Bing Bounces While Google Slides – Why Consumers are Switching

June 26, 2011

While Google still retains the lion’s share of searches, Bing is beginning to represent a practical alternative to Google.

In the past year, Google’s search engine has continued its slide as more consumers have shifted to Bing, according to data from Compete. Microsoft, primarily representing Bing, increased its US search market share about 75%, from 9.7% in May 2010 to 17% in May 2011.

In the same time period, Google lost 14% of its search market share, dropping from 73.9% to 63.6%.


Why are consumers shifting?

  1. Loss of search relevance. Compounding Google’s woes, their search engine’s accuracy rates have dropped and their results seem to contain a greater number of spammy links. Bing’s success rates now enjoy a 16% lead over Google’.
  2. Consumer and government distrust. The number of privacy violations Google has been censured for in countries around the world is staggering. Services like Buzz and Street View, as well as the stealth collection of consumer data from private networks have made the company a star player in trampling consumer privacy.
  3. The company’s stated goals.  In comments made at the Washington Ideas Forum in Oct. 2010, Google CEO Eric Schmidt made several candid statements:
    1. “Google policy is to get right up to the creepy line and not cross it.” The problem with trying to balance on the creepy line is that you’ll inevitably take some steps on the wrong side – as evidenced with Buzz, Street View, etc.
    2. “The average American doesn’t realize how much of the laws are written by lobbyists, [to protect incumbent interests] it’s shocking how the system actually works.” – Which also explains why in 2010, Google’s lobbying funds shot up by 29% over 2009 spend to $5.2 million[i] to sway lawmakers in their favor, and in the favor of writing legislation to suit Google’s interests.
    3. “With your permission you give us more information about you, about your friends, and we can improve the quality of our searches. We don’t need you to type at all. We know where you are. We know where you’ve been. We can more or less now what you’re thinking about.”

As concerning as this last quote is overall, the phrase ‘with your permission’ speaks to very heart of the issue, and Google comes out on the wrong side far too often. Google did not request permission to Buzz us. They did not request permission to photo our homes, yards, and everything else captured and exposed through Street View. They did not request permission to drive by homes and tap into private networks to collect information. They did not request permission to access, store, and use in any way a company may deem fit today – or tomorrow – most of your information. They just took it.

If Google’s privacy standards offend you, you’re not alone. In response to the question,”People are treating Google like their most trusted friend…should they be?” and Schmidt’s answer of, “If you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place,”Asa Dotzler, Mozilla’s director of community development provided a link to the Firefox extension that adds Bing to Firefox’s search engine list. In an entry on his personal blog, Dotzler said “Here’s how you can easily switch Firefox’s search from Google to Bing”. The link he included leads to the Bing search add-on.

Using the better search engine, particularly when combined with Microsoft’s vastly superior privacy policies and practices (see my disclosure[ii]) simply stack up to a smarter, safer, and more respectful choice.

If you haven’t used Bing in a while, give it a try


[ii] I worked for the company, though never on their search team, for 13 years before leaving 4 ½ years ago.


Google Takes Anti-Counterfeit Steps

March 31, 2011

Google Senior Vice President and General Counsel, Kent Walker, posted a blog earlier this week outlining new steps the company is taking to keep ads on their sites from offering counterfeit goods.

This is an ongoing struggle; one Walker calls a “cat-and-mouse game, where we are constantly working to improve our practices and tune our systems to keep out the bad guys”. Adding that Google shut down approximately 50,000 AdWords accounts in the second half of last year for attempting to advertise counterfeit goods.



The company’s new three pronged approach includes commitments to:

  • Act on reliable AdWords counterfeit complaints and reduce their average response time to 24 hours or less
  • Improve their AdSense anti-counterfeit reviews by working more closely with brand owners to identify infringers
  • An improved website experience for those reporting counterfeits to make it easier for users and brand owners to find forms to report abuse.

These are great steps forward. No ad platform can identify whether any particular item out of the millions advertised is counterfeit or not, but responding quickly when an issue arises is critical.


More Mobile Apps Caught Inappropriately Collecting User Info and Installing Malware

March 8, 2011

Twenty-one mobile applications from a single publisher have been pulled from the Android Market after Google learned they were exploiting consumers according to a new Washington Post article. Google has also remotely removed these apps from user’s devices, but that does not remove any malicious code that has already been downloaded.

These applications were apparently not only stealing consumer’s information, they left a back door open on consumer’s phones so they could download malware without the user’s knowledge.

According to Mashable, between  50k and 200k Android users downloaded these applications, which Mashable says “are particularly insidious because they look just like knockoff versions of already popular apps. For example, there’s an app called simply “Chess.” The user would download what he’d assume to be a chess game, only to be presented with a very different sort of app.”

To learn more about malicious and unethical applications offered through various marketplaces, see my blogs:

Mobile malware is expected to explode in 2011, and it’s time to protect yourself with mobile security software. See my posts:

The bottom line? Just because an app is offered doesn’t mean it’s been tested and guaranteed safe – case in point, if it weren’t for the diligence of the Android Police, the malicious apps on Android Marketplace would still be exploiting consumers.

Here’s a list of the malicious apps:

  • Falling Down
  • Super Guitar Solo
  • Super History Eraser
  • Photo Editor
  • Super Ringtone Maker
  • Super Sex Positions
  • Hot Sexy Videos
  • Chess
  • 下坠滚球_Falldown
  • Hilton Sex Sound
  • Screaming Sexy Japanese Girls
  • Falling Ball Dodge
  • Scientific Calculator
  • Dice Roller
  • 躲避弹球
  • Advanced Currency Converter
  • App Uninstaller
  • 几何战机_PewPew
  • Funny Paint
  • Spider Man
  • 蜘蛛侠


Google’s WiFi Data Collection Larger than Previously Known

November 1, 2010

Google violated Canadian law when it collected personal information from unsecured WiFi networks while photographing buildings and homes as part of its Street View mapping service.  “Our investigation shows that Google did capture personal information — and, in some cases, highly sensitive personal information such as complete e-mails. This incident was a serious violation of Canadians’ privacy rights” said Canadian Privacy Commissioner Jennifer Stoddart in comments last week.

This story began to unfold last May when Google admitted they had “collected only fragments of payload data” from unencrypted wireless networks. That news prompted a flurry of inquiries from privacy officials across the globe and under inspection by external regulators have inspected the data as part of their investigations, at which point whole e-mails, URLs, and passwords were discovered.

According to Alan Eustace, senior vice president of engineering and research at Google, while most of the data collection was “fragmentary, in some instances entire e-mails and URLs were captured, as well as passwords,” adding the company is “mortified” by what happened and wants “to delete this data as soon as possible.”

Commissioner Stoddart asked Google to do four things before she would consider the matter closed: instigate a governance model to ensure that privacy is protected when new products are launched; enhance privacy compliance training among all employees; designate an individual responsible for privacy issues; and delete the Canadian data.

In response to concern, Eustace announced that Google has put several changes in place since discovering the problem.

  1. They have appointed Alma Whitten to serve as Google’s director of privacy across privacy and engineering. “Her focus will be to ensure that we build effective privacy controls into our products and internal practices. Alma is an internationally recognized expert in the computer science field of privacy and security. She has been our engineering lead on privacy for the last two years, and we will significantly increase the number of engineers and product managers working with her in this new role.”
  2. Second, Google will enhance its core privacy training for engineers and other groups, like product management and their legal department “with a particular focus on the responsible collection, use and handling of data,” Starting in December, all employees will also be required to undertake a new information security awareness program, which will include clear guidance on both security and privacy.
  3. Finally, Google said it will improve their existing review system. Going forward, “every engineering project leader will be required to maintain a privacy design document for each initiative they are working on” that will detail how user information is handled and this document will be reviewed regularly by managers and an independent audit team.

“We believe these changes will significantly improve our internal practices, and we look forward to seeing the innovative new security and privacy features that Alma and her team develop,” Eustace concluded.

