Bizarre Complaint Against Google Filed With FTC

October 8, 2010 at 12:07 AM (Uncategorized) (, , )

A former employee of the Federal Trade Commission has filed a complaint with the FTC against Google for allegedly engaging in deceptive trade practices. In his complaint [PDF], Chris Soghoian states that Google’s search engine deliberately passes along HTTP referer headers to third-party website administrators, despite having the technical ability not to do so and in violation of Google’s privacy policy.

[Note: The correct spelling is “referer” not “referrer.” The word is a technical term and has always been spelled that way.]

He suggests that the FTC should, among other things, order Google to stop passing referer headers to third parties and require them to have a third party verify their privacy safeguards once a year for the next 20 years.

This is, without a doubt, one of the most bizarre privacy complaints I’ve ever seen.

Let’s get one thing straight right off the bat: Google does not pass referer header information to websites. The web browser, not any individual website, passes along the referer information and the user can control that if they really wish to do so. So that makes the complaint technically incorrect. This one simple fact blows his argument about Google violating their privacy policy straight out the window.

Google could, if they wanted, create hyperlinks in such a way as to prevent browsers from passing along that information. The fact that they don’t do that is not a conspiracy to deceive the public. They’re not doing anything different than literally every other website that has ever existed.

Do you know what websites do with referer information? I’ve run several websites since 2001, so I can answer that. We look at what websites and what internet searches people are using to find our sites and then try to make sure you’ll like what you find when you get there. If a bunch of people find my sites by searching for a certain subject, I’ll try to make sure there’s plenty of information on that subject to be had. Having that referer information available makes the World Wide Web better for the people who use it and it does that without being intrusive or obnoxious.

This complaint is ridiculous. We have real privacy problems in the US. We have a government that is constantly trying to do an end run around the Constitution in the name of The War On Drugs and The War On Terror. We have companies like Facebook who want to pocket more advertising money so badly that they keep trying to force several hundred million users to abandon all sense of privacy. We have advertising companies who are so Hell-bent on spying on people that they misuse Flash to recreate tracking cookies after they’ve been deleted by the user.

We have real privacy problems here and the browser referer field isn’t one of them. It’s hard enough trying to convince people to take privacy problems seriously without this kind of nonsense. People who don’t follow privacy issues very closely see something petty like this and it leads them to think that everyone who complains that their privacy is being invaded is just paranoid and delusional.

If you want to stop the browser from sending referer information, that is simple enough. There are add-ons for both Chrome and Firefox that let you control the referer. With Opera, you can just tap the F12 button and a settings menu pops up. There are a number of programs to control the referer for Internet Explorer but I haven’t used that browser in several years, so I really wouldn’t know what to recommend.

Be aware that blocking referer information can cause problems. Some banking websites use referer information for security reasons (which is pretty stupid to be perfectly honest but they do it anyway). Some websites use the referer to block unwanted robots or prevent images and downloads from being hijacked by other websites. These sites might see your browser as a threat and block it.

If you don’t want to go through all that but do want to use Google without it sending the search information to other websites, use their encrypted search. Web browsers are designed not to send referer information from an encrypted connection.

(h/t Stephen Kline)


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: