Congress asks Google if and how it’s protecting privacy with Glass

Congress asks Google if and how it's protecting privacy with Glass

Image from Stop the CyborgsThe US Congress on Thursday sent Google a letter [PDF] listing eight specific privacy areas concerning Glass that legislators would like to know quite a bit more about.

Congress members aren’t the only ones.

Since the emergence of Glass – Google’s uber-geeky, internet-enabled head gear that’s worn like discrete, photo-snapping/video-grabbing eyeglasses – the technology has:

Congress – specifically, eight members of the privacy caucus – has thus risen from the swirl of speculation around Glass and asked Google to answer a specific list of questions.

Letter from Congress to Larry Page Google

Here they are, reiterated and unfolded (Congress packed multiple questions into one question in a few spots):

  1. How will Glass not be like WiSpy? As in, how is Google going to prevent Glass from unintentionally collecting data about users or non-users without consent? As it is, Congress pointed out, the company was fined $7 million for its StreetView cars having sucked up information via unsecured wireless networks. How will Google avoid a similar mess with Glass?
  2. How will Google proactively protect non-users who get ogled?
  3. Is Google building in product lifecycle guidelines? One such framework is Privacy by Design, which covers the embedding of privacy and data protection throughout a technology’s lifecycle, from the early design stage to its deployment, use and ultimate disposal. Specifically, Congress wants to know what happens when a customer resells or otherwise disposes of Glass and whether Google has baked in capabilities to keep the original owner’s personal information secure.
  4. Will Glass use facial recognition? If so, how do users get that information? How do non-users opt out of this personal data collection? If they can’t opt out, why is that?
  5. Under what circumstances does Google refuse requests from Glass that invade the privacy of others? Congress here references Google’s Privacy Policy, which states that it may reject requests that are:

    "... unreasonably repetitive, require disproportionate technical effort, ... risk the privacy of others, or would be extremely impractical..."

  6. Is Google tweaking its privacy policy to reflect the sensory and processing capabilities of Google Glass? If not, why not?
  7. What device-specific information is Google collecting from Glass? Here, Congress is referencing Google Privacy Policy as it pertains to collecting hardware models, operating system versions, unique device identifiers, and mobile network information, including phone numbers.
  8. Is Google collecting data about the user without the user’s knowledge?
  9. To what extent was privacy considered when approving the first app for Google Glass, rolled out by the New York Times? How is Google ensuring that privacy’s a priority for the other app developers who’ve since followed suit?
  10. Is Glass storing data on the device itself? If so, will it be protected, and if so, via what type of user authentication or other means?

Congress is looking for answers by Friday, June 14.

These are great questions, and Congress is to be lauded for asking them.

Some Congress members – well, one, at any rate – actually think highly enough of Google’s past respect for privacy to take hope in Glass being rolled out with all due care.

Here’s how Sen. Al Franken a Democrat from Minnesota, put it to Ars Technica:

"In the past, Google has taken a principled position in making facial recognition an opt-in service for its social network, Google+... This gives me hope that this same kind of thoughtfulness will be applied to its roll-out of Glass. I’m looking forward to talking to Google more about its deployment of Glass and what it means for privacy."

Senator, let us hope that *your* hope is not misplaced.

Mine tends to be shredded whenever I contemplate Google’s voluminous Privacy Rap Sheet.

Image of “No Google Glass” courtesy of Stop the Cyborgs.