Author Archives: Google Public Policy Blog

The Time for Reform is Now

Posted by Richard Salgado, Director for Law Enforcement and Information Security 

As the debate over electronic communications privacy escalates in Congress and around the country, I testified this week before the Senate Judiciary Committee to discuss this very issue. The hearing provided an important opportunity to address users’ very reasonable expectations of privacy when it comes to the content in their email and other online accounts. 

Google strongly supports legislation to update the Electronic Communications Privacy Act (ECPA), which was signed into law almost thirty years ago -- long before email accounts and the Web were part of our daily lives.  As it is currently written, ECPA allows government agencies to compel a provider to disclose the content of communications, like email and photos, without a warrant in some circumstances. This pre-digital era law no longer makes sense: users expect, as they should, that the documents they store online have the same Fourth Amendment protections as they do when the government wants to enter the home to seize documents stored in a desk drawer. 

There is no compelling policy or legal rationale for there to be different rules. Indeed, the law as currently written is unconstitutional, as the Sixth Circuit Federal Court of Appeals held back in 2010 in United States v. Warshak.  Google requires that law enforcement secure a warrant to compel Google to disclose content. 

In spite of the tremendous support for the legislation voiced across the political spectrum, some agencies that investigate civil infractions, as opposed to violations of criminal law, have sought to delay fixing the infirmities, and have even asked Congress for new and expanded powers. They seek the authority to force providers to search for and disclose users’ emails, documents and other content, rather than getting the information directly from users as they currently do. Congress should reject these efforts to expand the authority of these agencies, and should remain focused on fixing this broken statute. 

It is undeniable that ECPA no longer reflects users’ reasonable expectations of privacy and no longer comports with the Constitution. The Senate legislation, the ECPA Amendments Act of 2015, and its companion in the House, the Email Privacy Act, will ensure electronic communications content is treated in a manner commensurate with other papers and effects that are protected by the Fourth Amendment. 

The time for reform is now.

Positive Momentum for the Judicial Redress Act

Posted by David Lieber, Senior Privacy Policy Counsel

US privacy and security laws make distinctions among US persons and non-US persons that are becoming obsolete in a world where communications primarily take place over a global medium: the Internet.

The Privacy Act of 1974 is one of those laws. It is an important law that creates rights - including judicial redress - against privacy harms that may arise from the US government’s collection and use of personal information. The Privacy Act, however, does not apply to non-US persons.

Last November, Google endorsed legislation that would extend the Privacy Act to non-US persons. Since then, Congressmen Sensenbrenner and Conyers have introduced legislation - the Judicial Redress Act - that would create a process to extend the Privacy Act to non-US persons. Senators Hatch and Murphy have introduced a companion bill in the Senate.

The Judicial Redress Act is an important first step toward establishing a framework whereby users have comparable privacy protections regardless of their citizenship.

Earlier today, the House Judiciary Committee unanimously passed this bill, which enjoys support from a broad array of Internet companies and trade associations. We commend the Judiciary Committee’s action today, and we encourage the House leadership to move swiftly to pass this important bill.

Protecting people from illegal robocalls

Posted by Brad Wetherall, Google My Business Operations Manager 

You’re eating dinner with your family when the phone rings, and you see a phone number that you don’t recognize. You answer and hear a recording: “It’s extremely urgent that we speak to the business owner! We’ve tried to reach you numerous times. Our records indicate that your Google Business Listing has not been claimed...”

This is a common type of robocall, or automated phone call that delivers a pre-recorded message to sell or market services. Some, like informational notices from a doctor’s office, airline or pharmacy, can be useful and are allowed by law. Many others, however, are both useless and illegal in the United States. As the FTC explains: “if the recording is a sales message and you haven't given your written permission to get calls from the company on the other end, the call is illegal.”

Robocallers have targeted Google users for many years. Callers commonly bombard recipients—usually small business owners or individuals—with misleading offers and promotions for improving Google Search and AdWords rankings, or to improve their Google My Business profile. Since the beginning of 2015, we’ve received hundreds of complaints from users about robocalls they’ve received from businesses claiming to be affiliated with Google.

These illegal calls are a huge nuisance, cause small businesses and Google users to unnecessarily worry, and can lead to rip-offs. Illegal robocalls never have, and never will, come from Google.

