A few months ago I discovered a curious book on my doorstep. To my shock, it contained names, address, and phone numbers of thousands of people in my area. I suspect that many other people, including criminals and certain types of marketeers are in possession of similar books. Implications?
I'm usually very critical of and sensitive to any privacy issue. But the Google profile is a public profile, which is made abundantly clear on every occasion. This is what you see when creating the profile:<p>"Decide what the world sees when it searches for you. Create a public profile to display the information you care about and make it easy for visitors to get to know you.
[...]
Your profile will be visible to anyone on the web, and anyone with your email address can discover it."<p>I fear that this kind of completely spurious criticism discredits anyone who has real privacy concerns.
If I read this correctly, Google lets you mark some of your profile information as public. And as a result of this, a member of the public was able to download it.<p>So, uh... what exactly is the story?<p>I think the key piece of advice for people not wanting their personal information to be downloadable from the internet is to not publish their personal information on the internet.
> I did NOT publish the database and did NOT violate any Google policy.<p>But he might have broken some EU and NL laws about privacy. You can't create a database with personal information without consent even if it's possible.
Every search engine does this, I'm not sure what the implications are if it's public?<p>Data mining is quite possible but there's an expectation that the profiles are public so no one privacy-conscious will be putting sensitive information in it.<p>I'm curious to know if anyone supposedly have ways of restricting 'mass-downloading'? I don't know of any website that does short of rate-limiting requests from a single source.
It is meant to be public and available to anyone who tries to access it. It has nothing to do with privacy.<p>Don't do your paper just to do it. Go and find more real/serious stuff.
If the information is marked public then crawling it is how the web works, or at least how searching and indexing works.<p>I ran into that a bit with our startup (<a href="http://infostripe.com" rel="nofollow">http://infostripe.com</a>) when doing demo's it was sometimes shocking to people that with a bit of searching I was able to make a complete profile of their public online activities.<p>I think that even when people know a particular site is public on it's own they sometimes don't make the connection between software and search engines aggregating all that together without their involvement. Usually this is not a problem for most people but I have seen instances where a user would use the same username on very different services and get burned for it.
I contacted Google about this issue in November of 2008 - I only received an automated response. (Matthijs mentioned that was why he posted the previous post[1] on the topic prematurely)<p>Perhaps with the increasing awareness of this issue, Google will be forced to act.<p>[1] <a href="http://blog.cyberwar.nl/2011/05/google-profiles-exposes-millions-of.html" rel="nofollow">http://blog.cyberwar.nl/2011/05/google-profiles-exposes-mill...</a>
I have one Google username that has a public profile and that I use for account registration etc. I have another that I use for personal email that is private.<p>I assume more people will start doing the same if they are privacy conscious.<p>Searching this database is no different to searching on Google itself. The only concern would be having a mass email list, but spammers have had those for years and filters sort that out.
Here's one implication: a scammer decides to send a "Your Gmail account is being canceled" phishing email to every address there. It clicks through a to fake but convincing Gmail login page that captures the user's real login info.<p>I've already had a few friends call for help with this since apparently it's pretty common.
If these are public profiles then maybe this isn't a problem, but if the data contains non-public profiles then its a security breech for Google. The robots.txt settings would lead me to believe that these are public profile and that Google intends people to view/download them.
Public profiles can be automatically harvested? Curl and wget should be classified as munitions and access to those tools restricted in at least 45 states. Shut. Down. Everything.
My profile is marked as public. I expect that it would be available were someone to try to access it, whether it was a friend, whether it was someone scoping out my class(mates), or whether it was someone downloading by the thousands. What's the difference to the user? The whole point is that if my data is public, other people will see it. How is it important if my profile is visible locally alongside other profiles?<p>I also don't know what people expect people to do. If you ignore the easily available privacy policy, there is no excuse. Period.