Online Extra: Is Google Desktop a Privacy Threat?
As soon as Google released a trial version of its new Desktop Search product, warnings started circulating that it was a grave threat to privacy. "The software takes your search terms and broadcasts them out over the Web, to deliver ads and the like back to your desktop, while at the same time potentially exposing your private search terms to hackers," warned a somewhat overheated e-mail from Google competitor Copernic. Is Google Desktop Search, or any other desktop indexing program, a real privacy threat. Let's separate fact from fiction.
What information does Google Desktop Search (GDS) send back to Google?
If you use the GDS search form, no search terms or results ever leave your computer. That's what Google says, and I have verified it by using a tool called a protocol analyzer to monitor my computer's Internet output while using GDS. In the GDS default setup, a Web search will also automatically return any matches it finds on your computer, which means you can use the standard Google search page or Google Toolbar to search your PC.
In this case the query is, of course, sent to Google and is used to generate standard Google "sponsored links." Results retrieved using purely local search contain no ads or sponsored links.
There's always a theoretical risk that any information you send unencrypted across the Internet could be intercepted by hackers. But someone would have to have an obsessive interest in your searches to make it worth the tremendous amount of trouble, not to mention the legal peril, of intercepting your traffic.
Is it true GDS can expose personal information such as bank statements and account numbers?
Yes, but only to someone who has physical access to your PC. And this is something you can control. By default, GDS indexes all Web pages that you have viewed. You have the option of turning off the indexing of secure pages -- those that were encrypted during transmission.
Whether or not you want to do this depends on how you use your computer. If you use a Web-based e-mail program such as Hotmail or Yahoo! Mail, you must index secure Web pages if you want to search your mail. If you do a lot of online banking or other sensitive transactions, you probably should turn this function off. If you use Web mail and do a lot of transactions, you have a hard choice to make.
It's important to realize that nothing on you computer should be regarded as safe from someone who has physical access to your account. Someone in that situation could install an indexing program even if you hadn't. And unless you're dealing with very, very poorly designed Web sites, you password should never be revealed on indexed pages, though you user name and account information may be.
Does GDS retain copies of pages that have been deleted?
Yes, the program builds its own cache of Web pages, so a page you visited in the past may be accessible even if you've cleared out your Internet Explorer history. So if you want to remove traces of sites you've visited, don't use Google Desktop. One the other hand, the program will allow you to recall old versions of pages that have since changed, which can be quite handy.
I share a computer with my kids. Can they use GDS to search my files?
If you have set up your Windows XP or 2000 computer correctly, each user has his or her own login. In its current state, GDS can be installed by only one user on a machine, and it will search only that user's files. Anything in another user's My Documents folder, Temporary Internet Files, e-mails, or instant messenger chats won't be indexed and isn't accessible.
Other indexing programs, such as Copernic, can be set up for multiple users and respect the walls between different users' data. Google plans to add multiple-user support to Desktop Search before it launches the program officially.