Unfortunately, this is part of a much larger issue that extends beyond just Google users and customers. The FCC received 215,000 complaints about robocalls in 2014, the FTC gets approximately 150,000 complaints about them every month and says it has brought more than 100 lawsuits against more than 600 companies and individuals responsible for billions of illegal robocalls, to date. Robocallers impersonate many different companies, and have even impersonated the local police, the IRS, and the FTC itself.

If you receive illegal robocalls, here are a few things you can do right now to protect yourself:

  • Report callers to Google, and also the FTC or the FCC
  • Hang up the phone. Do not press any key, even if the voice recording prompts you to in order to speak with a live person or to be taken off the call list. 
  • Contact your phone company to see if they can block calls from any numbers. 
  • Register your personal number with the National Do Not Call Registry at: https://www.donotcall.gov/register/reg.aspx or call 1-888-382-1222. 

It’s difficult for Google to take action against callers because they often use untraceable phone numbers, fake company names, and massive global networks of intermediaries. However, today we’re filing an action in California against one search engine optimization company for making these robocalls and confusing our users. It’s unfortunate when a problem must be addressed in a court of law, but we believe this course of action will protect our users and discourage this practice more broadly.

Running a small business is hard work under the best of circumstances. Dealing with illegal robocallers isn’t just a waste of time, it can result in wasted resources and significant damage to your business. We hope these tips, and shining a light on the issue, will help discourage and eventually eliminate this practice.

Creating Value For Consumers From Unused TV Channels

Posted by Staci Pies, Public Policy and Government Relations Counsel

Modern wireless devices, from smartphones to tablets to wearable technologies, often rely on access to both a licensed cellular connection and unlicensed Wi-Fi for access to the Internet. Indeed, this access to both licensed and unlicensed airwaves has powered the mobile revolution to date.

That’s why we’re happy that as the FCC moves forward with its plan to auction more airwaves for licensed mobile use in the 600 MHz band, it has also made progress toward the goal of making three channels in this band available nationwide for unlicensed use. Once the FCC completes its work--including ensuring access to adequate spectrum in areas where a broadcaster may be placed in the “duplex gap” between wireless uplink and downlink, and fully implementing shared access to Channel 37, which is not used for television--these rules will ensure that unlicensed white spaces devices have opportunities to operate as spectrum is recovered from broadcasters and repurposed for wireless broadband.

By adopting a balanced approach to spectrum use that includes both licensed and unlicensed spectrum, the FCC helps ensure that consumers can get online, communicate, connect their devices, and have a quality experience on devices they choose, no matter where they are. Access to this new, low-frequency unlicensed spectrum means far better wide-area Wi-Fi connectivity for streaming a movie to any TV in your home, changing your thermostat settings no matter where you are, transferring photos from your camera to your computer, or answering your door from anywhere using your smartphone.

People rely more and more on Wi-Fi every day to live a connected life. In 2013 Wi-Fi, today’s most commonly used unlicensed technology, contributed over $6.7 billion to the U.S. GDP. The FCC’s order, released this week, recognizes the value to the economy of investments in unlicensed as well as licensed technologies.

How policymakers can support broadband abundance

Posted by Staci Pies, Public Policy and Government Relations Counsel

Nearly three years ago, Nick Budidharma, an 18­ year­ old game developer, drove with his parents from Hilton Head, S.C., to live in a “hacker home” that’s connected to the Google Fiber network. Synthia Payne relocated from Denver to launch a startup that aims to let musicians play together in real­-time online. Kansas City -- America’s first Google Fiber city -- has been transformed.

Today, Google Fiber continues to make the Internet faster and more accessible to more people across the country. Michael Slinger, Director of Google Fiber Cities, will testify today before the House Energy and Commerce Subcommittee on Communications and Technology to urge policymakers to play a more active role in expanding nationwide broadband abundance.

Today’s hearing will highlight the expansion of broadband deployment, recent infrastructure developments, and policies that will encourage investment in broadband expansion. Michael will share our experience building out Google Fiber to present ideas for how policymakers can support greater broadband abundance:

“Policymakers’ top broadband goal should be achieving broadband abundance — which requires reducing the cost of network buildout and removing barriers that limit providers’ ability to reach consumers. The key is to focus on competition, investment, and adoption.”

When lawmakers successfully support broadband infrastructure and development, Americans will have more choices at higher speeds, small businesses will have the opportunity to expand, and local economies will grow. Post content

Google, the Wassenaar Arrangement, and vulnerability research

Posted by Neil Martin, Export Compliance Counsel, Google Legal & Tim Willis, Hacker Philanthropist, Chrome Security Team

Cross-posted on the Google Online Security Blog

As the usage and complexity of software grows, the importance of security research has grown with it. It’s through diligent research that we uncover and fix bugs — like Heartbleed and POODLE — that can cause serious security issues for web users around the world.

The time and effort it takes to uncover bugs is significant, and the marketplace for these vulnerabilities is competitive. That’s why we provide cash rewards for quality security research that identifies problems in our own products or proactive improvements to open-source products. We’ve paid more than $4 million to researchers from all around the world - our current Hall of Fame includes researchers from Germany, the U.S., Japan, Brazil, and more than 30 other countries.

Problematic new export controls 

With the benefits of security research in mind, there has been some public head scratching and analysis around proposed export control rules put forth by the U.S. Department of Commerce that would negatively affect vulnerability research.

The Commerce Department's proposed rules stem from U.S. membership in the Wassenaar Arrangement, a multilateral export control association. Members of the Wassenaar Arrangement have agreed to control a wide range of goods, software, and information, including technologies relating to "intrusion software" (as they've defined that term).

We believe that these proposed rules, as currently written, would have a significant negative impact on the open security research community. They would also hamper our ability to defend ourselves, our users, and make the web safer. It would be a disastrous outcome if an export regulation intended to make people more secure resulted in billions of users across the globe becoming persistently less secure.

Google comments on proposed rules 

Earlier today, we formally submitted comments on the proposed rules to the United States Commerce Department’s Bureau of Industry and Security (BIS). Our comments are lengthy, but we wanted to share some of the main concerns and questions that we have officially expressed to the U.S. government today:

  • Rules are dangerously broad and vague. The proposed rules are not feasible and would require Google to request thousands - maybe even tens of thousands - of export licenses. Since Google operates in many different countries, the controls could cover our communications about software vulnerabilities, including: emails, code review systems, bug tracking systems, instant messages - even some in-person conversations! BIS’ own FAQ states that information about a vulnerability, including its causes, wouldn’t be controlled, but we believe that it sometimes actually could be controlled information. 
  • You should never need a license when you report a bug to get it fixed. There should be standing license exceptions for everyone when controlled information is reported back to manufacturers for the purposes of fixing a vulnerability. This would provide protection for security researchers that report vulnerabilities, exploits, or other controlled information to any manufacturer or their agent. 
  • Global companies should be able to share information globally. If we have information about intrusion software, we should be able to share that with our engineers, no matter where they physically sit. 
  • Clarity is crucial. We acknowledge that we have a team of lawyers here to help us out, but navigating these controls shouldn’t be that complex and confusing. If BIS is going to implement the proposed controls, we recommend providing a simple, visual flowchart for everyone to easily understand when they need a license. 
  • These controls should be changed ASAP. The only way to fix the scope of the intrusion software controls is to do it at the annual meeting of Wassenaar Arrangement members in December 2015. 
We’re committed to working with BIS to make sure that both white hat security researchers’ interests and Google users’ interests are front of mind. The proposed BIS rule for public comment is available here, and comments can also be sent directly to [email protected]. If BIS publishes another proposed rule on intrusion software, we’ll make sure to come back and update this blog post with details.

Improving patent quality one search at a time

Good patents support innovation while bad patents hinder it. Bad patents drive up costs for innovative companies that must choose between paying undeserved license fees or staggering litigation costs. That’s why today we are excited to launch a new version of Google Patents, which has the power to improve patent quality by helping experts and the public find the most relevant references for judging whether a patent is valid.

The ability to search for the most relevant references--the best prior art--is more important today than ever. Patent filings have steadily increased with 600,000 applications filed and 300,000 patents issued in 2014 alone. At the same time, litigation rates are continuing their dramatic climb, with patent trolls bringing the majority of cases, hitting companies of every size in industries from high-tech to main street. 

Traditional searches often focus on other patents. But the best prior art might be a harder-to-find book, article, or manual. That was true in the “shopping cart” patent case. After many companies paid out millions in settlements, a court finally struck down the patent in light of two books that were not found by the examiner who issued the patent.

