Is Google the new Microsoft? That is, is Google now the company that "people love to hate," so that - no matter what they do - there's sure to be criticism of them? Ten years or so ago Google was seen as the "white knight" that would vanquish the Microsoft dragon as a worthy successor to Apple in that role. Now, though, it appears that Apple has risen from the ashes and is the valiant warrior that the Google "dark lord" is trying to usurp. Here in the western hemisphere, the gathering of personal data in order to present ads to you which reflect your interests is considered by many to be a bad thing.
The latest round was a recent story in the Wall Street Journal purporting to show how Google had undermined and sidestepped the privacy settings on iOS devices (and computers) using Apple's Safari browser.
It would appear that there are two possibilities: 1) the Safari mechanism was flawed; or 2) Google used a loophole or "backdoor". In fact, both are true but the real culprit here may be the user, aided and abetted by the media - and Apple!
Safari is the only web browser which, by default, blocks third-party cookies. At least, they say they block them. In reality, Apple only blocks brain dead third party cookies since they very happily tell all and sundry under which conditions third party cookies may be allowed. According to Stanford University researcher Jonathan R. Mayer, in fact, Safari's cookie blocking policy is less restrictive than many competing browser vendors. Specifically:
- Reading Cookies Safari allows third-party domains to read cookies.
- Modifying Cookies If an HTTP request to a third-party domain includes a cookie, Safari allows the response to write cookies.
- Form Submission If an HTTP request to a third-party domain is caused by the submission of an HTML form, Safari allows the response to write cookies.
On the other hand, many of the services that Google offers its users, particularly in the realm of personalization, require that cookies be placed to identify the user, their location, their settings, etc. Many of the services we've come to rely on require that cookies be used. Google's "+1" and Facebook's "Like" buttons, which are becoming ubiquitous across the net, are third party tools yet no one seems to complain about them.
If there were an easy way to allow some third party cookies in Safari, and if Google (and others) chose to ignore that method, then there might be reason for the outcry. But Apple tells Safari users why they block these cookies by default: "Some companies track the cookies generated by the websites you visit, so they can gather and sell information about your web activity." If that's what I'm told, then I certainly wouldn't want those cookies placed on my machine! Unfortunately, while the statement is true it is very far from the entire truth. Most cookies, the very vast majority, are not used to gather data to be sold but to tailor, or personalize, the user's experience.
Rachel Whetstone, senior vice president of communications and public policy at Google, was quoted by the Washington Post: "The Journal mischaracterizes what happened and why. We used known Safari functionality to provide features that signed-in Google users had enabled. It's important to stress that these advertising cookies do not collect personal information."
Not to be outdone, Microsoft jumped on the "kick Google" bandwagon when Dean Hachamovitch, Microsoft corporate vice president of Internet Explorer, declared Google was bypassing user privacy settings in Internet Explorer, also. Perhaps true, but so were tens of thousands of other websites, all using methods that Microsoft itself painfully outlined in a Knowledge Base article (since removed, but available on the Wayback Machine).
In what appears to be the final straw, a class-action complaint has now been filed against Google for its circumvention of Safari's privacy features. The lawsuit, filed in the US District Court for Delaware, accuses Google of willfully violating of the Federal Wiretap Act, the Stored Electronic Communication Act, and the Federal Computer Fraud and Abuse Act.
It's time for a dose of reality, folks.
The internet and the content it provides costs money to produce. There are five possible ways to fund those costs:
- Subscription paid by the user (popular with sports-centric sites)
- Product purchase by the user (Amazon, eBay and the like)
- Advertising placed by third parties (95%+ of the web)
- Self-funded by web site owner (such as our own kuppingercole.com)
- Funding by a donor, foundation, NGO or government body (religious and charitable sites, for example)
It never ceases to amaze me that so many people confuse privacy with anonymity. It's a subject I've been writing for a dozen years, but is probably best summed up in this 2006 blog post, "Anonymity, identity - and privacy". Privacy means that only those whom I wish to know something (or who because of their role - doctor, judge, spouse - need to know something) know it. Trying to keep everyone from knowing anything about you is attempting to be anonymous - and there is no true anonymity on the internet. There really never has been nor will there ever be.
But telling people the honest truth evidently doesn't sell newspapers. So even the Wall Street Journal will resort to sensationalism - and a bit of biased reporting - to get itself talked about. And they'll be abetted by commercial enterprises (in this case, Apple and Microsoft) who see a distinct advantage in having a competitor savaged. Fortunately, I'm here to set you straight. Your comments are welcome.