A Cautionary Tale for Health Care Providers, the Clergy, and others

So how bad was the roll out of Google Buzz? Let’s start with a little bit of history first.

Either before or after you read this blog, I would appreciate your impressions of how Google rolled out buzz. I have a survey up at http://www.surveymonkey.com/s/JSS79XJ

Several years ago, Microsoft initiated their SDL, Security Design Lifecycle to improve the security of their products. Google is way overdue for starting a Privacy Design Lifecycle.  Google’s respect for privacy makes Microsoft’ worst security problems seem inconsequential.

According to satirical joke known as the “Google’s Approach to Privacy” http://mail.google.com/mail/help/privacy.html

“We provide advertisers only aggregated non-personal information such as the number of times one of their ads was clicked. We do not sell, rent or otherwise share your personal information with any third parties except in the limited circumstances described in the Google Privacy Policy, such as when we believe we are required to do so by law.”
The “Privacy Policy” they refer to says

We have 5 privacy principles that describe how we approach privacy and user information across all of our products:
1.    Use information to provide our users with valuable products and services.
2.    Develop products that reflect strong privacy standards and practices.
3.    Make the collection of personal information transparent.
4.    Give users meaningful choices to protect their privacy.
5.    Be a responsible steward of the information we hold.

When Google Launched Buzz they completely ignored items 4 and 5.
The policy http://www.google.com/privacypolicy.html goes on to promise:
Google only shares personal information with other companies or individuals outside of Google in the following limited circumstances:
    * We have your consent. We require opt-in consent for the sharing of any sensitive personal information.
    * We provide such information to our subsidiaries, affiliated companies or other trusted businesses or persons for the purpose of processing personal information on our behalf. We require that these parties agree to process such information based on our instructions and in compliance with this Privacy Policy and any other appropriate confidentiality and security measures.
    * We have a good faith belief that access, use, preservation or disclosure of such information is reasonably necessary to (a) satisfy any applicable law, regulation, legal process or enforceable governmental request, (b) enforce applicable Terms of Service, including investigation of potential violations thereof, (c) detect, prevent, or otherwise address fraud, security or technical issues, or (d) protect against harm to the rights, property or safety of Google, its users or the public as required or permitted by law.

Very, very, very importantly, Google claims:

If we propose to use personal information for any purposes other than those described in this Privacy Policy and/or in the specific service privacy notices, we will offer you an effective way to opt out of the use of personal information for those other purposes. We will not collect or use sensitive information for purposes other than those described in this Privacy Policy and/or in the supplementary service privacy notices, unless we have obtained your prior consent.

So, what did Google do? Google added a service called Buzz that effectively changed your email account to a social networking account and initially refused to give you any opt out at all prior to sharing sensitive information. Google automatically displayed many of your contacts, which is another breach of their privacy policy. The really sad thing is that many Google users do not value privacy and figure it was inconsequential. I will show you exactly why it was not inconsequential, but you have to do some research to understand this.

First, you need to do a few Google searches. Copy and paste the following into a Google search box.

Psychologist site:google.com/profiles
Psychiatrist site:google.com/profiles
Doctor  site:google.com/profiles
Gynecologist site:google.com/profiles
Podiatrist site:google.com/profiles
Neurologist site:google.com/profiles
Doctor site:google.com/profiles
General Practitioner site:google.com/profiles
Therapist site:google.com/profiles
Sexual therapist site:google.com/profiles
Lawyer site:google.com/profiles
Solicitor site:google.com/profiles
Priest site:google.com/profiles
Minister site:google.com/profiles
Rabbi site:google.com/profiles

There are many other potential searches, but what this is showing are the public profiles of people who have legal or ethical obligations to keep confidential the identities of the people they communicate with. What Google did was deliberately violate their own privacy guidelines and policies so as to breach the confidentiality of users and they did so because the immediate build of a social network was deemed more important that adhering to their policy or respecting a single person in the world. In other words they have no compliance and no concern.

People at Google absolutely know that even disclosing that a victim of domestic violence is seeking help may put that victim in harm’s way. I know some Google people know this because I have been at the same meetings their security people have been at when  representatives of NNEDV. The National Network to End Domestic Violence, told of how even exposing that an abuse victim is looking for help can end in violence or death. Google places an instant social network high above the safety of people.

When Google rolled out Buzz, they made the private contacts of many people public knowledge. To this day Google has admitted no wrong doing and has only apologized for causing discomfort and not for violating their agreements.

The odds are that if you have a Gmail account and perform the searches I suggested, and then look at who is following who or being followed by who, and their public profiles, you can put two and two together to find out who is being seen/treated by who, and in some cases for what general therapies.

You can look up a psychologist and see what they specialize in. Perhaps depression,  the treatment of children, marriage counseling, etc.  You can look up who they follow and who follows them and often find out the location of the people if they list it in their public profile. It sometimes isn’t hard to put two and two together, especially if you know one or both parties.

Health care professionals are held to a very high legal level of information disclosure. By law, they simply are not allowed to divulge very much information. This is in addition to their own ethical beliefs. What Google did may have caused some health care providers to fall outside of the law. I am not a HIPPA expert or a lawyer, but I am guessing that a health care professional revealing to the world the name of a patient and associating that patient with them is either not legal or not what they consider ethical. Google caused that to happen without warning. It goes beyond health care though. When a person consults with their clergy, they expect, at least in some cases, that the religious leader will not even disclose that they had a conversation. Google exposed this information because building a social network really fast was more important to Google than informed consent and adherence to their privacy policy.

If a user emailed a company about any number of private issues, this may have been revealed to the world. It was not the content of the email, but Google forced the user to divulge the nature of the contact.

It has been interesting following the responses on Buzz. A large number of users seem to think that the value of privacy and a contact is roughly zero.

Do expect Google to start making your Gmail emails public. Unless the class action lawsuit against Google is certified and truly hurts Google, there is no deterrent to Google brazenly ignoring it.

I am expecting Google to Launch Google Gossip, where they take snippets of your email and post it to the world. Sound farfetched? Read the privacy policy. Google already maintains the right to scan your messages.

Randy Abrams
Director of Technical Education

Author , ESET

  • J. Warren

    "…You don't get to use free services and expect to get absolute privacy. Either you offer up some of your information for enhanced services, or you don't.
    Remember, Google isn't your friend. It's a business…"

    • Randy Abrams

      I am not talking about absolute privacy. I am talking about Google adhering to their privacy policy. When a person signed up for Gmail they made certain privacy concessions and the public display of the names in their address book was not one of them.

  • Frankie

    At best a straw man.
    A person's follower count in their Google profile is not an open Gmail contacts list. Recommended followers are also pulled from what Google sees as your social graph based on connected sites.
    Google Profiles tell you no more about a a psychologist's client list than does their twitter follower count or their friends list on their 'closed' facebook page.

    • Randy Abrams

      When Google first launched Buzz the only people a user was following was the people in their address book. Over time that changes, but the point is that Google did reveal the address book contacts without consent, and that can have some far reaching privacy implications for some people. For some their address book is still the entire list of people they follow and they may not know this happened.

  • Nice article..I tell my friend to read this and bookmark..

    • Randy Abrams

      Thanks! I took the liberty of replacing your spam URL with a link to the educational Securing Our eCity site!

  • Tiara Kinabrew

    God love Congress. They’re gonna drive up taxes and drop our pay. What do you think employers will do when employee expenditures increase?

Follow us

Copyright © 2017 ESET, All Rights Reserved.