The furor is directed at an add-on project being run by Google Street View cars. In addition to taking photos for the Street View project – which itself has come under heavy international criticism for violating consumer’s privacy – the cars were collecting information on wireless networks including their MAC addresses, to use in building a database of them in the future.

According to Google, an engineer’s experimental code was inadvertently included in the software used to gather the data. “He [the engineer] thought it might be useful to Google in the future and that this type of collection would be appropriate,” That resulted in the gathering of “payload data,” from personal unsecured wireless networks that included complete e-mails, e-mail addresses, user names and passwords, names and residential telephone numbers and addresses, health details, and other personal information.

Excerpts from the Commissioners Report: (Underlines added)

The engineer involved included lines to the code that allowed for the collection of payload data. He thought it might be useful to Google in the future and that this type of collection would be appropriate.

This code was later used by Google when it decided to launch a particular location-based service. The service relies on a variety of signals (such as GPS, the location of cell towers and the location of WiFi access points) to provide the user with a location. Google installed antennas and appropriate software (including Kismet, an open-source application) on its Google Street View cars in order to collect publicly broadcast WiFi radio signals within the range of the cars while they travelled through an area. These signals are then processed to identify the WiFi networks (using their MAC address) and to map their approximate location (using the GPS co-ordinates of the car when the signal was received). This information on the identity of WiFi networks and their approximate location then populates the Google location-based services database.

Google’s future plans for its location-based services

Google still intends to offer location-based services, but does not intend to resume collection of WiFi data through its Street View cars. Collection is discontinued and Google has no plans to resume it.

Google does not intend to contract out to a third party the collection of WiFi data.

Google intends to rely on its users’ handsets to collect the information on the location of WiFi networks that it needs for its location-based services database.  The improvements in smart-phone technology in the past few years have allowed Google to obtain the data it needs for this purpose from the handsets themselves.

Although it has no tracking tool to keep records of a customer’s locations (and does not intend to create one), Google acknowledges that it does need to examine the potential privacy concerns of this method of collection.

Stoddard gave Google until Feb. 1, 2011 to comply with those requirements, but resolving Canada’s concerns may just be the tip of the iceberg. Investigations are still underway by privacy commissioners worldwide, and Spain’s Data Protection Agency has just announced plans to fine Google between $84,000 and $840,000 per offense due to the Wi-Fi data Google collected with its Street View cars. In the U.S. there are at least 3 lawsuits seeking class action status for the stealth collection of personal information form home networks.

Why this matters to you

If you have – or had – a wireless network that was not password protected, information from your computer(s) may have been collected.  Google has committed to destroying all the information, but it’s a serious breach of your privacy that information was collected without your knowledge or permission in the first place.

You may also feel that the collection and public display of images of your home is a breach of your privacy. If you want these removed see my blog How to Remove Images of Your Home from Google’s Street View. NOTE: you will have to check back periodically to be sure that any images you requested be deleted remain deleted, as I have found these can reappear.

You should also be concerned about Google’s future plans to collect information about WiFi networks from your Smartphone(s). How this is done is going to be critical to your safety and privacy. In the report Google acknowledges that it does need to examine the potential privacy concerns of this method of collection.  It remains to be seen what the outcome of that examination will entail, and whether they inform users in advance and allow you to opt out if this is not something you want collected from your phone.


Google Family Center Launched – Tools & Advice About Keeping Kids Safe Online

October 12, 2010

Google has launched an excellent new site focused specifically on increasing consumer safety online. I strongly recommend you check out their Family Safety Center site for it’s advice, but perhaps more importantly to get a clear understanding of the tools they provide consumers for managing their own, and their children’s online experience.

Well done Google.


Privacy Policy Changes – Some Companies Get Notification Right

April 9, 2010

It’s time to demand honest, clear notices that come well in advance of Privacy Policy changes to give consumers an opportunity to opt out, protest, or take some other course of action.

Facebook users learned last week that their privacy had received another ‘haircut’. This latest round of Privacy Policy changes gives Facebook the right to sell your information to other companies in a clear profit-trumps-privacy equation.

