Digital Privacy: Did Google Inform Chrome Users of Scanning Feature?

Google Chrome users recently became aware that the browser quietly scans their personal files without prior consent. Sputnik discussed this with professor Mauro Conti, the head of SPRITZ Security and Privacy Research Group and an associate professor at the University of Padua.
Sputnik

Sputnik: So one of the main functions of an anti-virus is to scan files to determine the potential threat. Why is so much fuss being raised about this? Is it much to do about nothing?

Professor Mauro Conti: Scanning files is one of the key features of anti-viruses and in general I would say anti-viruses are among the most powerful softwares that we run on our devices after the operating system itself. This is because anti-viruses to run properly their task need to access a lot of items, files and resources in our devices and usually they do it with so-called route privileges or superuser privileges, which means they can do a lot of very secure and sensible operations on our files. To be clear this Chrome's Cleanup Tool didn't claim to be probably a fully-fledged antivirus so it was aiming at detecting very specific threats against the broader attacks, as far as they claimed it also was running in user mode so adding a bit less access and capabilities on what it was doing on the devices.

READ MORE: I Spy: Google Chrome Caught Discreetly Scanning All Files on Your PC

Sputnik: And why were so many Chrome users therefore unaware of this feature? That's the main issue with regard to this isn't it?

Professor Mauro Conti: As I said it's definitely a communication problem. To be correct it seems that this specific behavior was stated in the whitepapers and somewhere in the disclaimers. But the point is: Was Google putting really enough effort to make users aware of this? If you think there're a lot of scenarios where we install apps on our devices or softwares we as users often don't read everything and if we read oftentimes we're not fully aware. These definitely apply to a lot of scenarios and computer security is one of these. So going back specifically to the question. The question is did Google put enough effort and care to make users aware of this? And the other aspect that's always there is that users in general should be more aware and more concerned of what these softwares do on our devices.

Sputnik: On one sense we're asking these tech juggernauts to be more transparent but when it comes to it I don't think the population are actually reading the information that's being put to them so it's a difficult one to police, isn't it?

Professor Mauro Conti: Yes, that's definitely a difficult step and I wouldn't expect those big tech giants to start from their side this changing process. But I believe a change would be there because definitely the key point is that users must be more aware. I think researchers are trying to do something, journalists and media are trying to do something but I think we are probably not effective enough to reach the target if this is still the situation. Somehow those types of incidents, just to talk about the recent one of Chrome or Facebook if you like, these are actually incidents, so in principle they are bad for privacy of users. But I think they are also good from the learning point of view, meaning that they really expose users to what a threat could be, what can happen if you lose your data, if somebody has got access of your data. So those types of incidents probably will make users more aware and users on their side will push companies and lawmakers to change things in a more privacy-preserving way.

READ MORE: Macron Claims Facebook, Google Becoming 'Too Big', Expert Says It's Too Late

Sputnik: Now there is previous form with regard to this particular subject because earlier the US authorities accused Kaspersky Lab of espionage due to the company's anti-virus working in a similar form and banned all departments from using products by Kaspersky. Is it likely that Google's Cleanup Tool would also face the same backlash? What's your thoughts on that?

Professor Mauro Conti: I mean the same question and the same concern could be raised in a similar way to a lot of other big tech giants like Google, Facebook, Microsoft, Samsung…. I mean every big company that builds softwares that we use and builds devices that we use could technically speaking potentially be spying or maliciously using this information. Whether they are really doing this or not is more matter of ethics but on the other aspect of the question which is maybe a bit more diplomatic,… any government that doesn't control the technology or even worse might think that their technology may be controlled by some other government of course that's reasonable that they have concerns of using such technologies.

READ MORE: Google Staff Demand Closure of Joint AI Project With Pentagon

Sputnik: The news comes also amid the Facebook data issues scandal with Cambridge Analytica. What consequences can this have for social media platforms moving forward?

Professor Mauro Conti: I think we have the ability to do something as users, I don't think that this single incident will apply any big change because we had a lot of incidents in the past and users are quite reluctant to change or are really against some technology. Of course we have to be thankful to all these big players and technologies because they kind of help our life, make it a bit more funny or whatever you do, whatever you like. But on the other side, I think again, users need to be more aware of the threats. Because when things happen it might be too late so those types of things may really help users to push or ask Facebook or any other big players, "Please do care about my data otherwise I might change to a new social network which maybe more privacy aware."

The views of the speaker do not necessarily reflect those of Sputnik.

Discuss