Google’s privacy whitewash

If we could introduce a single German word to the American public, it should be Datenkrake. It translates literally to “data octopus,” and it’s what privacy activists in Germany call the data giants of the Internet: Google, Facebook, Amazon and other well-known firms.

Germans appear on the whole more concerned about threats to their privacy than Americans. That’s understandable in a country where the Gestapo and the Stasi used to permeate all parts of public and private life. And the fact that Datenkraken tend to be American companies probably stokes more fear abroad than here at home. They may be data octopuses, but they’re our data octopuses.

That’s not to say that Americans aren’t concerned at all. According to a recent Pew survey, an overwhelming majority of Americans are concerned about privacy but feel they lack the tools to protect themselves.

Last week Google and Facebook announced new privacy settings. Facebook said users could set up encrypted emails and Google put its privacy controls for users in one place called “My Account” instead of with each individual Google product. It seemed as though the data giants might finally be ready to put our privacy worries to rest. Unfortunately, that’s not the case.

To Google’s credit, it put its privacy controls into a simple interface. Users won’t have to figure out how to find separate controls for Gmail, Maps, Youtube and Search. So in theory at least, the move should make it easier for users to turn on and off controls for ad settings.

What’s more important is what Google doesn’t say. Behind all the new features and vague reassurances on their website, its privacy policy didn’t change. And that policy doesn’t protect your rights — it’s written to protect Google.

Google can collect whatever data it wants, in whatever way it wants, and use it however it wants, with a few exceptions that can fairly be called trivial. There’s precious little you can rely on in Google’s privacy policy.

Google does say one thing straight up: It won’t sell your data. That’s nice to know, but what about disclosing it, renting it, or using it on an advertiser’s or other paying customer’s behalf? All that is fair game, according to the current policy.

Google has created an enviable business. The company acts as middleman between what we say we want — our searches — and the answers and advertising we get in exchange. And it’s free. But somebody has to pay Google’s 50,000 employees and buy the expensive equipment required. That money comes mainly from advertisers. And guess where the advertisers get the money to pay Google? That would be you. Companies pay for online ads because they work, and they work because we give the companies our dollars.  

Which is why we have a Datenkrake problem. If Google is getting paid to help sell us stuff, isn’t it unsettling that its tentacles extend into our personal searches, and our lives? Any economist will tell you that superior information is a big advantage in the marketplace. And it’s pretty obvious that the superior information is in Google’s hands, not yours.

You’ll never know exactly why they showed you one ad over another, or whether the price you’re offered is the same as what others see. Research shows that some companies already set prices based on personal data, rather than offering everyone the same deal.

So before Americans start building giant plastic cephalopods and parading against Google, wouldn’t it make sense for Google to head off our privacy concerns? As an undisputed leader among Internet companies, Google could seize the opportunity to be not just used, but trusted. All it takes is a single, clear commitment not to use our data against us. By invoking established principles of agency and loyalty, Google could assure users that their interest comes first, and advertisers won’t use all that data at the expense of consumers. Anything less just looks like whitewash.