Legal Drama For Google & Its Users

GENERIC internet web cyber computer security password hacking hacker fraud mouse digital spyware spam
CBS News tech analyst Larry Magid reports on the government's attempt to obtain Google's search records and the state of Internet security.

Recent revelations that the Bush Administration is trying to get Google to turn over search records has sent chills down the spines of some Web surfers who worry whether what they search for in Google will stay with Google or wind up in government hands.

The case raises a number of privacy questions, including whether or not it's appropriate for search companies like Google to be storing this information in the first place.

Editor's note: Larry Magid comments on the controversy in on The Early Show.
To help answer that question, I interviewed Steve Gibson, the founder of Gibson Research and one of the leading authorities on privacy and Internet security.

But first, some background.

The Justice Department wants Google to turn over records of a million random Web searches during a one week period. Google has refused to comply so far and said in a statement that it will fight the government's efforts "vigorously."

The government subpoena is related to a case about the Children's Online Protection Act (COPA), a 1998 law that would require commercial Web sites with adult content to require visitors to prove that they are over 18 before they can access material that could be deemed "harmful to minors."

That law was challenged by the ACLU and a coalition of media companies and other organizations and was overturned by a federal judge. That judge's decision was upheld by an appeals court and the case eventually found its way to the Supreme Court. The Supreme Court didn't rule, but sent it back to the lower court for a rehearing.

Click here for Larry Magid's podcast interview
with computer security and Internet privacy expert Steve Gibson.

Before I go on, I need to disclose that I was an expert witness in that case. Long before I started working with CBS News, I started a Web site called My site deals with ways to protect children and the ACLU had me testify about how filters can be used by parents to keep their children away from pornography.

Government officials have reportedly said they are not looking for personally identifiable information, but trying to determine the extent to which Web surfers are searching for pornography. As an aside, I question why the government needs to prove that point. Isn't it obvious by the sheer number of porn sites and the billions of dollars spent that lots of people do look for porn?

The real question, in my mind, is not whether adults look for porn, but whether children find it and what are the best ways to keep kids away from porn. I don't see how Google's data will help answer that question.

Regardless of the merits of the COPA law, the issue regarding Google raises additional concerns about the privacy of our searches. Does Google have personally identifiable information about us in its databases and could someone – whether the government, another company or perhaps, a hacker – find out what we're searching for if it were able to gain access to Google's data?

The answer is a qualified yes.