Google has been the most prominent company in the Web 2.0 revolution for some time. From Google Blogger, to Google Earth, to Google Desktop, to Google Calendar, and onward, there is almost nothing that Google doesn't provide a service for. Google is currently the third most trafficked site on the internet, reaching around 25 per cent of all users (mostly from the United States). This clear dominance has privacy advocates worried.

The amount of information that Google has access to on the web habits of users is immense. For instance, if you have a Gmail account, odds are that Google is tracking your web searches. (Check yourself at Google History). Google's bread and butter is advertising and it prides itself on placement of ads which are "context appropriate". That is, the Google ad service (AdWords) displays ads that are most likely to be of interest to the viewer. When you open your Gmail account, the ads shown at the side will be related to the contents of the email you are reading.

With the pending acquisition of DoubleClick, Google's ability to know more about its users increases substantially. DoubleClick reportedly reaches over 80 per cent of all internet users through its advertising service. (If you check your browser's cookies, you will very likely see one from doubleclick.com). Privacy advocates are concerned that this data collection puts the privacy of internet users at significant risk. Here are several ways that risk could be exploited.

The government could demand information through legal proceedings. It is not unheard of for a government agency to turn to Google for access to its massive data store. There is an ongoing lawsuit with Google against the Federal government which is requesting Google search records to defend a Federal anti-pornography law. (Microsoft, America Online, and Yahoo have all complied). The case is still pending but it shows the risk of having a large amount of information stored in a database… eventually the Government will want to get its hands on it.

The information could be leaked or directly compromised by a malicious individual or group. Will Google ever be hacked and its information stolen? Some would say that it is not likely. However, a few years ago people would never have imagined how frequently banks would be compromised. Every few months a bank or a large financial institution loses its customers' data or its backup tapes get stolen. Admittedly, it isn't extremely likely that Google break-ins will become commonplace. None the less, the more information that Google stores, the more likely attacks by sophisticated, greedy hackers become.

It is more likely that data will be leaked through seemingly innocent actions. AOL posted 20 million search records online for research purposes. Some users were quickly identified and others were investigated for criminal activities. Some records also included private financial information like credit card numbers or social security numbers.

Someone could steal your Google password and access your information directly. The most likely case of information compromise is password theft. For instance, someone who believes a spouse is having an affair could steal the password for the Google account and access search data or other information stored by Google. Or spammers who engage in phishing attacks could try to trick you out of giving up your Google password. The more information that Google stores, the more valuable it becomes, and the more likely it will be a target of phishing attacks.

What can you do to protect yourself?

The most effective thing you can do to protect your privacy is to know what gets collected and by whom. If you don't feel comfortable with the amount of information Google collects, you can easily use comparable services. It is important to realize that the internet is not the private and anonymous place most people believe it to be. An interesting and understudied sociological phenomena is that people on the internet behave in ways they would never consider doing face-to-face. Better behavior makes for less embarrassing information becoming available.

You can also use privacy-enhancing technologies such as specialized web browsers and anti-spyware software. Lastly, safe-browsing habits should be employed. Websites that provide less-than-savory content on the web often have less-than-honest ethics about what they do with your information.

In the end, internet privacy will come down to people protecting themselves from information that don't want to be public. Internet users cannot expect someone else to protect them from the misuse of information they willingly or unknowingly broadcast to the world. Users need to pro-actively understand whom they are doing business with, what data they are collecting, and how they can protect themselves.

John Bambenek is, among other things, a freelance columnist. He also writes for his own blog, Part-Time Pundit, and contributes to six other popular blogsites such as Blogcritics.

John Bambenek is an information security practitioner living in central Illinois. He currently owns a consulting firm where he guides corporate executives and members of government on...