Earlier this year, in March, Google consolidated more than 70 different privacy policies into a single more unified policy that allowed it to combine user data from all Google properties into a single view. Google argued that it represented privacy simplification for users (which was true). However it also benefited Google with more insight into its users’ activities on the Google network, the ability to deliver more personalized search results and presumably enabled better ad targeting.
- Our approach to privacy has not changed.
- Google users continue to have choice and control.
- We’re not collecting any new or additional data about users.
- We are not selling our users’ data.
- Our users can use as much or as little of Google as they want.
- We will continue to offer our data liberation tools.
Assuming The Guardian’s report is accurate, it’s not clear what recourse Google might have in the matter. It’s also not clear whether there are “structural” changes that Google would need to implement (or re-establish) to un-do the new system. Clearly there are global implications here — though I don’t believe US regulators would come to the same position as the Europeans, who have much stricter privacy laws. (See Postscript II below for more detail on the European request.)
Postscript II: Reuters has some additional detail on what the Europeans will request. According to a letter obtained by the news agency:
Google must spell out its intentions and methods for combining data collected from its various services, and the web search giant must ask its users for explicit consent when bundling their data together, the regulators say in the letter sent to Google.