top of page
Writer's pictureFahad H

Google’s New Terms Of Service & Privacy Policy: Anything You Do May Be Used To Target You


It sounds like the Miranda warning so familiar to those who watch US cop shows: “Anything you can and do will be held against you in a court of law.” On March 1, Google has a new privacy policy and terms of service that goes into effect. Anything you do on Google, under these new agreements, can and may be used to target you in a court of Google, so to speak.

In many ways, this is Google growing up into the new portal it has become. Rather than people signing up for individual products, Gmail, YouTube and so on, they’re now signing-up for Google — or at least a single set of terms (in most cases) for all the company’s products. It’s similar to how you sign-up for Facebook, rather than individual products within Facebook.

Good News: One(ish) Privacy Policy to Rule Them All

The good news is there’s a lot to love about the idea that Google is consolidating more than 70 different privacy policies into a single overall document. That should make it easier for concerned consumers to better understand what data is collected and protected, when they use a Google product. From Google’s post about the coming changes:

We still have more than 70 (yes, you read right … 70) privacy documents covering all of our different products. This approach is somewhat complicated. It’s also at odds with our efforts to integrate our different products more closely so that we can create a beautifully simple, intuitive user experience across Google. So we’re rolling out a new main privacy policy that covers the majority of our products and explains what information we collect, and how we use it, in a much more readable way. While we’ve had to keep a handful of separate privacy notices for legal and other reasons, we’re consolidating more than 60 into our main Privacy Policy.

Separate privacy policies will be retained for a few products, such as Google Books and the Google Chrome browser. From Google’s FAQ page about the coming changes:

In some cases, such as for financial services like Google Wallet, a product may be regulated by industry-specific privacy laws and require detailed descriptions of our practices. In others, like Chrome, we simply wanted to explain our privacy practices specific to those products in more detail. In these cases we chose to keep product-specific notices rather than clutter up the main Privacy Policy.

Google has multiple terms of services for its various products. These are also being consolidated and rewritten in a way that Google hopes makes for easier reading.

The Right To Combine Information

What’s not to like? Potentially, the fact that Google is granting itself more rights to combine what you do when using one Google product into another one. Again, from the blog post:

The main change is for users with Google Accounts. Our new Privacy Policy makes clear that, if you’re signed in, we may combine information you’ve provided from one service with information from other services. In short, we’ll treat you as a single user across all our products, which will mean a simpler, more intuitive Google experience.

For example, if you’ve been doing some web searches, then head over to browse videos at YouTube, currently, Google’s various privacy policies don’t allow it to use your search history to suggest videos. Instead, YouTube suggestions would only be generated after you started searching there.

Can Do & Will Do Are Two Different Things

With this new change, Google can take your search history and make these type of recommendations. Potentially, it can use that search history to do other things, such as allow advertisers to target you based on what you’ve searched on as you surf the web — something Google currently does not do.

And potentially, Google already has all the rights it needs to do this. That’s another important point. Just giving itself rights doesn’t mean that Google will use them to do everything. In fact, the new Google privacy policy has this language:

We will not combine DoubleClick cookie information with personally identifiable information unless we have your opt-in consent.

The DoubleClick cookie is used for retargeting (also called remarketing). This type of restriction was already part of the current ad privacy policy, and it’s being retained.

Still, you can expect the seemingly expanded rights will no doubt raise concerns and criticisms. You can also expect some close-read before-and-after analysis to appear in the coming days (and we’ll postscript to these).

What Exactly Is Information?

Another key issue is what Google considers to be “information.” I’ve only been able to skim through the new privacy policy so far, but it seems focused on information that people provide directly, or what they do while using a service, rather than the data that the service itself collects.

For example, if you sign-up for a Gmail account, this is all information that Google collects:

  1. Your personal details

  2. Your contact list

  3. Your actual emails

With this change, you can imagine that it makes sense that Google would want to take your personal details and combine those into a public Google+ account, if you later choose to open one. Users might like that, too.

You can also imagine that it makes sense that Google might want to have your contact list be combined into your Google+ account, if you later choose to open one. Users might also like that.

But about about the information within your emails themselves. We’re used to that being used to show us ads within Gmail. But does this now mean that information can be used to show us ads in regular web search? Or at YouTube? Or as we surf the web?

Similarly, if someone uses Google Analytics, Google gathers information about their web site. Does that information get to be combined with a site’s Google+ page? Does it get to be shared with Google’s web search team, for use in its ranking algorithms?

As it turns out, Google Analytics data isn’t being shared in this way, as a post from the Google Analytics blog clarifies:

Just as it was before, your website’s data is governed by the data sharing settings, which you control directly. You can still choose how much, if any, of your website’s data to share with Google to help us improve our products, provide anonymous, aggregate statistics, or make enhanced features like Conversion Optimizer available to you. Your website data will not be used for purposes other than those that you specify in your settings, which you may change at any time. You can find more information about data sharing settings here.

These are all questions where having separate, product-specific privacy policies and terms can be helpful.

Product Settings Versus Privacy Language

These are also cases where the privacy policies will have less to do than the options that products themselves allow.

For instance, while Google might give itself the right to combine Gmail and Google+ information, users still might be asked if they want to allow some types of combining through account setting controls. Or in Google Analytics, other options on how things can be shared or restricted might be offered — and in fact, are, as I’ve highlighted earlier.

In general, I’ve loved things like the Google Dashboard to help show at-a-glance what Google has collected about an individual. But with the forthcoming changes, the dashboard might have to be expanded, to allow more controls about how particular bits of data might be shared between Google services.

More Information

Google has a short video about the changes here:


You can also read more from Google on its blog post today or through its Policy & Principles site, which has links to its privacy policy, terms of service and a FAQ about the changes. See also related coverage on Techmeme.

0 views0 comments

Comments


bottom of page