Dear Mr Schmidt,
You are the CEO of one of the most innovative, successful and remarkable companies in the world. I deeply admire what Google has achieved in the past years. You’ve created the best search experience in the world, and continue to improve it. It helps us forget about URLs, a tech problem, and instead focuses on the thing we are looking for. You’ve created maps that allow us to visit the world, the stars and the deep-sea without having to leave our chair. You’ve mashed these maps up with incredible useful data, allowing me to find directions, locate stores, see what a street looks like. You’ve invested in one of the largest video portals in the world, even when there wasn’t a clear business model (but lots of user value). You’ve managed to give Apple the dead-needed competition for their iPhone lock in arrogance. With the development and ecology of Android, you have given handset manufactures a compelling reason to stop delivering useless mobile interfaces and instead focus on what they are good at, building hardware. You have helped organizations like Mozilla that want to make the web a place where the user is in control. You’ve just released Wave, a brave attempt to redefine the way we collaborate and communicate, and I’m sure that this investment will benefit us all.
You are the only company in the world that has made advertisement an added value instead of a stand-in-the-way. Where most services lock me in so that they can throw their unwanted advertisement to me, you have set me free and present me advertisement when I’m actually searching for it. You have helped small and large businesses to connect their business to my needs in a (cost) effective way. You are continuously helping other businesses to run their business with applications, services and open API’s.
When reading back this list of achievements (which is hardly complete!) I think you can be proud of the achievements of your company. I think we all have benefited from the great services Google provides us all. But these achievements are realized at a cost. And that cost is that we (the Internet users) need to give up (some) privacy, in order for all of this to work. I think that most people will not mind this. It’s a simple trade really. We expose ourselves a bit, and in return you provide us with excellent value.
Although the exchange is simple, its execution is flawed. The exchange has been made implicit. In other words, users are hooked into great services, but are not aware that they are actually trading (part of) their privacy for it. While this may not be a large problem for most, it may be a huge problem for some. I believe that it is this implicit exchange that disturbs the balance between the service provider and its users. This imbalance is unhealthy. It leaves Google with almighty power and the user with little. It is impossible for a user not to be part of this exchange, unless he doesn’t connect to the Internet. It is impossible for the user to negotiate different exchange rules with Google. And while your motto may be “Do no evil” this imbalance is a fertile ground for evil things. Power corrupts, and the balance of power is currently favoring Google.
Even more worrying is your simplistic view on this. I refer to a short video fragment in which you state literally “If you have something you don’t want anyone to know, maybe you shouldn’t be doing that in the first place”. Maybe I shouldn’t judge these words too harsh, based on a 1 minute video clip, but that is probably one of the dumbest quotes I’ve heard from you, ever. There are tons of valid examples thinkable where a person wants to do something and not tell anyone about it. Let’s not enter that discussion now. The problem lies in the fact that Google is not explicitly asking the user if his actions (data) can be indexed or not.
If you really believe in your own motto ‘Do no evil’ then I would kindly request you to rethink the relationship between Google and its users. While you have already done incredible things for us, why not take it one step further. Why not restore the balance and help users define and control their privacy online. I’m betting that 75% of the Internet population will not mind exposing themselves to your company if in return you will provide them incredible value. By making that trade explicit you will not only restore balance, but most likely receive much better personal data from the user as he or she will be willing to share that. You might lose some data from that 30% that explicitly denies or restricts this exchange, but that will benefit both you and that user. His privacy is still intact, following user specified rules. And you will have much improved data from the other 70%, and at the same time have 100% user satisfaction.
Privacy isn’t just about hiding personal information. Privacy is about choice. It’s about freedom. It is about the user that can draw his personal line somewhere in this exchange. It’s about restoring the balance between the user and the service provider. Many hot shot Internet guru’s have told us that privacy is dead. What they are saying is that personal choice and freedom are dead? Do you really believe that? That would be evil.
You and your team can make a difference. You could easily help to build the infrastructure that is needed for users on the Internet to be able to set and control their privacy across any service or network. You have the means and the power to set up this user infrastructure. Its sole purpose would be to serve the user. It would make the world a better place. It would also make Google indispensable as a valuable partner for the user. And it would end up making you more money than you already do.
How about it Mr Schmidt? Would you be willing to take that step? If you need help with that challenge, then give me a call, because I would like to help too. I hope to hear from you.