The new Google Patents helps users find non-patent prior art by cataloguing it, using the same scheme that applies to patents. We’ve trained a machine classification model to classify everything found in Google Scholar using Cooperative Patent Classification codes. Now users can search for “autonomous vehicles” or “email encryption” and find prior art across patents, technical journals, scientific books, and more.

We’ve also simplified the interface, giving users one location for all patent-related searching and intuitive search fields. And thanks to Google Translate, users can search for foreign patent documents using English keywords. As we said in our May 2015 comments on the PTO’s Patent Quality Initiative, we hope this tool will make patent examination more efficient and help stop bad patents from issuing which would be good for innovation and benefit the public.

Posted by Allen Lo, Deputy General Counsel for Patents and Ian Wetherbee, Software Engineer for Google Patents

“Revenge porn” and Search

by Amit Singhal, SVP, Google Search

We’ve heard many troubling stories of “revenge porn”: an ex-partner seeking to publicly humiliate a person by posting private images of them, or hackers stealing and distributing images from victims’ accounts. Some images even end up on “sextortion” sites that force people to pay to have their images removed.

Our philosophy has always been that Search should reflect the whole web. But revenge porn images are intensely personal and emotionally damaging, and serve only to degrade the victims—predominantly women. So going forward, we’ll honor requests from people to remove nude or sexually explicit images shared without their consent from Google Search results. This is a narrow and limited policy, similar to how we treat removal requests for other highly sensitive personal information, such as bank account numbers and signatures, that may surface in our search results.

In the coming weeks we’ll put up a web form people can use to submit these requests to us, and we’ll update this blog post with the link.

We know this won’t solve the problem of revenge porn—we aren’t able, of course, to remove these images from the websites themselves—but we hope that honoring people’s requests to remove such imagery from our search results can help.

UPDATE, 7/9/2015: People can use this webform to submit revenge porn removal requests.

Encouraging Innovation: Wi-Fi and LTE in Unlicensed Spectrum Bands

by Nihar Jindal, Hardware Engineer, Access & Energy

In the 20 years since the Federal Communications Commission (“FCC”) first made spectrum available on an unlicensed basis, technologies such as Wi-Fi and Bluetooth have flourished. Innovation in unlicensed spectrum has given people more opportunity to access the Internet, when and where they need it.

Carriers are also innovating in licensed spectrum, deploying Long Term Evolution (“LTE”) networks that enable the delivery of data traffic faster and more efficiently than previous generations of technology such as 3G. Indeed, a spectrum policy that balances licensed and unlicensed opportunities has allowed expansive growth of the wireless economy, benefiting consumers, innovators, and investors.

With the rapid growth of data services and high bandwidth applications, mobile operators need more capacity than ever. One way to meet the need is to move traffic from their licensed network to the 2.4 GHz and 5 GHz unlicensed bands, known as “Wi-Fi offloading”. Offloading benefits carriers and consumers: carriers find additional capacity to relieve congestion on their network and consumers have a high-quality experience.

In recent months, several carriers and suppliers have announced plans to deploy LTE, a technology historically deployed only in licensed frequencies, in the 5 GHz unlicensed band as a means for providing additional capacity to customers. One part of the LTE stream operates in a licensed frequency, and the mobile operator has the flexibility to determine whether to send other portions over licensed or unlicensed frequencies. This arrangement provides licensed operators access to additional spectrum without the expense of obtaining a license, while allowing them to maintain the quality of service expected for licensed services. This form of LTE cannot be used without access to licensed spectrum.

However, LTE over unlicensed — at least as currently conceived — presents new challenges for coexistence with other unlicensed technologies. A new white paper by Google engineers, which we filed with the FCC this week, summarizes our initial investigation into the issue of coexistence between license-anchored LTE and Wi-Fi in the 5 GHz band. The paper shows that in many circumstances, LTE over unlicensed coexists poorly with Wi-Fi.

Although all players in the wireless ecosystem should have the ability to utilize unlicensed spectrum within the FCC’s rules, LTE over unlicensed has the potential to crowd out unlicensed services. Holders of licensed spectrum shouldn’t be able to convert the unlicensed 5 GHz band into a de-facto licensed spectrum band, and certainly they should not have the ability to drive out other unlicensed users.

The ability for diverse technologies to operate together in the unlicensed bands has typically been resolved through cooperation and without regulatory intervention. Providers of unlicensed services share an incentive to make sure that players are able to deliver services in the band without fundamentally degrading other unlicensed activity. The incentives to coexist may be different when providers can fall back to licensed spectrum in the event of conflicts in unlicensed spectrum. But there is still time for the industry-led cooperation that enables technologies like Wi-Fi and Bluetooth to coexist successfully.

A potential solution that would avoid coexistence problems in the 5 GHz band is for carriers instead to utilize newly available spectrum in the 3.5 GHz band for additional capacity. The FCC recently identified the now-underutilized 3.5 GHz band spectrum as ideal for this kind of use.

The entire wireless ecosystem should be concerned about allowing one innovation to block others — past and future. The best way to stimulate innovation without regulatory intervention is for the industry to maximize use of all available spectrum and develop workable coexistence and coordination mechanisms that encourage widespread access to unlicensed spectrum. 

Creating Broadband Abundance

by Staci Pies, Senior Counsel, Public Policy and Government Relations

Over the last few years, we've started to see gigabit Internet service transform communities. It has provided a platform for economic development and new ways to use technology to improve citizens’ lives. What’s more, where there is competition, it is driving a race between broadband providers, giving consumers higher speeds, greater choice, and lower prices.

The U.S. shouldn’t settle for less than ubiquitous, abundant broadband access. Unfortunately, many consumers don’t have much choice in broadband providers and for most, gigabit Internet is still a dream. Market-based solutions are critical to closing the gap, yet regulation on the federal, state, and local levels has not kept pace with technological innovation. Some regulations, such as those addressing access to infrastructure, fail to remove — and sometimes worsen — barriers to broadband deployment. Policymakers’ top broadband goal should be abundance, which can be brought about by competition, investment, and adoption.

Earlier this year, the Obama Administration created a “Broadband Opportunity Council” of federal government agencies to examine how each agency could remove barriers to broadband deployment. Today, we’re sharing our ideas with the Council in a filing with the U.S. Commerce Department.

Google has always invested in making online content and applications more widely available. We’re also creating more abundant broadband access through services like Google Fiber and wireless projects. Our experience has given us some ideas for how government officials can implement policies to make the U.S. fiber ready, wireless ready, and consumer ready.

Fiber Ready 
One of the biggest challenges facing new broadband entrants, including Google Fiber, is accessing existing infrastructure. Policymakers can help reduce delays associated with obtaining adequate information, attaching to existing utility poles, and increasing access to existing conduit and rights of way. Moreover, we can streamline processes that pole owners and existing attachers use to get poles ready for a new provider (known as “make-ready” work).

Another challenge for new broadband entrants is unreasonably high rates for access to video programming. The FCC's policy of allowing non-cost based discounts under the guise of permitted volume discounts undermines broadband entry and deployment. The policy should be revised to require covered programmers to justify how their discounts for the biggest incumbents relate to actual cost savings. Most consumers want to buy Internet and video programming in one package. Encouraging the competitive availability of video services can spur the deployment of high-speed networks, resulting in more consumer choice.

Wireless Ready 
Wireless service plays a critical role in bringing broadband to rural areas where low population densities and challenging terrain make traditional deployments prohibitively expensive, and to underserved areas that lack robust infrastructure. Whether a consumer uses a DSL, cable or fiber connection, she likely is using Wi-Fi as the last link for connectivity. To promote broadband abundance, policymakers can ensure that sufficient spectrum is available for Wi-Fi and other unlicensed technologies and adopt policies to enable sharing of underused spectrum.

Consumer Ready 
About 30 percent of Americans still don’t use the Internet at home, leaving them at a disadvantage when it comes to education, job opportunities, and social and civic engagement. Google Fiber has committed to address digital inclusion and adoption with community partners and local leaders, but a broader effort is needed to bring all Americans online. As part of our filing with the Commerce Department, we propose a number of ideas for how the government can further broadband adoption and digital inclusion.

These proposals include expanding digital literacy programs; driving public awareness about why the Internet matters; and modernizing the Lifeline program to shift the responsibility for determining eligibility away from carriers to enable consumers to choose connectivity services that meet their needs. These ideas are an essential complement to the work of Google and others to make the Internet faster and more affordable for more people across the country.

A successful agenda to increase broadband deployment and bandwidth abundance will benefit consumers, small businesses and the economy. We hope that the new Broadband Opportunity Council will remove barriers, give Americans more choices at higher speeds, and help reach the goal of nationwide broadband abundance.