Google funding to Stanford is tied to not doing privacy research

September 24, 2014 |

Pro publica in Stanford Promises Not to Use Google Money for Privacy Research  reports on Google providing funding to Stanford University’s Centre for Internet and Security provided that it does not use it to undertake privacy research.  Tied grants are usually framed entirely differently, that the funds be used to do something specific.  Often the critisism of academic institutions is that they hold themselves back from critisising those who provide funding, directly or implicitly through their research and publications.  It is less common for the terms to be so obviously set out.  As the story makes clear Google has, from a practical perspective, some reason to be wary about the centre’ activities.  A researcher there helped uncover privacy violations which resulted in a $22.5 million fine.  A wag might say that it doesn’t take too much money or research to uncover privacy intrusive behaviour by Google and proabably only a little bit more to draw the lines to a legal violations.  It tends to be a target rich environment.

The article provides:

Stanford University recently declared that it will not use money from Google to fund privacy research at its Center for Internet and Society, according to a legal filing made by the school.

 “Since 2013, Google funding is specifically designated not [to] be used for CIS’s privacy work,” the university said in the court filing, found by ProPublica in documents filed in an unrelated lawsuit.

Stanford’s Center for Internet and Society has long been generously funded by Google, but the center’s privacy research has proved damaging to the search giant in the past two years. Two years ago a researcher at the center helped uncover Google privacy violations that led to the company paying a record $22.5 million fine.

Stanford and Google both said that the change in funding was unrelated to the previous research. But some academics said that Stanford’s promise not to use Google money for privacy research is problematic.

“It’s such an etiquette breach, it tells you something is really sensitive here,” said James Grimmelmann, a University of Maryland law professor who specializes in Internet law and online privacy. “It’s fairly unusual and kind of glaring to have that kind of a condition.”

Like most universities, Stanford has a policy that does not allow employees to “take money for academic research (or anything else) with strings attached. All donors to the Center agree to give their funds as unrestricted gifts.”

The Center at Stanford  responded by stating:

Julia Angwin’s blog post today is incorrect. Stanford never promised not to use Google money for privacy research. 

In 2014, the Center for Internet and Society (CIS) at Stanford Law School told a court considering a proposed cy pres distribution in a case where Google was the defendant that our 2013-2014 consumer privacy research was not funded by Google. The sentence in question says, “Since 2013, Google funding is specifically designated not be used for CIS’s privacy work.” As I told Julia, the designation to which we were referring is an internal SLS/CIS budgeting matter, not a policy change, and we very well may decide to ask the company for a gift for privacy research in the future. But in 2013, we had other funding sources for our consumer privacy work, and so we asked for, got, and designated Google money to be used for different projects. 

Funding sources impose no restrictions on CIS researchers. Period. All donors to the Center–and to Stanford more generally–agree to give their funds as unrestricted gifts, for which there is no contractual agreement and no promised products, results, or deliverables. Our policies are crystal clear on that

Specfically, CIS does not bar any of our people from working on any subject, including privacy. Such a ban would violate University policy. It would also be impossible to enforce. Julia asked me how we would deal with a situation where someone’s “work on net neutrality or copyright, for instance, could wind up in the field of privacy.”  I told Julia: “No area of CIS research is ‘barred’. We are free to work on whatever we like, including privacy. That makes things easy.” Unfortunately, Julia did not include my statement in the piece. 

So, neither “Stanford” nor CIS made any promise not to use of Google money for privacy research. We do promise that we follow strict guidelines for maintaining our academic autonomy and research integrity. These policies provide explicit protection against sponsors who might seek to direct research outcomes or limit the publication of research. That’s the way it is and the way it has always been.

Barring work on specific subjects is generally frowned upon, particularly because research that starts in one area can naturally lead to other topics. 

“To do research honorably, you have to follow where the data lead,” said Cary Nelson, former president of the American Association of University Professors. “You have to have the freedom to follow those leads.” Asked if he would work under such conditions, Nelson was curt: “No.”

Stanford and Google say the promise to avoid funding privacy issues is simply a result of Stanford’s decision to seek Google funding for other projects.

