There is a justifiable uproar over both Viacom’s attempts (and apparent success) at obtaining user information from Google and Google’s accumulation of this information in the first place. Viacom obtained a court order for Google to turn over login names and IP addresses of its users in relation to viewings of Viacom’s copyrighted video materials on YouTube. The internet, it seems, is not like telephone service; every use of this utility is said to leave a digital trail.
But is this necessarily so? If I perform a search on Google without logging in, or any other search engine for that matter, is that search traceable to me? If one views a particular video on YouTube, is information or data stored that would clearly identify exactly who viewed the video and at what time?
Much in the way of privacy issues seems to me to stem from matters of convenience for the average user, who for example may perform searches or surf the internet under a particular Google user ID. The average user, enjoying the benefits of being “signed in” to Google (such as being able to store locations searched for on Google Maps) may not realize or understand that a search of a more, ahem, private nature is also made under that same login ID, unless the user signs out. But even if the user signs out of Google, the user must still worry about his or her internet service provider; presumably, even on a cable internet or T1 connection, there is still some data that is transmitted back and forth that identifies that user as the legitimate subscriber.
While a theory of electronic privacy protection is overdue, I’ll leave that for a later time. It’s my understanding that not only can one search the internet without being “logged on” to a particular search engine, but also that IP addresses do not necessarily connect or point to a single computer or user. While I wouldn’t trust YouTube spokesman Ricardo Reyes any further than I could Google Throw him, he confirms in an NPR story my understanding of the IP address, by pointing out that it is a “random number generated to the computer you are working from,” and that “there is no coupling of that information that we have that can identify you in any way, shape, or form to who you are.”
So far, I haven’t heard much at all about the technological limitations of tracing identities online, except for NPR’s inclusion of Mr. Reyes’ explanation. While I’m inclined very much to side with privacy advocates in these regards, neither would I like to see a one-sided mongering of fear over this issue. The BBC story labels the IP address as an “online identifier,” without much in the way of further explanation. I would hope there are some fine lads at the National Security Agency who can, in fact, trace communications back to specific would-be terrorists, but I also think that this kind of endeavor would require such extraordinary resources that if one were to develop any viable methods, the NSA would go out of its way to find you and say, “Oh, yeah, that’s interesting how you’ve traced these IP numbers. Yeah, we… really don’t know how to do that. Now sign these papers, or we’ll kill you.”
I’m not a computer expert. In fact, I often get angry at computers for not doing what I think they should do, so it’s probably best that I’m not a computer expert. Is there anyone out there who is? Care to comment?
1 response so far ↓
johnminbiole // July 7, 2008 at 11:00 pm |
Hi, John here. There’s a great blog posting in “Bits” in the New York Times: http://bits.blogs.nytimes.com/2008/07/07/the-privacy-risk-from-the-courts/
Saul Hansell nicely points out that an IP address, on its own, cannot point to a single person, until it is cross-referenced with other pieces of information, such as that from an internet service provider, who may be forced by a court order to perform such a cross-reference to point to a single user at a particular time.