Our Browsers, Our Selves
Would you want your browsers cache published?
I didnt think so. Most people have a basic sense of privacy that includes keeping what we think, what we read and what we search for on the Web separate from the public realm. So when a Brazilian judge ordered Google to turn over the search records of users of Googles Orkut social networking Web site, our antennae were on the alert. And our sense of decency was outrageduntil we learned the judge was looking for evidence to convict people most of us would like to be protected against: child molesters and bigots. The issues are not as simple as they first appear.
After initial protests, Google complied with the order. But the episode raises questions that have relevance not only for us as individual citizens but also for corporations and their IT departments as well: The search histories of any companys employees could be subpoenaed, putting a company at legal and financial risk.
The case for according search histories a privileged status appears slim. If paper documents can be subpoenaed, citizens called to testify under oath and phone conversations tapped, then why cant a simple file of data be admissible in court? We think of our homes as inviolate, but that doesnt give us the right to carry out criminal enterprises within their walls. And controversial hate-crime laws are coming onto the books, which make a crime more heinous when taking into account what the perpetrator was thinking and feeling at the time. Visits to hate sites could be considered relevant in court.
And, yet, most of us wouldnt want our browsers cache published. Search providers and Internet businesses should make it clear when they are gathering user information and what they are doing with it. Not only does a sense of fair play demand this but also privacy laws including HIPAA and FERPA (Family Educational Rights and Privacy Act) reflect the sense of control we believe we ought to have over data about ourselves. This sense should express itself eventually in legislation encompassing search histories as well.
Until a body of law concerning search histories becomes established, those of us who really would not like our cache published should turn off the history features of our browsers or use new products such as the browser from British company Browzar, now in beta test, which its maker says does not include any recorded Web history whatsoever. Indeed, IT departments should consider control of browser search history to be a best practice, along with control over e-mail and instant messaging archivesboth of which are necessary to prove compliance with regulation in certain industries. Regular deletion of messages is likewise critical to avoid accusations of destruction of evidence when court cases are filed.
Search histories are becoming an important form of documentationfor good and ill. Its time for business and IT leaders to assert control over them.
Tell us what you think at firstname.lastname@example.org.
eWeeks Editorial Board consists of Jason Brooks, Larry Dignan, Stan Gibson, Scot Petersen and Lisa Vaas.