Sincerely yours,
Alexander van Elsas
@vanelsas 
Why is it that the presumption is that privacy is about hiding something? What does it say about the person making the presumption? How twisted is that psyche?
Privacy is simply a matter of judicious disclosure. Not all information is meant to be put on display and not everyone needs, wants or is entitled to know everything.
Agreed
Nothing in life is free. Now, go eat your free ice cream and stop complaining about the lack of flavors and toppings.
Eric, how nce of you to respond 😉
I’m not complaining that there is a cost. I just don’t like that most people are not aware of the (nature of) the costs involved.
I agree with you, Eric is wrong.
Thanks Bill, appreciate that. Careful though I might send you a letter shortly too 😉
Well written.
You’re a writer. You should at least get the motto right. It’s “don’t be evil”, not “do no evil”. There is a huge difference.
Wow, you went through 1000 words and managed to find only one mistake? Had a bad day eh 😉
Ice Cream (free or not) comes with a list of ingredients. If you’re allergic to an ingredient you can simply not eat the ice cream. The problem is not that google’s free ice cream has peanuts (which many people are allergic to), but that they don’t list peanuts in the ingredients. The average user doesn’t know what a “tracking cookie” is.
Exactly, it need to be an explicit agreement really.
Alexander, I opened your startup web site, and verified that you (like me) use Google Analytics, that, as you know, use tracking cookies. I saw no explicit agreement on the front page about that. I could browse to your ToS where I’m sure I’ll find something about it, but I’ll be being tracked by then. If you believe that the usage of tracking cookies should be under an explicit agreement by the users, shouldn’t you ask first if your site visitors agree with it?
Yes that is a good point. In the end I feel we should have an infrastructure that allows this type of exchange to be explicit as well. There is a small difference between this example and the case where Google ties everything to your account, but in essence I agree. with you.
Needless to say we use the tracking for our own performance only, not to actually track individuals.
@Eric Schmidt
I can’t eat my free ice cream because the company that gives it for free wants to get blood samples from me in exchange and I think my blood is mine and not yours. But by giving it for free it killed all competition, so now there are only one company which produces ice cream, gives it for free, but demands blood samples from anyone who want to eat some.
Ice creams are labeled with advertisements for appropriate medicine.
Seriously… Are you trolling? If Eric Schmidt calls, what are you honestly gonna do? Make a time line of photos for his family or something?
Bob, I would suggest him to take a tour with me and visit some extremely smart people that can help him to solve this problem. And I would gladly help myself.
Sounds to me like you’re trolling. Fake name, and nothing useful to add to the discussion.
I tire so much of writings like this that presume so much and fear fear alone.
Rob, I would suggest you reread the post. I didn’t use the word fear once. It’s about choice, about freedom.
Yes, dear google give me your laptop with your registered user and give me your dns through which you give me your my-documents and your my-fotos and my-videos, also, don’t forget to give me your my-telephone numbers so that I can make and receive my calls.
Dear google you’re so not like evil MicroSoft and evil Apple you are just, like, hunky dory.
Disagree. Main problem is one of security, not privacy. If you have sensitive information, it is your responsibility to store it securely, rather than put it on the servers of some other company. This is common sense to most. Google should not suffer for the sake of those who lack common sense.
Of course any user has a responsibility in this, but that is not what this is about. I disagree that everyone “knows” what Google actually does when it offers (free) services. It’s implicit, why would they really know.
Every time you interact with a person or a company, there are things going on inside of that entity you will never know about. It’s unreasonable for them to ask for your consent for every little thing. You have to draw a line somewhere.
I don’t think the case has been made that what Google is doing is malevolent enough that they should give everyone consent forms.
The ways on the web are extremely subtle and implicit. The balance of power between me and a company I interact with is way better than the user vs Google. Hardly comparable I’d say.
Alex-
Good letter. I’ve been having many similar thoughts recently. But I think you missed a large privacy concern in respect to web apps. The general user understands that when they post something on their homepage or a forum that they have just made a public comment. But this is not the assumption when it comes to web applications. Yet the information in gmail, google docs, etc, is far from private, with Google reserving the right to use it as they see fit (see Section 11 of the TOS). How that data is used exactly is not specified, and there is no way I’ve ever found to opt out. This allows the target ads you cite in your letter, but the wording is much more vague than to be just about ads. And this in turn brings up all the trust issues you mention.
