IndustryReports: NSA Used Google Cookies for Data Spying

Reports: NSA Used Google Cookies for Data Spying

Just a few days after they ganged up on the government to ask them to curb the NSA's spying enthusiasm, tech giants are faced with another rather inconvenient truth: that the NSA is actually piggy-backing on Google cookies to gather intelligence.

Just a few days after they ganged up on the government to ask them to curb the NSA’s spying enthusiasm, tech giants are faced with another rather inconvenient truth, as the WSJ revealed today that the NSA is actually piggy-backing on Google cookies to gather intelligence.

Google One of Tech Companies Leading Against NSA

Google, Facebook, Apple, Microsoft, Twitter, Yahoo, LinkedIn, and AOL on Monday made public a microsite, Reform Government Surveillance, spelling out what they see as acceptable principles against “practices and laws regulating government surveillance of individuals and access to their information.”

Earlier this week, Google CEO Larry Page posted on the website of the industry consortium that has recently sought to convince the U.S. government to rein in surveillance activities.

“The security of users’ data is critical, which is why we’ve invested so much in encryption and fight for transparency around government requests for information,” he wrote. “This is undermined by the apparent wholesale collection of data, in secret and without independent oversight, by many governments around the world.”

The news that was most picked up is at the bottom of that site: a letter from the Big 8 to President Obama and the U.S. Congress, asking them to take the necessary measures to tilt the balance towards individual rights and freedom.
big-8

The five principles are:

  • Limiting Governments’ Authority to Collect Users’ Information
  • Oversight and accountability
  • Transparency about government demands
  • Respecting the freeflow of information
  • Avoiding conflicts among governments

While the principles are laudable and necessary, it’s nevertheless a two-sided reality.

nsa-logo-small

On the one hand, those companies pledge to be “focused on keeping users’ data secure — deploying the latest encryption technology to prevent unauthorized surveillance on our networks and by pushing back on government requests to ensure that they are legal and reasonable in scope.”

On the other hand, one of their founding members, Google, is caught red-handed not providing the security they promised to give.

This morning, the Washington Post published the content from an internal document to the NSA specifically pointing at Google cookies as one entry point for information gathering purposes.

The PREF cookie is a Google specific piece of data that individually identifies computers. It usually is used to direct advertisements tailored to the user. However the NSA apparently has been able to leverage this usually benign user tracking tool to identify machines and launch hacking attacks.

Mind Your Own Business

Governments spy on their citizens – and in this case the NSA on its U.S. People – to protect them from potential danger.

Tech firms gather behavioral data from users/consumers to sell ads and products, that are supposed to be better suited to the user/consumer individually. Of all of them, Google has been the pioneer of such data gathering and exploitation.

Facebook stepped seriously into the game with their Open Graph platform, allowing entities to keep track of definitely more minute details of your choices, preferences, habits… but taking it a step further by integrating those within the weave of your friends and relationships (acquaintances, partners, classmates, etc.) own data. Facebook also thereby seamlessly adds the powerful layer of recommendations that will drive higher conversions for brands.

Marketers and brands come on the tip of the iceberg, using such intelligence to take data-driven decisions to better target ads and optimize site conversions, as above.

Now it looks like the NSA is getting the icing on the cake, using each layer previously mentioned, to drill into potential risks and avoid human-led disasters.

The Data Food Chain and the Mobile Catalyst

Tech firms build the technology to allow the gathering, then they sell the data. Marketers and brands buy the data from tech firms to place their ads and products.

The NSA keeps an eye on everyone, at every level and potentially at all times. How?

The rise of mobile is a huge enabler: you carry your own spy with you all the time. Your location can easily be tracked; there even are tutorials on YouTube or apps on iTunes for the general public. While location tracking seems innocuous, it actually allows the gathering of contextual data, down to the level of what surrounds you, where, at what time and what you are therefore likely to pay attention to if served with information).

Who Has the Most to Lose?

Tech firms have billions to lose in direct business from their own consumers (companies, brands and individuals) who would like better protection against unwanted spying. Who likes to have a stranger peek into their pockets? They have billions to lose in secondary trading; if the customers go, they have no more data to sell to the next level of the food chain: marketers and brands.

Marketers and brands have billions to lose, too, if their consumers distrust them. Already, the trend is clear: during the Black Friday shoppingpalooza, a report by BiTE interactive revealed that shoppers were turned off by a mobile experience that offered personalized suggestions based on their past purchases.

Is There a Way Out of This Data Debauchery?

Unlikely so. The rise of wearable devices will deepen the level of contextualization almost to a molecular level, as tech maven and Rackspace‘s statup liaison officer, Robert Scoble explains in his book: “The Age of Context, Mobile, Sensors, Data and the Future of Privacy”.

The only solution for the whole ecosystem to be able to not only survive but also thrive will be to allow privacy control at the individual user’s level.

However, such controls have to be easy to access (read: user interface and user experience), easy to understand, and easy to change. Facebook is clearly not doing a great job with that at the moment, causing fury every time they update their privacy policy. Can the others do any better?

What do you think?

Information from The Inquirer was used in this report.

This article was originally published on ClickZ.

Resources

The 2023 B2B Superpowers Index

whitepaper | Analytics The 2023 B2B Superpowers Index

8m
Data Analytics in Marketing

whitepaper | Analytics Data Analytics in Marketing

10m
The Third-Party Data Deprecation Playbook

whitepaper | Digital Marketing The Third-Party Data Deprecation Playbook

1y
Utilizing Email To Stop Fraud-eCommerce Client Fraud Case Study

whitepaper | Digital Marketing Utilizing Email To Stop Fraud-eCommerce Client Fraud Case Study

1y