Google Updates Privacy Plan to Consolidate Data across its Services

Lena Mualla

Google implemented its new privacy policy on March 1, 2012, resulting in calls for increased transparency to safeguard the increased access to user information under the policy. The plan allows Google to consolidate user information across its roughly 60 services (notably, YouTube, Android, Google search engine, Google Maps, and Gmail). Google painted this change as pro-user, since the consolidation would make it easier for a user to work across various services; Google analogized this to a user’s already existing ability to bring a document from Google Docs and share it with someone over Gmail. The privacy policy, Google touts, would be a mere extension of that principle.

The European Union, led by France on this matter, is not convinced that this is a harmless update in policy. France’s privacy agency, the National Commission for Computing and Civil Liberties (CNIL), raised questions to Google in the form of a questionnaire and cited its major concern, based on a preliminary investigation, that user information was not being used properly.

In its statement to Google, the CNIL cited the lack of specificity with which Google explained its new policy to users: “The fact that Google informs users about what it will not do with the data (such as sharing personal data with advertisers) is not sufficient to provide comprehensive information, either.” The criticism takes on greater significance given that France’s investigation of Google’s policy was at the behest of the European Commission (the executive body of the EU).

To assuage uneasy users, Google has recommended some measures to limit the scope of the data consolidation policy. Among these recommendations are using YouTube and other services without logging in, opting out of some advertising settings, and turning off your web history. The measures will somewhat limit the use of a user’s information across services.

Moreover, Google offers a rough description of how it will use a user’s information. The four ways are as follows: 1) with a user’s consent; 2) user support; 3) “external processing” (“We provide personal information to our affiliates or other trusted businesses….”); and 4) legal reasons (e.g., fraud, security violations, terms of service violations, and as otherwise required or permitted by law). Item 3, advertising, is the most contentious use. Google refers its concerned users to visit its site that deals specifically with privacy issues, the Data Liberation Front (which offers help with privacy issues as well as insight regarding the Google engineering team’s comedic proclivities).

—

* Lena Mualla is a second-year law student at Wake Forest University School of Law. She holds a Bachelor of Arts in Government and International Politics from George Mason University. Ms. Mualla, a Fulbright award recipient, taught English in Indonesia prior to entering law school. Upon graduation, she intends to practice international law or environmental law.