Businesses understand these issues, as they take TOS seriously. The average user just clicks go and has no idea they just signed an non-exclusive license deal.
Cheers,
Cyrus
I didn’t want to get into the details of it, as the letter wasn’t about those details, but you are right of course. Excellent examples.
I feel like they’ve begun steps in this direction with their Google Dashboard – a list of some of the data they store about you in an easy to digest format. Of course this is a long way off the vision you have of a way to manage your privacy across the web from one place, but it shows they are at least beginning to think down these lines.
One of the biggest hurdles Google now faces is the increasing number of people calling them “evil” simply because they know so much about us. Your idea would instantly silence those critics. If the exchange was explicit, “We will make awesome products for you at the cost of this privacy/data,” I agree it would dispel a lot of the problems, and maybe push the web forward faster.
Thanks, and I agree with your observation that the “evil” perception might hurt them in the long turn. And nobody is helped with that. I’d prefer them to take the steps suggested and keep great innovations coming to us.
@Nuclear Ant Doll
This is not about sensitive info. It’s about everyday info which if you know anything about data mining, can be used to generate patterns which may be later used against you. Call me paranoid, but I agree with the letter. Also, I agree with your statement “……things going on inside of that entity you will never know about. It’s unreasonable for them to ask for your consent for every little thing. You have to draw a line somewhere.” I am willing to reverse the same statement to read as “……things going on inside THAT PERSON’S LIFE you will never know about(OR NEED TO KNOW ABOUT, but that’s a different story).”
It’s unreasonable for the company to ask for details for every little thing. You have to draw a line somewhere.
I didn’t suggest that there is a need for permission on EVERY single transaction. That would be impossible. I would simply say that we need an infrastructure where I can store personal data and the decide what aspects of it can be exchanged with service providers. Its not hard to do. Its hard to realize because it goes against existing business model thinking. That is WHY Google may be the only one capable of setting the first step.
I don’t get it. You write a post with a thousand words complaining about something you could fix with a one line robots.txt file. And yes, if you post something on the internet, without any kind of authentication or protection of some kind, it’s public, anyone (or anything) can read it. There are dozens of ways of making that information private, and Google won’t index it. It doesn’t make sense to post something on a place where, literally, all the world can see it, and claim it’s private. I suppose you have a door at your home, don’t you?
This is not about a web site blocking Google. It’s about an individual user not fully understanding what he is giving up when for example joining free services from Google.
If I sign up for GMail, what exactly am I giving up to?
If you want to know what Google has associated to your identity, visit: http://google.com/dashboard/
They also indicate what isn’t included in the dashboard here: http://www.google.com/support/accounts/bin/answer.py?answer=162743
I’m not suggesting that they aren’t collecting the data, but they are pretty crisp in explaining what they have and what they are doing with it.
Eric’s comments do make one pause, but I think it was just perhaps a different way of saying, “if you have something you want to keep completely private, don’t use Google, because we do save the information for some time, and we are subject to some pretty invasive law enforcement.”
No online service provider can guarantee that the authorities are not going to swoop in and grab your data if they are hosted within the borders of the US, and there’s no guarantee even when they are hosted elsewhere.
If you really don’t want something made public, keep it to yourself. Pretty straightforward.
Michael, I believe Google does provide transparency, but at the same time they collect so much data. Most people are just not aware of this.
Eric Schmidt may have wanted to say something different, but he didn’t.
In general users tend not do really understand that things they publish on, for example, Facebook, might be publicly searchable. It’s just not clear, and it needs a much better solution than current practice.
Wow late to the party as usual, but am blown away by Eric Schmidt’s arrogant comment above. It speaks volumes as CEO of Google! Incredibly disappointing that there is no visible response from Google to our complaints. Patronising really!!!
Pemo, I agree. The least thing he should have done is explain what he was really trying to say. I suspect that they hope that it will go away faster if he doesn’t respond.
Pingback: An open letter to Mark Zuckerberg « @vanelsas
Pingback: It’s time we take responsibility when it comes to a fundamental human right like privacy « @vanelsas
Pingback: Your Friends are the Limit: Why Facebook can’t stop Twitter « Strategyist
Pingback: La Privacidad Según Google « La Naturaleza Del Software