Google and China

Google is set to make some waves with today’s announcement concerning its relationship with China, and I’m sure that all the usual suspects will be making all the usual noises about the situation.

Offered for your consideration at this moment, however, is a question I suspect will not figure prominently in any of the discussions of Google, China, and the alleged cyber-attacks that Google has revealed…

Google asserts that this recent incident or series of incidents were intended to compromise the Gmail accounts of individuals who are “advocates of human rights in China”, and that the accounts of “dozens” of such users are being “routinely” accessed by third parties.

That’s all certainly worrisome enough, and I don’t have any reason to doubt that it’s true.

Here’s the big question, though:

How does Google know the accounts in question belong to Chinese human-rights campaigners?

I mean, it’s one thing if you Google – hah! – their email addresses, and find information which identifies them as such. But this is Google we’re talking about, the 52nd-Level Grand Masters of data mining, and whose far-from-transparent practices have raised a large number of concerns among privacy advocates.

If Google has developed the ability to pigeonhole users as “human rights advocates” based on… what, exactly? Their Google searches? The people they correspond with? The contents of their emails? …then that, IMO, would be a far bigger deal than this announcement that, you know, the Chinese regime are up to their usual, albeit fairly sophisticated, mischief.

Chinese human-rights advocates tend, by and large, to be pretty tech-savvy, and make widespread use of encryption and anonymity and privacy technologies online; they have to be, to a very great extent, to avoid attracting the attention of the Chinese authorities, so identifying them – online, without resorting to trojans or rootkits or, you know, throwing friends and relatives in jail and torturing them – should be a bit trickier than, say, identifying current students at Ridgemont High School, or something like that.

That Google can do user-profiling and social-network-analysis should surprise nobody. That they have done so, and are doing so now, under circumstances which gain them no economic benefit, might be a little more of a surprise for people who like to think the best of multinational behemoths…

I could be wrong about the whole supposition, of course. But somebody, I think, really needs to get an unequivocal, technical, on-the-record answer from Google about the whole thing.

Published in: Geekiness, General, Security | on January 12th, 2010| 1 Comment »

Both comments and pings are currently closed.

One Comment

  1. On 1/12/2010 at 11:38 pm cbp Said:

    I imagine it’s more innocent than you think – I would think that Google had the police/FBI involved and that the owners of the accounts were simply contacted via email.