04-02-2012, 07:48 PM
How Google keeps our Data private
How does a company that collects so much information from its users keep all that data private?
Meet Alma Whitten, Google's director of privacy.
At the end of a miserable 2010 filled with privacy blunders including the disastrous Google Buzz fiasco, Google appointed Whitten to the position of privacy director. Since then, Whitten has instituted what she calls a "culture of privacy" at the company. So far it has been paying off.
Over the course of the past year, Google (GOOG, Fortune 500) has released new privacy tools, put in place a multifaceted structure to ensure users' privacy, and built in fail-safes to make sure nothing falls between the cracks.
"We've made incredible progress on this over the past year," said Whitten in an interview with CNNMoney that took place last month. "We've built the car, and now we're just doing the tune-up."
Google has begun notifying its users of the changes. The company also began a massive publicity campaign this month, putting advertisements about privacy in major cities throughout the country.
The company is ramping up its privacy initiative as the Federal Trade Commission is keeping a watchful eye on the search giant. Last March, Google agreed to submit an independent privacy review to the government for the next 20 years after the company inadvertently revealed some users' e-mail contact lists to the public in its February 2010 release of the Buzz social network.
That was a turning point for the company. Still reeling from the Buzz nightmare, the company in October 2010 hired Whitten -- an engineer -- to head up its new privacy initiative.
It appeared to be a curious choice at first. But Whitten's roots as an in-the-trenches software nerd allowed her to change Google's privacy approach for the better.
Forming a privacy culture:
Prior to Whitten's appointment as director of privacy, Google had a "privacy review" for each new product. Whitten described that review as "a cacophony, rather than a harmonized message that delivered strong guidance."
In its place, Whitten created an internal structure called the Privacy Working Group. Google hired people with expertise in specific areas of privacy like data anonymization, location awareness, and advertising. The company then put those experts into sub-groups.
When a new product comes along, the subgroups analyze the products and determine things that the engineers may have missed, such as whether a user's location data is sufficiently separated from data that goes to advertisers.
The company also put in place several fail-safes to ensure that privacy decisions are never made by just one person.
"We don't want to have a situation where a decision is being made about something sensitive, where someone thinks the code is doing one thing, but it's actually doing something else,"
As a result, Google now makes engineers go deep down into each new product's code to verify the Privacy Working Group experts' understanding of the code before a decision is made.
Whitten says her most important achievement, however, has been building privacy into Google's culture.
One way Google achieved that was by linking privacy to staff evaluations. When Googlers are up for promotions, one factor that's weighed is whether they ingrained privacy into their products and effectively used the Privacy Working Group.
Whitten said the initiative has been a success, and many Googlers have felt empowered by the changes she has instituted. Privacy is no longer a burden to Google's staff, she said. Instead, Google engineers view getting privacy right as business-critical.
As Google's products begin to flow into one another, getting privacy right will be a crucial task going forward. Search Plus Your World, Google's new search tool that displays social network information in search results, has already raised some eyebrows.
"Our users are our biggest business asset; that's the No. 1 thing that we can't screw up," Whitten said. "That's why making sure Google has a really good privacy process helps me sleep at night."
For the student , by the student , to the student !!