Google has announced their new “form” for processing requests from Europeans wishing to exercise their “right to be forgotten” under the recent ruling of the European Court of Justice. True to form, they found a way to hack the orders of the nation state and jack their users. Like sullen little schoolboys, the oligarchs who run Google have found a way to reduce their compliance in the way they know best: Intimidation.
According to Liz Gannes writing in Re/code:
Google asks people to explain why a URL contains information that is “irrelevant, outdated, or otherwise inappropriate.” It also asks for “a clear, readable copy of your valid driver’s license, national ID card, or other photo ID” to verify that impersonators aren’t using the form.
So what’s happening here is that you will not only have to disclose your identity, not only will you have to give Google your identifying digits from your identity card–you will have to UPLOAD A SCANNED COPY OF YOUR ID CARD TO BE KEPT BY GOOGLE. And where do you think that scanned copy might end up? Google does say they will delete it within a month of “closing your removal request case except as required by law.” Really? And how would you ever know. And does deleting the scan mean the same thing as deleting the information in the scanned copy? What does “closing your removal request case” mean? How would you know it is closed and whether the copy was deleted? And what law is it that would require Google to keep your ID card longer than 30 days after a date that you won’t know passed? Let me guess…a National Security Letter perhaps?
You don’t suppose that Google would hand over copies of that scan to government agencies, do you? Because they will. You can say that the government might have issued that card or passport to you so wouldn’t they already have a copy? True, but the requesting agency might not be from the same government (particularly in the EU) that issued the card in the first place. Like you might give Google a copy of a UK passport that they then hand over to the U.S. National Security Agency or FBI. And you’ll never know.
And sure enough, here’s the actual form:
Ah yes. FRAUD. Now that is a driving concern at the Googleplex, right? Street View cars with WiFi sniffers masquerading as mere cameras to take pictures of your house when they were actually staging electronic breakins to your house. Disappearing competitors in search results. Lying to the U.S. Senate. Scamming keywords to better sell prescription drugs to kids or selling artists names as Adwords to drive traffic to pirate sites. 20 million take down notices a month to search alone.
Shall I go on?
But now FRAUD, that’s where they draw the line in Mountain View.
Update: Brian Womack at Bloomberg reports that Google has already gotten in hot water with German privacy authorities:
Hamburg’s privacy watchdog criticized Google’s request for photo identification documents to authenticate a user’s request, saying private companies weren’t allowed to store scanned copies of ID cards and passports under German law. People should avoid sending such scans and should black out unnecessary details, it said. It was “unfortunate” that Google hadn’t discussed with Hamburg how to implement the ruling, the regulator said in an-mailed statement.
Google can accept other forms of identification, including a utility bill, if a person has concerns over photo ID, the company said in an e-mail.
European privacy officials will discuss the consequences of the EU ruling next week, French and Luxembourg authorities said.
That didn’t take long. Once again, the Google oligarchs are missing the point that should be obvious to anyone capable of sequential thought:
Why should users have to give up even more very personal information about themselves to a known NSA collaborator in order to get rid of bad information about themselves that Google has been ordered to remove without restrictions?
Can users trust Google not to exploit the very information that users are giving up in order to enforce their rights?