[LINK] Crikey: 'Google a 'honeypot' for authoritarian governments'

Roger Clarke Roger.Clarke at xamax.com.au
Thu Jan 14 15:02:44 AEDT 2010


At 14:41 +1100 14/1/10, Geordie Guy wrote:
>*sigh*
>I'd like to encourage privacy advocates to openly discuss concerns 
>about companies such as this within the privacy community, and 
>further encourage those who provide expertise to the media to 
>consider the wider opinions. Particularly those whose expertise are 
>grounded in specific areas who are invited to speak on areas wider 
>than their expertise.

Could you be a tad more specific, Geordie?

Thanks.

The comments provided to the reporter are below.

P.S.  I hereby give you permission to pass these comments on to 
Google via your gmail account

______________________________________________________________________


               Musings on the Google and China Story

The only statements that I've seen refer to:
-   "a recent cyber attack against the Gmail accounts of human rights 
activists.
-   "a vast cyber attack, including an attempt to hack the Gmail 
accounts of Chinese human rights activists
-   "security and human rights implications".

Plus it appears that Google is prepared to abandon its 1/3rd 
market-share in China if this piece of sabre-rattling doesn't force 
the Chinese government to back off.

So there's very little hard information available, and it's necessary 
to interpolate.

Speculation:

The hacks may have been directed at Google's own archive, which would 
be much more valuable than "the Gmail accounts of Chinese human 
rights activists".

Reasoning:

Google has accumulated vast holdings on people.

That doesn't just apply to Gmail users.
And it doesn't just apply to people with Google accounts.

It's got all of your search-terms.
And it's got what you clicked on while you've been on Google pages.
It's got a list of prettymuch every ad you ever clicked on.

It's got any emails that you sent to Gmail users.
It's got what people sent to you from Gmail accounts.
It's got the correspondence that you exchanged with people who, 
unbeknowns to you, flush all of their mail from other accounts 
through Gmail.
It's got every posting that you've sent, since about 2004, to every 
email-list that you're on (because at least one person on every list 
uses Gmail).

All of that data is directly related to you because of the 
email-addresses, IP-addresses and personal names contained in all of 
that traffic.

That's reinforced by its use of your email-address as your loginid 
for Google services, and a suite of cookies that are common across 
all services.

(If you're a Google addict, it may also have every location that you 
ever typed into Google Maps, and every Streetview you ever displayed. 
And you may have even gifted it your photo collection, and a copy of 
your own disk-files.  See 
http://en.wikipedia.org/wiki/List_of_Google_products).

Less reliably, it's also got what people said about you that got into 
the Gmail system.  (But that's a lot less reliable, because some of 
it only contains names, and is much harder to match with your own 
email-traffic).

So Google is in a position to mine from its holdings:
-   your online behaviour
-   your economic and social interests
-   your political views
-   your network of contacts
-   your close associates

An authoritarian government would like to be able to do that too.

So it would be no surprise whatsoever if the Chinese Government 
sought access to the Google archive and its internal search 
capabilities.

They might try to do it with Google's agreement, or otherwise.

In fact, it would be a big surprise if it didn't.


Paper:
Clarke R. (2006)  'Google's Gauntlets' Computer Law & Security Report 
22, 4 (July-August 2006) 287-297, PrePrint at 
http://www.rogerclarke.com/II/Gurgle0604.html#Priv


Presentation slide-set:
Clarke R. (2005-07) 'Big Brother Google ', text at 
http://www.rogerclarke.com/DV/Googacy-070919.html
Slide-set at http://www.rogerclarke.com/DV/Googacy-070919.ppt (4MB)



-- 
Roger Clarke                                 http://www.rogerclarke.com/
			            
Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA
                    Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au                http://www.xamax.com.au/

Visiting Professor in the Cyberspace Law & Policy Centre      Uni of NSW
Visiting Professor in Computer Science    Australian National University



More information about the Link mailing list