Privacy Critics Don’t Give Google Enough ‘Latitude’

Since it launched a couple days ago there have been several predictable responses from persistent Google critics who regard the new location-aware Latitude service on Google Maps as a threat to privacy. The phrases “tracking,” “stalking” and “Big Brother” popped up in a range of articles in mainstream news outlets. Those stories were quickly written without thoughtful investigation of the actual privacy controls Google has established.

And this morning in MediaPost the following appeared:

Privacy International says the [Latitude privacy] system has a design flaw: Other people can get their hands on users’ phones, and then change the settings. For instance, the group said, a phone left in a repair shop could be secretly enabled. Or someone could give another a Latitude-enabled phone as a gift.

“Once the phone has been enabled, the second party will be able to mask his phone’s presence, thus ensuring that the victim is unaware that her phone is being tracked,” the group said in its report.

The MediaPost piece does report on the privacy controls in Latitude.

My beef is with Privacy International in this instance. It seems to me that this is really overreaching in an effort to gain (media) attention. I take privacy very seriously and think it’s an issue that’s not well understood or appreciated by most Americans. However, Google has built very explicit and easy-to-use privacy controls into Latitude. As I wrote in my earlier post about Latitude on Wednesday:

First, the system is entirely opt-in. So people who use Google Maps on their smartphones can choose not to do it at all. End of story.

Those who do opt in can do so very selectively with individual people; one can hide at any time from selected contacts or the entire network. One can also expose location at the city level or extremely precisely (using triangulation/GPS). Users can also sign out when they simply don’t want to be located.

Location can also be set manually. I can thus appear to be in Paris, France when I’m really in Southern California.

But to take up the specific criticism in the MediaPost piece, I would say the following: the idea that someone is going to surreptitiously get my phone and change my settings is extremely unlikely. Beyond this, the simple fact of GPS chips in most smartphones makes them trackable independent of Latitude.

Any employer-issued BlackBerry with GPS, for example, can be tracked and the employee-user legally has no right to expect that he or she will not be (however unfortunate that may be). So the idea of an employer-issued phone (one of the examples in the story) with Latitude settings that enable secret tracking is another dubious objection.

More likely is the more benign scenario of the untrusting parent who wants to track his/her kids’ whereabouts. But there are carrier (i.e., Sprint, Verizon) and other third party services marketed explicitly for this purpose. Nothing shocking or new there.

Finally the idea that some random enemy, erstwhile friend or romantic partner is going to bestow a Latitude-enabled smartphone on me for tracking/stalking purposes is ridiculous. I’d be quite suspicious if one of those individuals showed at my door and said, “Hey no hard feelings, have this G1 as a gift from me.”

Privacy is a very serious matter and to get people to take it seriously there needs to be some differentiation between real threats and those instances where the threat is so unrealistic as to be mostly hypothetical — as in this case.

Too much of the time these days people are using Google as a kind of foil or whipping boy to gain attention and exposure for themselves or their organizations. This seems to me to be one of those instances.