about IPv6? (Score:1)
So, not privacy oriented then ... (Score:2)
So she led the charge to try to make as much stuff declared not private as possible, and wasn't ever actually a privacy advocate. Did she try to argue that the wi-fi information they scraped wasn't private either?
She'll no doubt be replaced with someone who cares even less about privacy.
Sadly, Google is evolving into a douchebag corporation like every o
Google Privacy Director? (Score:2)
Google Privacy Director (Score:2)
Was this one of those "no-show jobs" we sometimes hear about?