ntouk.com - Jerry Fishenden's technology policy blog

I see I get a name-check in The Guardian today as part of the ongoing smear campaign that Google is apparently conducting against Privacy International, the well-respected privacy rights organisation.

All of this seems to have bubbled over since Privacy International's complaint to the Information Commissioner's Office about the new Google Street View service and the way in which they believe it infringes privacy. Such a complaint seems precisely the sort of thing any privacy advocacy organisation worthy of the name should be doing.

It's true, as reported, that I sit on the advisory board of 80/20 Thinking, a privacy consultancy company founded by some of the Directors of Privacy International. I see no conflict here. My role and that of others has always been quite open. Indeed it is stated quite clearly on the brief bio contained here on this blog site and elsewhere as any, er, Google search would reveal.

I was invited onto the advisory Board I believe because of my contribution to debates on issues such as ID Cards and my knowledge of the areas of privacy, identity and security gained across both private and public sectors combined with my business and management experience. And 80/20 Thinking has always aimed to be broadly inclusive, as I see Simon Davies from Privacy International makes clear in his open letter to Google:

"We engaged very publicly when 80/20 was created. This was an effort to work with commercial organisations and distribute the resulting revenue to campaign groups and to good causes in developing countries. Indeed, as you will know from viewing the company's website, 80/20 has, to give just one example, funded important pro-bono work for the UNHCR. In fact, a large proportion of our profits went into advising and evaluating the privacy and security protocols of the UN Refugees agency, in order to protect vulnerable people and groups around the world."

Google has never been excluded from engaging with either 80/20 Thinking or indeed Privacy International. Instead it appears they prefer to adopt a deliberate policy of not engaging with their critics. I believe this is a mistaken and naive response that they need to reconsider.

Take our own example, which is unfortunately less than spotless. The reality is that Microsoft has been nominated on numerous occasions by Privacy International for their notorious Big Brother awards for technologies that have threatened privacy. Indeed, on at least one occasion we have even managed to win the award (not something we talk about too much, as it really is a badge of shame not of honour). It is precisely because of those criticisms that we are trying to do a better job these days.

And that's why we talk with Privacy International and our other critics, rather than grandstanding in the media. Every commercial company they criticise has the right to do the same thing. When Privacy International see things they don't like, they criticise us and raise valid concerns, without fear or favour.

I have never found Privacy International's response anything but positive when we have asked to talk with them about their concerns. Some of those discussions may be "full and frank", but they are always an important part of the process of learning how we can raise our game on privacy whilst still balancing our wider commercial interests.

On a personal level, I've found it highly valuable to talk with Privacy International to understand their position, take benefit of their expertise and to see how we can improve our policies and technologies around privacy. I have never found Simon Davies, their founder and one of their Directors, or any of the other Directors, anything but formidably accurate and precise in their criticisms, and positive in their suggestions for how we might correct failings in both our thinking and technologies.

Of course, we don't always agree (we all recognise the reality that there can sometimes be a hard call and fine balance to be struck between privacy and wider commercial considerations), but at least we have the dialogue. And that's a far better way to handle criticisms than by trying to stoke up a knee-jerk media campaign founded on baseless allegations.

I would hope that Sergey Brin and Larry Page still aspire to their "Don't be evil" motto, and that what appears to be an ill-judged and baseless campaign of vilification against Privacy International and Simon Davies personally are the rogue actions of an errant and naive member of staff who does not represent Google's real corporate values.

On a personal note, I also think it completely unacceptable for one of the world's richest and most successful corporations to stoop to the level of personal vilification, as they have done with Simon Davies. Corporations should be grown-up enough to take criticism on the chin and deal with it constructively.

Still, Privacy International should take some comfort that it must be doing something right. To have upset and provoked organisations such as Microsoft, Swift, Google and Facebook is surely exactly what any privacy organisation worthy of its name should be doing? And however uncomfortable their criticisms may make us feel, that is certainly no reason to publicly try to smear and disparage their work and reputation, or to treat them with anything other than respect.

My advice to Google? Stop the misguided and baseless media attacks and just pick up the phone and talk to Privacy International. Who knows, you may discover their expertise is something that will actually benefit and improve your business, not undermine it. That's certainly what I and Microsoft and other companies and organisations have found, uncomfortable as it may sometimes be.

None of us are perfect: but we can at least aspire to improve the way we safeguard privacy.

Technorati tags privacy security identity Privacy International Google Microsoft technology policy technology policy security