Government vs. Google

Web-Search Battle Offers Fireworks,But Look Deeper for the Real IssueMarch 20, 2006
Google is fencing with the Justice Department about access to users' search requests -- the latest chapter in the federal government's quest to get a star-crossed antiporn law on the books. But the real issue in this battle goes beyond porn or kids -- it's a basic fear about privacy, one bigger than worries about government snooping or corporate data warehouses, and one that will be with us for some time.

A little background: In 1998 a law was passed called the Child Online Protection Act, or COPA, which requires U.S. commercial distributors of material harmful to minors to prevent said minors from accessing their sites. As such, COPA was an attempt to narrow provisions of the Communications Decency Act, which the Supreme Court had shot down as unconstitutional. But it hasn't fared much better. Enforcement of COPA was stayed by injunction, and in 1999 an appeals court struck the law down, saying its reliance on "community standards" to define harmful materials was too broad. In 2002 the Supreme Court returned the law to the appeals court for further review, but kept the injunction intact. In 2003, the appeals court struck down COPA again, finding the law would limit protected speech between adult. In 2004 the Supreme Court upheld the injunction on enforcement and warned that COPA was likely unconstitutional. It also noted that the law was likely to be out of date, given technological advances in filtering software and other methods for protecting children from online smut.

• Hot Topic: Google vs. Justice

The Justice Department, in an effort to keep the law alive, is trying to show that filters are flawed and further protections are needed. And it's trying to show that by subpoenaing search-engine providers' data about search queries and Web addresses. Yahoo, Microsoft and AOL handed over such information voluntarily; Google chose to fight. After the government revised its demands to 5,000 search queries and 50,000 randomly chosen Web addresses (from millions of queries and 1 million addresses), a federal judge last week ordered Google to cooperate with the government in supplying the Web addresses but denied the request for the search queries, saying that could cost Google the trust of some users and expressing concern that the queries could be potentially sensitive information.

Between porn, kids, the government and privacy, there's a lot of red meat for various sides in this fight. But there are also a fair number of red herrings.

It's worth arguing about how COPA's "community standards" should be interpreted, or whether the law would bar teens from health-related or artistic sites. But that ignores a basic flaw with COPA: Even if it were perfectly constructed and didn't catch non-porn sites in its net, it would hardly keep kids safe online. Among those porn purveyors not affected: run-of-the-mill commercial porn sites run from Amsterdam or the Azores; dodgy overseas porn merchants who've thrown up sites full of dirty pictures and laced with malware; fly-by-nights creating and abandoning ad-laden porn blogs at speeds that far exceed court filings; and people whose hobby is collecting or making porn and who don't mind sharing. That's a lot of porn sites right there -- too many to rest easy if you've got a 12-year-old using the PC unsupervised. A typical Justice Department release on COPA promises that "the department will continue to work to defend children from the dangerous predators who lurk in the dark shadows of the World Wide Web."

But COPA doesn't venture into those dark shadows -- it polices the comparatively well-lit precincts in which U.S. commercial enterprises dwell.

Google's motion in opposition to the government's request for information makes for entertaining reading: Google's lawyers argue that the government doesn't understand what it's asking for, won't find what it's looking for, and will hurt Google in doing so. Google's lawyers deride one government statement as "so uninformed as to be nonsensical. Search queries run on Google's databases come from such a wide variety of sources that Google's query data, stripped of personally identifying information, will not reveal whether the search query was run by a minor or adult, human or non-human, or on behalf of an individual or business." And in noting that Web addresses aren't reliable indicators of their page's content, Google cheekily offers up the example of porn site whitehouse.com. (You can find the brief linked from this entry on Google's corporate blog.)

At least there's a silver lining for Google in this fight: It gets to cast itself as defending its users against government snoops peeking at their Web searches. That means better Internet buzz for a company that could use some: Google has been bloodied for its self-censored Chinese site, annoyed Wall Street with accidental disclosures of financial targets, and raised eyebrows with its determination to index all the information in the world it can get its digital hands on, whether it's the text of books or the contents of your PC. As I've written before, I'm not against Google's efforts to do that, or its strategies for doing so. But finding Google beavering away at information everywhere you turn strikes many people as creepy, amplifying the uneasy feeling that far too much information about us is out there for someone -- online predators, government Javerts, RIAA bounty hunters, identity thieves -- to find. And that's the real anxiety in this case.

Surveying Google vs. the Government, the thing that worries me most isn't keeping my kid away from porn -- though I do fret about that, as I wrote two weeks ago. It's not the government looking at people's Web searches, though I don't think the government should do that. And it's not knowing Google bots are out there compiling as fast as their little crawlers can crawl, though that can be unsettling.

Rather, it's fearing that all this information -- public and private, trivial and critical -- is getting swept up and made available as more and more information from the analog age migrates to the digital world. And that's happening more quickly than we can identify what ought to be left out -- just ask the CIA, which had to answer questions from the Chicago Tribune about how searches of publicly available databases outed a number of covert operatives.

Rather than protections from porn, we need a basic compact governing what information about ourselves is publicly available, what safeguards there should be on its use, and how we can get information that shouldn't be available quickly and reliably removed. I think such a compact will emerge, and the digital unease of today will be seen as part of the Net's growing pains. But how long do we have to wait? And what mistakes will be made while we do?

What personal information should be available online? How should it be policed? And whose job is that? Drop me a line at realtime@wsj.com -- comments will be posted periodically in Real Time. If you don't want your comments considered for Real Time, please make that clear.