Google's privacy policy doomsday goes ahead despite warnings

March 1st: the start of a new month, and a new era in Google's history. A new privacy policy is set, but Google faces continued pressure from governments to roll back the decision.
Written by Zack Whittaker, Contributor

In less than a year since Google rolled out its Facebook-competing social network, Google+, the search giant has stirred the international community with a new one-size-fits-all privacy policy.

It came into force today after weeks of complaints and warnings by authorities. Not everything is a plus, and Google continues to stir up trouble by seemingly putting advertisers' wants ahead of its users' needs.


The 'simplified' privacy policy now consolidates over 70 privacy documents into one, allowing signed in users to have their data shared from one Google product to another, even if they don't want to. Google Maps records are now kept with search results, and combine Google+ and Gmail searches, records, and uploaded information, and so on.

It not only makes government access to your data far easier, and while Google does not collect any more data on its users, the changes rolled out today on March 1st allows the company to build up a far greater picture of who you are as individuals.

It also gives Google the opportunity to raise the advertising stakes, allowing third-parties to target users more effectively, in an increasingly difficult advertising industry where Facebook and others continue to compete.

French data protection authorities began investigating the new privacy policy after it was thought to be in breach of Europe's data protection laws. Japanese authorities have also warned that the privacy policy could violate local laws, and seeks a clear explanation on the facts. South Korea also warned that its laws could be flouted in the move.

Collectively, the three markets constitute one of the largest cross-border violations of individual law by a technology giant we have seen in years.

And the laughable thing is that most governments or executive bodies can do nothing about it.

Much ado about nothing?

Google maintains that this move is one of simplification and ease, rather than a decision it made lightly. It also notes that its browser Chrome and mobile payments are separate and remain covered under different policies.

A letter from Google to Congress highlighted particular concerns for enterprise and government users of its Google Apps productivity suite.

Google Apps for Government, Education or Business users would be "unaffected" by the changes, as the company continues to "maintain our enterprise customers’ data in compliance with the confidentiality and security obligations provided to their domain," said Amit Singh, vice-president of Google Enterprise.

The enterprise is not where the money is, at least in terms of advertising revenue. The service is already paid for, and the company continues to generate streams of cash through from new and existing contracts. Ordinary users and end-consumers who sign up to Google's products and services do not pay, and therefore agree to have advertisements served based on the data they submit --- even if they do not know they are submitting it.

Google says they do not sell your personal information to advertisers, and maintains this. It does, but the wording is that it does not make "personally identifiable" information available to third-party advertisers without your permission.

There is no explicit consent sought, merely through its privacy policies and terms and conditions which are not read by the vast majority, but data is nevertheless still handed on. Just because it doesn't have your name on it does not mean it's any less of a violation.

Yet, this is something to be solved in the next iteration of Europe's data protection laws.

Under current EU law, there is no one set penalty or fine. Google could walk away from European authorities with a written slap on the wrist, and nothing more. New proposals set to revamp the data laws could see authorities fining companies up to 2 percent of its global annual turnover, but will not be in effect for years to come.

Click first, ask questions later

Google's response to the privacy policy changes was poor, and its method of informing users was even worse. In a small box that appeared on its search results page, or near to where Google advertises its Chrome browser, the search giant asked users to acknowledge the new privacy policy changes or to simply "dismiss" the warning.

The "dismiss" button should not have even been there. The vast majority of people would not have read the policy, as so many nowadays accept that these jargon-ridden documents are laden with legalese and complicated text, and can even read longer than the U.S. constitution.

It didn't stop the company from making a big deal out of other privacy matters, however. From mid-January, the search giant ran not only advertisements in U.S. national newspapers but on subways in New York and Washington D.C. also in a bid to 'educate' its users on issues of data security and privacy protection.

It was deemed disingenuous by privacy groups considering its own seemingly hypocritical move to combine its privacy policies into one.

From hereon in, there is almost no doubt that European authorities will continue to investigate. Other national governments will seek answers, and Google will all but inevitably be fined en masse by numerous executive national bodies to each respective country that wishes to make its position known.

But by then, it will already be too late, and the damage will already have been done to not only Google, but consumer confidence in the company. And as long as the 'ordinary person' on the street is the only one getting hurt, then Google doesn't seem to care.

Image source: Spencer E. Holtaway/Flickr.


Around the network:

Editorial standards