• Choose a category
• All
• Classic-Fiction

I told Cindy later that our chat had poured oil on some troubled waters. But, I added, I didn't expect it to be the last conversation of its kind.

Meanwhile, the privacy discussion had grown a thousand heads and was consuming vast quantities of time and mental effort among the engineers and the product team. Was our goal to make Google the most trusted organization on the planet? Or the best search engine in the world? Both goals put user interests first, but they might be mutually exclusive.

Matt Cutts characterized the two main camps in what he termed "the Battle Royal" as hawks and doves, where hawks wanted to keep as much user information as we could gather and doves wanted to delete search data as quickly as we got it. Larry and Sergey were hawks. Matt considered himself one as well.

"We never know how we might use this data," Matt explained. "It's a reflection of what the world is thinking, so how can that not be useful?" As someone who worked on improving the quality of Google's search results, Matt saw limitless possibilities. For example, "You can learn spelling correction even in languages that you don't understand. You can look at the actions of users refining their queries and say, if you see someone type in x, it should be spell-corrected to y."

Well, some engineers asked, why don't we just tell people how we use cookie data to improve our products? We could give Matt's example about the spell checker, which also relied on user data to work its magic with names like the often misspelled "Britney Spears."

We don't tell them, Larry explained, because we don't want our competitors to know how our spell checker works. Larry opposed any path that would reveal our technological secrets or stir the privacy pot and endanger our ability to gather data. People didn't know how much data we collected, but we were not doing anything evil with it, so why begin a conversation that would just confuse and concern everyone? Users would oversimplify the issue with baseless fears and then refuse to let us collect their data. That would be a disaster for Google, because we would suddenly have less insight into what worked and what didn't. It would be better to do the right thing and not talk about it.

Matt understood Larry's position. He also sympathized with Googlers who wanted to compromise by anonymizing the data or encrypting the logs and then throwing away the keys every month. That would keep some data accessible, but the unique identifiers would disappear.

Not that Matt thought it would do any good in stemming public concerns. "part of the problem," he told me, "was explaining that in real-world terms. As soon as you start talking about symmetric encryption and keys that rotate out, people's eyes turn to glass." The issue was too complicated to offer an easy solution. Even if we agreed to delete data, we couldn't be sure we erased all of it, because of automatic backups stored in numerous places for billing advertisers or maintaining an audit trail. I began to understand the hesitation to even engage in the discussion with users.

What if we let users opt out of accepting our cookies altogether? I liked that idea, but Marissa raised an interesting point. We would clearly want to set the default as "accept Google's cookies." If we fully explained what that meant to most users, however, they would probably prefer not to accept our cookie. So our default setting would go against users' wishes. Some people might call that evil, and evil made Marissa uncomfortable. She was disturbed that our current cookie-setting practices made the argument a reasonable one. She agreed that at the very least we should have a page telling users how they could delete their cookies, whether set by Google or by some other website.

Describing how to delete cookies fit neatly with a state-of-the-brand analysis I had been working on. In it, I laid out my thoughts about redirecting our identity from "search and only search" to a leadership role on issues affecting users online.