Jennifer Granick, a director at the center, said the “designation” of Google money for non-privacy research that was referred to in the legal document did not amount to a “specific prohibition.” The center, she said, chose not to request money from Google for its privacy work this year.

“The money they gave us ran out in 2013, and then we asked for, got, and used Google money for different projects, not because of a specific prohibition,” Granick said. “We have other funding for our consumer privacy work.”

 “When we ask for funding, we often tell the proposed funder what topic areas we plan to use any money we receive to work on. But the gift does not create a contractual obligation for us to spend the money on that subject,” Granick said.

Granick said the designation of Google money for non-privacy research is an internal budgeting matter and that Stanford researchers are free to work on whatever they like. She did not explain what her researchers were supposed to do if they were Google-funded but found their lines of inquiry leading them into privacy-related matters.

Google spokesman Rob Shilkin said that Stanford’s decision to seek other funding for its privacy research was not prompted by the company. “We’ve long made grants to Stanford and other universities supporting independent research on various technical issues and legal topics – privacy, copyright, intermediary liability, patents, and more,” he said. “Last year, Stanford Law School again asked for money to fund particular projects they wanted to pursue and we were happy to provide support this work.” Google also funds privacy research at other universities including Princeton and Harvard.

Google and Stanford have a long and close history. Google founders Larry Page and Sergey Brin developed their search algorithm while they were graduate students at Stanford. After Google went public, Stanford made hundreds of millions of dollars selling Google stock that it received as payment for allowing Google to use technology developed at Stanford. A university spokeswoman declined to say if Stanford still holds any stock, citing a school policy against revealing specific investments.

Stanford’s Center for Internet and Society, founded in 2000, was best known in its early days for work that benefitted Google’s cause, including research on net-neutrality issues, which Google has pushed for, and research on fair use, which allows some use of copyrighted material without permission from the author.

But Google has increasingly come under scrutiny from privacy advocates and researchers, since much of the company’s business is based on expanding the boundaries of Internet privacy. 

Stanford researchers Jonathan Mayer and Aleecia McDonald have been at the forefront of privacy research that impacts Google. In 2012, Mayer was involved in research that showed Google was circumventing users’ privacy choices in Apple’s Safari Web browser – which led to Google paying the record fine.

In 2011 and 2012, the center’s privacy director, McDonald, helped lead a project to create a “Do Not Track” standard. The effort, not supported by Google, would have made it harder for advertisers to track what people do online and likely would have cut into Google’s advertising revenue. Tensions over the “Do Not Track” debate ran so high that in 2013, the president of the online advertising’s trade association – of which Google is a board member – called center researcher Jonathan Mayer a “Bolshevik of the Internet world” and accused McDonald of being “incompetent.”

Mayer and McDonald both said that their research had not been restricted by the change in funding. McDonald said she did not hear any complaints from Google about her work. Mayer said, “Tech firms often grumble following unfavorable research. Google is no exception.”

Universities often accept money from outside organizations to research broad subject areas. That’s generally not controversial because it allows researchers to go where their findings take them.

But if researchers are restricted, they might be forced to skew their results, ignore credible lines of inquiry or abandon legitimate projects altogether.

For instance, some of the non-privacy research at Stanford’s Center for Internet and Society could be more related to privacy than they appear, Grimmelmann said.

Take copyright. A study on the increasing popularity of e-books could lead to the topic of e-book piracy, which could lead to the idea of publishers requiring readers to log in, a practice that could make users’ reading habits much easier to track – a clear-cut privacy issue.

“Some of the best copyright scholarship of recent decades … couldn’t have been carried out at the Stanford CIS under the terms of the grant you described to me,” Grimmelmann said. “So a commandment that ‘Thou Shalt Not Study X’ also interferes with the study of the rest of the alphabet.”

One Response to “Google funding to Stanford is tied to not doing privacy research”

  1. Google funding to Stanford is tied to not doing privacy research | Australian Law Blogs

    […] Google funding to Stanford is tied to not doing privacy research […]

Leave a Reply