As Google’s pervasively-invasive, track-to-target, advertising-ambitions continue to metastasize throughout people’s lives and physical space -- via contact lens monitoring, Google Glass recording, Nest home sensors, self-driving car tracking, Internet of things listening devices, etc. -- Google’s privacy promises simply don’t have credibility.
Recently, before announcing its content lens’ designed to monitor blood sugar levels, Google assured privacy advocates that “the data will never hit Google’s servers.”
After Google bought Nest, a home device monitoring company, Nest’s co-founder said “the data we collect is all about our products and improving them. If there were ever any changes whatsoever, we would be sure to be transparent about it, number one, and number two for you to opt-in to it…”
Unfortunately we have heard these Google privacy promises many times before, only to be badly disappointed when Google eventually breaks them.
Remember in 2010, the FTC ruled Google “violated its own privacy promises to consumers when it launched its social network, Google Buzz” by exposing private emails to the public by design. As a result, the FTC required Google to implement a comprehensive privacy compliance program. However, just after the ink dried on starting that compliance program, the FTC ruled that Google violated their public privacy promises yet again when it secretly bypassed Apple’s iPhone privacy settings to serve Google ads to Apple’s customers. The FTC levied a record privacy fine on Google for this deceptive privacy practice.
Sadly and ironically last week, EPIC had to complain yet again that Google+’s social network is violating these same privacy promises by exposing gMail private emails to strangers. This is a very similar social media privacy violation to the one that Google Buzz perpetrated, and that required a comprehensive privacy program that in turn was supposed to stop broken privacy promises just like this.
Also last week, the Canadian Privacy Authority found that Google violated its privacy promises in targeting people with health care ads based on health-sensitive search topics that should have been treated as private information under health privacy law.
This privacy violation of sensitive-health-information is particularly troubling given that this type of violation should have been prevented by the comprehensive compliance program Google was legally compelled to implement as part of its DOJ Non-Prosecution Agreement and $500 million DOJ penalty for knowingly advertising illegal drug imports over a period of years. An ongoing compliance privacy problem of this nature obviously indicates a weak Google commitment to complying with its privacy promises.
Even more disturbing, was Google’s inadequate response over the last few weeks to a Consumer Watchdog December letter to Google CEO Larry Page. That letter alerted Google to apparent online predators’ easy access to minors on Google+, and to Google continuing to refuse to protect the privacy and safety of minors by not allowing anyone, even parents of minors, to block predators from joining a minor’s Google+ circle.
Tellingly there is even more recent evidence of Google breaking its privacy promises.
Today, the EU’s Commissioner responsible for data privacy, Viviane Reding, complained about Google’s privacy violations saying: “Europeans have to get serious. If a company has broken the rules and failed to mend its ways, this should have serious consequences.” She was lamenting that EU countries have fined Google recently for violating EU privacy law and its privacy promises to EU consumers (France & Spain) to no avail. More Google privacy fines are expected soon from the Netherlands, Italy, the UK and Germany in hopes of somehow getting Google to abide by its privacy promises and privacy law.
Adding salt to the wound that Google does not live up to its EU privacy promises or respect EU privacy law, Google was arguing in a UK high court case last week that Google activities in the UK were not subject to UK privacy law because Google was headquartered in California.
In short, anyone who expects Google to keep its recent privacy promises related to various parts of the Internet of things, hasn’t been paying attention to how Google routinely has broken its past privacy promises to date.
***
Google's Disrespect for Privacy Series
Part 1: Why Google is the Biggest Threat to Americans' Privacy; House Testimony [7-18-08]
Part 2: Google Book Settlement "absolutely silent on user privacy" [8-31-09]
Part 3: Yet more evidence of Google's hostility to privacy [9-4-09]
Part 4: Google's Schmidt: "Because we say so" on trusting Google's Privacy Dashboard [11-6-09]
Part 5: Fact Checking Google's New Privacy Principles [1-28-10]
Part 6: Google's Privacy "Buzz" Saw [2-11-10]
Part 7: Exposing Google's Systemic Privacy Vulnerabilities [5-15-10]
Part 8: What Private Information Google Collects -- A One-Page Fact Sheet [5-24-10]
Part 9: What else does Google secretly track? Top 10 questions for privacy investigators [6-2-10]
Part 10: Google's "Total Information Awareness" Power - A one-page graphic [6-4-10]
Part 11: Americans want online privacy -- per new Zogby poll [6-8-10]
Part 12: Why Privacy Is an Antitrust Issue & Why Google is its Poster Child [7-22-10]
Part 13: Google's Deep Tracking Inspection -- a privacy nightmare [8-31-10]
Part 14: Why is the FTC AWOL on Google Privacy? [10-27-10]
Part 15: Why Google's Privacy Controls are a Joke -- Lessons for FTC/FCC [11-11-10]
Part 16: Google's No Privacy by Design Business Model [3-17-11]
Part 17: FTC-Google Privacy Settlement Takeaways [3-31-11]
Part 18: Google vs Apple: How Business Models Drive Disrespect vs. Respect for Privacy [5-6-11]
Part 19: Big Brother Inc. -- My Huffington Post Op-ed on Google & Privacy [5-24-11]
Part 20: "G-Male:" a very funny new Google privacy satire [9-7-11]
Part 21: Where's the Market for Online Privacy? [1-31-12]
Part 22: Google's Latest Privacy Scandal Spin - A Satire [2-17-12]
Part 23: Google's Top 35 Privacy Scandals [2-22-12]
Part 24: Google's Privacy Excuse Algorithm Team - a Satire [3-16-12]
Part 25: Google's Privacy Rap Sheet [6-14-12]
Part 26: Why FTC's $22.5m Google Privacy-Fine is Faux Accountability [7-12-12]
Part 27: Google's Top Ten Anti-Privacy Quotes [10-15-12]
Part 28: The Unique Google Privacy Problem -- Korean Privacy Council in Seoul [10-25-12]
Part 29: Google's Privacy Words vs. Google's Anti-Privacy Deeds [3-8-13]
Part 30: Google's Privacy Rap Sheet: Fact-Checking Google's Claims on Privacy [3-13-13]
Part 31: Google's Creepy Glass-arazzi? [3-14-13]
Part 32: Six EU nations Revolt over Google's Virtual Colonialization of their Private Data [4-5-13]
Part 33: Big Brother Inc. - a One-page Graphic [6-10-13]
Part 34: Google Spy [7-8-13]
Part 35: Google's SpyGlass - Google's Big Rest-of-World Trust Problem [9-9-13]
Part 36: Video: Why Google's WiSpy Wiretapping is Now Class Action Catnip [9-16-13]
Part 37: Are Google Glass’ Recordings Illegal Wiretapping Too? [12-9-13]
