Fair use. The same provision that every search engine relies on to index webpages and display cached snippets on an opt-out basis.

Google did advocate for orphan works legislation. Just google [orphan works google] before 2008. The legislation never passed. But when Google was sued, it had the opportunity to negotiate the same issues with the class of copyright owners. It's not ideal, but I don't think it's "horrible" on Google's part.

Actually, Google was sued for digitally copying library books, making them searchable, and allowing users to see a few "snippets" in the search results. The copying is exactly analogous to the copy of every webpage that exists inside any search engine. A lot of people get confused because the Google Books project also encompasses an opt-in publisher program that allows people to read several pages of books. But for books from libraries that are still under copyright, all Google has done is make a digital index and show snippets, and Google's defense is that its actions are legal under fair use.

In fact, Google has lobbied in favor of orphan works legislation. Just do a search for [orphan works google] before 2008. For example, here's Google's position in 2005. Google has been pretty consistent here.

When Google was sued, it had two choices: 1) defend its fair use to the end, or 2) find common ground with the plaintiffs and push the boundaries of class action lawsuits. They didn't have the option of passing orphan works legislation for everybody (although they have supported it), but they thought they could get it for themselves in a mutual agreement with the class.

Yes, this has been a feature for a while and was reported months ago when it was added to Google Apps. I think the main announcement today is that the wizard is more comprehensive now. It seems they're also tightening security around other entry points: programs like IMAP and Picasa require separate passwords from the primary account password now.

Google Authenticator is open-source and is based on an open protocol, so if you have some other computing device that you trust to be worm-free, you can save the seed on the device and get subsequent keys using a shell script or whatnot. Or if you have some recommendation for another platform it should be ported to, perhaps you can lobby for or support an additional port.

While we're on this topic, I recommend this recent hour-long interview with investigative journalist Brian Deer regarding his extraordinary effort to expose Andrew Wakefield's fraud.

I don't think there would be any objection if Microsoft collected queries that IE users make. It probably wouldn't be a problem to add the URLs that people visit to Bing's crawler queue. But explicitly associating the queries on Google with URLs clicked is simply collecting Google's results, which Google has already forbidden using its robots.txt file. The millisecond that the user clicks the Google result link, the (query, URL) pair is not "customer data" in the sense that it can be ethically copied into Bing's database.

Google News, Google Books, even Street View have opt-out mechanisms. And for Google Books, where the copyright owner hasn't stepped forward, the book is "available" only as a title and a few snippets from the query. There is content in the world, and Google is indexing it.

Contrast this to what Bing did. Google's robots.txt has explicitly opted out of other search engines crawling the search results, which is a database of (query, list of url). So Bing went around this by copying IE users' (query, url) pairs anyway. It would have been fine to just add the URLs that people visit to Bing's webpages to crawl, but associating the query with the Google result URL certainly is not OK.

Microsoft has finally "embraced" HTML5. Now, they are extending the <video> element in ways that F/OSS can't support due to inflexible patent licenses. They're not attacking Chrome on Windows, they're attacking open-source browsers on open-source operating systems.

Naturally, what Google does is in Google's interests, what Microsoft does is in theirs, what I do is in mine, etc. The relevant question is what effect their actions have in the marketplace and community. Google has been careful to release software that is good for them and good for the Web. Microsoft releases software that is good for them but potentially damaging to the Web, if you care about keeping barriers to entry low for future Web software. Quite different.

Except that there's a critical difference between the two plugins. Chrome Frame was an attempt to bring standards-compliant CSS and fast Javascript to websites that still have IE6 users. Even if it became ubiquitous, it would only relieve Web developers from having to support IE's broken rendering engine. On the other hand, Microsoft's plugin exists to shift the de-facto meaning of the <video> element in the HTML5 draft to support only the H.264 format instead of WebM. Microsoft's plugin is insidious if you care about the freedom to implement Web browsers and tools.

The underlying question is, should a company or open-source project be able to implement a Web browser from scratch without having to purchase patent licenses? The academics at the W3C think the answer is emphatically yes. This goes back to the beginning, when Tim Berners-Lee and CERN decided not to demand royalties for HTTP and HTML. But commercial OS vendors such as Microsoft and Apple would prefer <video>s in H.264, since forcing H.264 would give their OSes an advantage over open-source OSes and other underdogs that can't afford the licenses.

The DOM specs all provide spec-level testing (document.implementation.hasFeature(...)), but nobody uses that on the Web. Why? Because it's the browser bugs you typically have to work around, not backward-incompatible specifications. On top of browser bugs, you've got new user agents (iPhone) that the specs weren't designed for. And any experimental features will appear first in browsers before they turn into a specification, so developers will always use feature-testing instead of spec-level checks. Besides, feature-testing isn't as painful as you describe if you use libraries such as jQuery or Prototype.

Can't the airlines just put a license agreement at the bottom of the page, combined with a robots.txt entry, that says that the user is prohibited from aggregating and publishing prices? This is the standard method of protecting databases in the US.

By the way, the accidentally collected data fit in only four hard drives (according to Ireland update here). Hardly anything, by Google's standards.

Yes, a person can accidentally store data that he should have discarded. Google isn't a magical omniscient being; it's a collection of teams with their own disk quotas.

Not sure what your point is. Clearly, the purpose of the data collection was to associate router MAC addresses with physical location so that Chrome and Android can locate themselves more accurately (after the user grants permission). This is something that many companies such as Skyhook Wireless already do. Nobody that I have seen has intelligibly argued that the a map of MAC addresses is a privacy violation, although I suppose that conceivably a stalker can capture your router's MAC address and then query the database whenever you move.

As for emails, passwords and URLs, what motive would Google have for intentionally collecting a few unencrypted packets in passing? It was just an honest mistake, and the sooner governments allow them to delete the payloads, the sooner they will do so.

Yes, data mining can be scary, but there's no point in turning a company's attempt to come clean into a witch hunt. Google is honest about what they use your data for--to automatically determine which ads to show you. They don't sell your identity to anyone else. They don't limit your choices based on your identity (although search results are personalized, which you can disable). When it comes to specific privacy concerns and security risks, I'd say that Google is pretty benign.

Disclaimer: I used to work at Google.