Larry Page, Google
Mark Zuckerberg, Facebook
8th June, 2013
Dear Larry and Mark
The PRISM project
I know that you’ve been as deeply distressed as I have by the revelations and accusations released to the world about the PRISM project – and I am delighted by the vehemence and clarity with which you have denied the substance of the reports insofar as they relate to your services. The zeal with which you wish to protect your users’ privacy is highly commendable – and I’m looking forward to seeing how that zeal produces results in the future. To find that the two of you, the leaders of two of the biggest providers of services on the internet, are so clearly in favour of individual privacy on the internet is a wonderful thing for privacy advocates such as myself. There are, however, a few ways that you could make a slightly more direct contribution to that individual privacy – and seeing the depth of feeling in your proclamations over PRISM I feel sure that you will be happy to do them.
Do Not Track
As I’m sure you’re aware, people are concerned not just about governments tracking their activities on the net, but others tracking them – not least since it appears clear from the PRISM project that if commercial organisations track people, governments might try to get access to that tracking, and perhaps even succeed. As you know, the Do Not Track initiative was designed with commercial tracking in mind – but it has become a little bogged down since it began, and looks as though it might be far less effective than it could be. You could change that – put your considerable power into making it strong and robust, very clearly do not track rather than do not target, and most importantly ensure that do not track is on by default. As you clearly care about the surveillance of your users, I know that you’ll want them not to be tracked unless they actively choose to let advertisers track them. That’s the privacy-friendly way – and as supporters of privacy, I’m sure you’ll want to support that. Larry, in particular, I know this is something you’ll want to do, as perhaps the world leader in advertising – and now also in privacy – your support of this will be both welcome and immensely valuable.
Anonymity – no more ‘real names’ policies
As UN Special Rapporteur on Freedom of Expression and Opinion, Frank La Rue, recently reported, privacy, and in particular anonymity is a crucial underpinning of freedom of expression on the internet. I’m sure you will have read his report – and will have realised that your insistence on people using real names when they use your services is a mistake. I imagine, indeed, that you’re already preparing to reverse those policies, and come out strongly for people’s right to use pseudonyms – particularly you, Mark, as Facebook is so noted for its ‘real names’ policy. As supporters of privacy, there can’t be any other way – and now that you’re both so clearly in the privacy-supporting camp, I feel confident that you’ll make that choice. I’m looking forward to the press releases already.
Data Protection Reform
As supporters of privacy, I know you’ll be aware of the current reform programme going on with the European Data Protection regime – data protection law is strongly supportive of individual privacy, and may indeed be the most important legal protection for privacy in the world. You might be shocked to discover that there are people from both of your companies lobbying to weaken and undermine that reform – so I’m sure you’ll tell them at once to stop that lobbying, and instead to get solidly behind those looking for better protection for individual privacy and stronger rights to protect themselves from tracking and misuse of their data. As you are now the champions of individual privacy, I’m sure you’ll be delighted to do so – and I suspect memos have already been issued from your desks to those lobbying teams ordering them to change your stance and support rather than undermine individuals’ rights over their data. I know that those pushing for this reform will be delighted by your new found support.
That support, I’m sure, will build on Eric Schmidt’s recent revelation that he thinks the internet needs a ‘delete’ button – so you’ll be backing Viviane Reding’s ‘right to be forgotten’ and doing everything you can to build in easy ways for people to delete their accounts with you, to remove all traces of their profiling and related data and so on.
Geo-location, Facial Recognition and Google Glass
Your new found zeal for privacy will doubtless also be reflected in the way that you deal with geo-location and facial recognition – and in Larry’s case, with Google Glass. Of course you’ve probably had privacy very much in the forefront of your thoughts in all of these areas, but just haven’t yet chosen to talk about it. Moving away from products that gather location data by default, and cutting back on facial recognition except where people really need it and have given clear and properly informed consent will doubtless be built in to your new programs – and, Larry, I’m sure you’ll find some radical way to cut down on the vast array of privacy issues associated with Google Glass. I can’t quite see how you can at the moment, but I’m sure you’ll find a way, and that you’re devoting huge resources to do so.
Supporting privacy
We in the privacy advocacy field are delighted to have you on our side now – and look forward greatly to seeing that support reflected in your actions, and not just in relation to government surveillance. I’ve outlined some of the ways that this might be manifested in reality – I am waiting with bated breath to see it all come to fruition.
Kind regards
Paul Bernal
P.S. Tongue very firmly in cheek