Google’s acquisition of DoubleClick raises many major privacy concerns. Throughout the late 90′s DoubleClick was the boogyman of the privacy community. More recently Google has taken on that mantle. The combination creates an information harvesting juggernaut.

Google is in a position to see the search terms, and thus focus of interest, of the vast majority of Internet users. Most users start most searches or web expeditions with a Google search. Their logs contain a fairly complete history of the interests of their users going back for years.

DoubleClick has a view of user activity after the search across thousands of websites. Banner and other website ads are not actually hosted on the websites on which they appear. DoubleClick serves the content from their servers, and handles any clicks on the ads. Importantly, DoubleClick can gather your information even if you don’t click on the link. Simply viewing the ad is enough for them to cookie you, to gather your IP address, and store that along with the URL you are viewing.

Combined, this enables the creation of a database most searches along with most subsequent web surfing activities. Nearly ubiquitous Internet monitoring by a single entity will be a reality after this merger. Having both the search information and the surfing activity give the answer to both the what and why of a users actions. The merged data is much more powerful than the individual components, and serve to fill in the gaps in each other’s coverage.

Ironically, even Microsoft is talking about the privacy risks of this merger. Redmond | News: Microsoft Warns of Google-DoubleClick Danger

The Electronic Privacy Information Center (EPIC) has gone so far as to file a complaint with the FCC.

I have been following a number of stories like this,Congress Follows Email Trail – WSJ.com, about the Whitehouse use of RNC controlled email accounts to discuss the firings of federal prosecutors. The law appears quite clear. Official Whitehouse email is a document that must be retained. Discussions of firing federal prosecutors sounds official to me. Therefore the Whitehouse was wrong to use outside email addresses to keep the discussions secret.

I am not comfortable with the law in the first place. Email and other electronic communication media like chat and IM are often used more like casual conversation than formal memos. Few would argue that the President’s every word should be recorded at all times. It would make discussion and debate next to impossible. In the process of thinking through an issue one may consider many potentially unpopular ideas, if only for the purpose of argument. Free and unconstrained give and take generally leads to be best understanding and decisions. Free and unconstrained debate can not take place with the world looking over your shoulder and scrutinizing every word.

If we accept that email and chat are used like conversation to hash out ideas, then it is very damaging to the process to place heavy recording and monitoring requirements on it. At the same time, having no oversight substantially reduces accountability. It might even facilitate corruption.

This really shows in a microcosm the greater question of general communications privacy vs. law enforcement access. It is a hard balancing act because there is very little middle ground. Basically you are either monitored or not. Having monitoring of a random half of the messages is going to make everyone unhappy.

April 2, 2007 – Fortify Software Documents Pervasive and Critical Vulnerability in Web 2.0

It looks like, in addition to the privacy risks of voluntarily revealing information through Web 2.0 sites, weaknesses in the most common frameworks will enable malicious attackers to gather even non-public data from these sites.

Web 2.0 generally refers to web sites that are either web applications or are based on community content. In either case they involve the users uploading substantial amounts of possible sensitive personal information to the sites. I predict that a great deal of damage may result from this in the long run.

As a followup to my discussion of risks of online tax filing, here is an article on security weaknesses at the IRS. Report: IRS bungles may imperil data
It does not appear that this is particularly connected to online filing, but rather an overall laxness in their security.

In talking to David Utter of SecurityProNews I happened to mention a risk of Twitter that I think has been overlooked. Twitter can put you at physical risk because it can let a stalker or robber know when you are at home or away, and if you are alone or vulnerable. You can read his article on our conversation here