Adding insult to injury, the company chose to minimize the press coverage – and number of consumers who would hear of the changes – by delaying their notice until after press deadlines on a Friday – for more information on the latest changes see Facebook privacy changes would share user data with other sites.

These practices are unacceptable. It’s time to demand a change.

Most companies, including flagships Microsoft, AOL, and Yahoo!, go to great lengths to protect your privacy, have clearly understandable policies that don’t change every time you turn around, and clearly respect their users., a genealogy site, goes even further and embodies the proactive approach to policy changes. Not only do they make their privacy practices clear on their website, the following email was just sent to their users giving very clear, advance notice about changes to their privacy policy. It’s so impressive, I’ve attached the entire email; it is well worth your attention. Click the image to see in full size site richly deserves the accolades they’ve received from PC Magazine, TIME, and CNET for being a great website. Their advance notification of policy changes to each and every member (and they strengthened their privacy protections – what a thought!) has now earned them a far humbler, but rarely given, award – the LOOKBOTHWAYS seal of approval. Congratulations Geni on being a shining example of transparency and consumer respect.

We encourage all companies with a web presence to employ consumer safety and privacy best practices in every aspect of their development, testing, support, and within their consumer services.”

As a percentage of companies, those who exploit consumers are but a fraction, but the tremendous reach of Facebook, and others with less than stellar track records like Google, means that most of the US population  (and a significant number of global users) are adversely impacted by their actions.

Sending users an email notification of any upcoming policy changes is easy and ethical. Sites already store every registered user’s email address, and email provides an excellent opportunity to clearly explain changes – including graphic representations of complex concepts – and provide links to where they can learn more, or ask questions.

The Radicati Group estimated that the number of emails sent per day in 2008 were around 210 billion, so for most sites sending an email to all their users would barely be a blip. But for huge sites that feel sending several hundred million emails would be prohibitive, there is a clear alternative; use a notification screen in front of every user (once per user) at least one week in advance of the changes that requires their action, or the action of their parent, before proceeding. For those who did not log on during the notification week (or longer time period), the notification should be changed to inform them of the changes that did occur so they can take action at that time.

Will providing clear notification annoy some users? Of course, so do seatbelts but they protect consumers from clear risks.

You have the right to an informed online experience. You have the right to set your own terms for your online experience. You have the right to expect online products and services to guard your safety and privacy. Learn more about your rights in Your Internet Safety and Privacy Bill of Rights.

As consumers you can—and should—vote with your feet if the experience you’re having on a service doesn’t meet your expectations. Even Facebook has had to beat a retreat when enough consumers rioted.


Italian Court Convicts 3 Google Execs

March 17, 2010

Three Google executives where held criminally responsible for an online video of an autistic teen being bullied, in an Italian court this week. The verdict raises concerns that Google, and other Internet content services may be forced to police their content in Italy, and even beyond.

US reaction was nearly unanimous in rejecting the ruling, saying the decision threatens the principle of a free and open Internet.  The Europeans however see the decision as protecting a fundamental human right by placing the interests of the individual – in this case the autistic teen – above the rights of a business.

“This is the big principal affirmed by this verdict,” said Milan Prosecutor Alfredo Robledo, “It is fundamental, because a person’s identity is a primary good. If we give that up, anything can happen and that is not OK.”

Google execs convicted of violating Italy’s privacy laws included global privacy counsel Peter Fleischer, its senior VP and chief legal officer David Drummond and retired chief financial officer George Reyes. Each was given a six-month suspended sentence. The three were absolved on charges of defamation.

“The judge has decided I’m primarily responsible for the actions of some teenagers who uploaded a reprehensible video to Google video. “If company employees like me can be held criminally liable for any video on a hosting platform when they had absolutely nothing to do with the video in question, then our liability is unlimited,” were Fleisher’s comments.

“This verdict sets a dangerous precedent”. It also “imperils the powerful tool that an open and free Internet has become for social advocacy and change.” Drummond said in a statement.

In the United States, the Communications Decency Act of 1996 generally gives online service providers immunity in cases like this, but no such protections exist in Europe.