Full text of Google’s response to Congressional Bi-Partisan Privacy Caucus

Rep. Joe Barton released the following statement after reviewing the letter.

“I am disappointed in the responses we received from Google. There were questions that were not adequately answered and some not answered at all. Google Glass has the potential to change the way people communicate and interact. When new technology like this is introduced that could change societal norms, I believe it is important that people’s rights be protected and vital that privacy is built into the device. I look forward to continuing a working relationship with Google as Google Glass develops.”

Text of Google’s response can be found HERE.
Text of the Caucus letter to Google can be found HERE


For our part STC does not believe that Google’s response has addressed the concerns raised in the letter. In particular the question regarding unintentional gathering of data of users/non-users without consent was left unaddressed. Further the lack of recognition that the intimate and pervasive nature of glass might require a separate or modified privacy policy is concerning.

There are four simple technical fixes which we would urge Google apply:

  1. Make the prohibition on face recognition or any other way of identifying individuals permanent Google policy and support a law to prevent competitors implementing it.
  2. Encrypt all data stored in the cloud with keys that only the user has access (Not Google or the NSA).
  3. Implement a TagMeNot style system on G+ and Glasswear which prevents the sharing of pictures of people who actively object to their image appearing on commercial social networking sites.
  4. Remove the capability to initiate recording by holding down the button (as opposed to saying OK glass)

These technical fixes do not fully address the issues around glass in particular those which concern the privacy of non users and behavioral profiling or determination of social relations between users on the basis of location data. These would more correctly be addressed through legal and social means for example legal subject rights and limits on aggregation and mining of data. A consent based approach which is the current “privacy policy” based model  is not appropriate for wearable technology; firstly because it is ‘virtually impossible for people to weigh the costs and benefits of revealing information or permitting its use transfer without an understanding of the potential downstream uses‘; secondly because it is impossible for non users to consent; and finally because ‘take it or leave it’ contracts of adhesion do not provide for meaningful negotiation between equal parties but rather impose the terms of the dominant party on an individual without the time or capability to make an informed decision.

About these ads