Blog Post

What the web is saying about Google’s privacy policy

Stay on Top of Enterprise Technology Trends

Get updates impacting your industry from our GigaOm Research Community
Join the Community!

Google’s new privacy policy, which launched today and allows personal data to be shared across the entirety of the company’s services, is taking serious fire — not least in Europe, after the French data protection watchdog CNIL said it believes that the new policy breaches European law. The French have asked for a full, EU-level investigation into the subject, something that is making headlines around the world.

From the outside, this could look like a provincial authority running to teacher; the equivalent of a lawmaker in, say, Texas asking the Department of Justice to intervene against a third party. But here’s the thing: CNIL didn’t start looking into Google’s policies as part of some fishing expedition — it was asked to conduct its review by the same European officials it is now referring the issue to. This is not a plea, this is a recommendation.

The news has led to a to-and-fro between the regulators and Google and, as you can expect, has generated plenty of sentiment online.

In a letter earlier this week to Larry Page, CNIL president Isabelle Falque-Pierrotin said the organization had serious issues with the policy:

“The CNIL and EU data authorities are deeply concerned about the combination of personal data across services: they have strong doubts about the lawfulness and fairness of such processing, and its compliance with European data protection legislation,”

Google responded to that by saying that it was in an impossible position.

Like all companies, we have struggled with the conundrum of how to pursue both of the CNlL‘s recommendations: how to “streamline and simplify” our privacy policies, while at the same time providing “comprehensive information” to our users.

The letter was signed by global privacy counsel Peter Fleischer, who is based in France and had previously said that officials were given ample prior warning:

We briefed most of the members of the working party in the weeks leading up to our announcement. None of them expressed substantial concerns at the time, but of course we’re happy to speak with any data protection authority that has questions.

And in an announcement post on Google’s blog, Alma Whitten, the company’s director of privacy, product and engineering, made the argument that the company’s “privacy controls aren’t changing”:

The new policy doesn’t change any existing privacy settings or how any personal information is shared outside of Google. We aren’t collecting any new or additional information about users. We won’t be selling your personal data. And we will continue to employ industry-leading security to keep your information safe.

Broad public reaction seems to be negative. The word “creepy” is being used a lot.

Popular illustrator and designer Etherbrian, who works for Gowalla (which is now owned by Facebook, of course) captured much of the mood:

And the press seems to be rounding on them: “Google’s controversial new privacy policy breaches data laws, says EU — but search giant is going ahead anyway.” (Daily Mail)

Authorities say policy is hard to understand ‘even for trained privacy professionals’…
Google says ‘To pause now would cause confusion’… Users scramble to protect their data from search giant

Privacy groups and civil liberties groups are pushing hard, too. (Big Brother Watch)

“Google is putting advertisers’ interests before user privacy and should not be rushing ahead before the public understand what the changes will mean.”

And a number of prominent figures in the industry are making their feelings public, too. Chris Dixon, co-founder of Hunch and the Founder Collective,says he’s deleted his web history:

New York Times columnist Nick Bilton, meanwhile, linked to a guide to deleting your data from the Electronic Frontier Foundation:

While some suggested they might quit Google for good, Dr Tom Keenan, a professor at the University of Calgary, told Global News that Google’s opt-outs meant little in a world where Google was dominant in so many areas.

If you want to get completely out of the Google world, they have this funny thing, the Data Liberation Front. It will actually allow you to liberate your data and get it out of Google. But where are you going to take it? That’s the question. Everybody uses Google.

Even the Japanese government decided to get involved, with the ministry of trade and industry warning that Google needed to be prepared to address concerns. (Reuters)

“It is important for the firm to be flexible by providing necessary additional explanations or measures to address actual user concerns or requests also after March 1.”

7 Responses to “What the web is saying about Google’s privacy policy”

  1. you should conduct a poll here to see how many regular users actually care. I for instance welcome this. I would say Im a heavy Google user and I’ve been frustrated that there is no good linking between these various google properties

  2. ronald

    Google was/is pretty dumb in their communication.
    If one wants smarter systems, say like conversational systems, one needs context. Means a lot of data has to be organized for you.

    What do they explain, we get better advertising. Whoooohoo.

    Also the press nor Google didn’t explain if one uses an none Web email. One doesn’t have to be logged in all the time on the web. Which enables most of the tracking, combine that with blocking 3rd party cookies and Google “knows” very little.

    Google needs a new PR department with some clue about what information is and how its processed.

  3. Bean Cube

    People shouldn’t use real personal information in the first place. Nobody should use their real identity for casual web surfing. It is the most basic online security.

  4. As social medias and online platforms become our primary mode of communication, the protection of our shared content becomes ever more important. I wouldn’t be surprised if we see governments stepping in more and more in the future.

    The security of social and non-social communication platforms should be as private and protected as snail mail was in the past. It is illegal to open and read another person’s mail. It should be illegal for gmail to record and use info from multiple platforms in the first place. I am not a fan of tailored advertising.