Despite having proposed a free wireless Internet service in San Francisco with advertising targeted to users’ locations and interests, Google won’t require an e-mail address for log-in or make users stay associated with a particular identity the whole time they’re using the service.
What the company is saying now about its planned service with EarthLink seems to represent a change in emphasis from its earlier approach, though it gave few details in its response to the city’s RFP in February. But even critics of the company’s plans don’t agree on whether their pressure brought results.
The two companies’ plan to build and operate San Francisco’s citywide Wi-Fi network has come under fire from civil liberties advocates since even before the companies responded to the RFP. Concerns that Google would make users trade their personal data and location information for free broadband have been among the biggest issues surrounding the Wi-Fi initiative, which was kicked off in 2004. Critics have also decried inadequate opportunities for public comment, a lack of planned funding to help low-income users enter the digital age and other issues.
The privacy drive has been led by the American Civil Liberties Union (ACLU) of Northern California, the Electronic Frontier Foundation (EFF) and the Electronic Privacy Information Center.
The controversy over municipal Wi-Fi in San Francisco has been closely watched as part of a national debate over whether cities should get involved in Internet service, but also because the high-flying Internet search company is involved. Google and EarthLink teamed up to propose a two-tiered service: EarthLink would offer a paid subscription service with speeds over 1Mbps, and Google would offer a 300Kbps service for free. The city and the two companies are now negotiating a contract for the network.
“Google’s advertising technology will target advertisements to specific geographical locations and to user interests, thereby increasing relevance and enhancing the user experience,” the company wrote in its RFP response. The system could tell where a device was located by which access point it was communicating with. But that doesn’t mean Google will build up a database of where you’ve been and what websites you’ve visited, said Chris Sacca, Google’s head of special initiatives, in an interview last week.
To get on the network, users will have to set up an iGoogle account with a user name and password, Sacca said. However, the user name can be made up, and the visitor could set up a new account each time. In addition, users will be allowed to log out whenever they wish and remain connected to the Internet for the rest of the session. The only reason a password is required is to make sure a human is signing on, to help prevent automated virus attacks and spamming, he said.
An iGoogle account lets users pick personalized features such as their own interests and hometown, but they don’t have to. On the free wireless service, which could detect users’ locations according to what access point they are using, people who log in under a personalized iGoogle account may be able to get content specific to where they are at the moment, Sacca said.
None of these users would have their Web visits tracked, he said. What would be tracked, with or without an active iGoogle account, is the unique address of the device. Google will watch the size and frequency of each device’s data transfers, as well as its location. This is to prevent abuse of the network, Sacca said. Whatever information is collected will be discarded after no more than 180 days, he said.
As for targeted advertising covering the costs of the free service, it won’t happen, at least in the beginning.
“That could be done, but it’s not the prime motivation for the project,” Sacca said. “We have not put an emphasis on building a layer of location-based services yet.”
Instead, Google sees the service as an experiment, like the Wi-Fi network set to launch soon in its hometown of Mountain View, which he said has no revenue model.
“I’m in the very exciting position of being able to start and build stuff without having a short or medium-term [return-on-investment] model,” Sacca said.
Google seems to have backpedaled on its plans since the privacy advocates wrote letters and eventually met with the company, said Nicole Ozer, technology and civil liberties policy director at the ACLU of Northern California. “I think it was a surprise to both Google and the city,” Ozer said.
The city used the letters from the ACLU and its partners in crafting its RFP, asking potential providers how they would address those concerns, according to Chris Vein, executive director of the city’s Department of Telecommunications and Information Services.
Google’s RFP response didn’t lay a clear blueprint for an intrusive service, but the city deserved to know more about the plan, Ozer said. She still isn’t sure users would be sufficiently protected. Although there are ways to avoid data collection, most consumers won’t figure them out on their own, she said.
Danny O’Brien, activism coordinator at the EFF, doesn’t think the critics can take credit for a change in Google’s approach, but he also doesn’t see much reason to celebrate. The company’s plans could change, so any safeguards would have to be built in to the contract, he said. And no matter what the company does with user information, it could become a “honeypot” attracting government investigators, raising the specter of intrusions like the illegal wiretapping EFF alleges AT&T conducted for the National Security Agency, O’Brien said.
The ACLU’s Ozer believes the rancorous debate could have a happy ending.
“What’s happening in San Francisco has the opportunity to be a positive model for the rest of the country,” Ozer said. “Systems that are economically viable and have protections for privacy and free speech are not mutually exclusive.”
-Stephen Lawson, IDG News Service (San Francisco Bureau)
Check out our CIO News Alerts and Tech Informer pages for more updated news coverage.