February 23, 2012

LAST YEAR, GOOGLE entered into a settlement with the Federal Trade Commission over allegedly deceptive practices involving its Google Buzz social network. Last month — about the time when the European Commission was contemplating stronger protections for personal data on the Web — the Internet behemoth unveiled a new privacy policy. The announcement has not been universally applauded: The European Union has since asked Google to put the new policy on hold, and a group of Internet privacy advocates filed suit to force FTC scrutiny. This week, 36 attorneys general, including those from Maryland and the District of Columbia, raised their voices in complaint, and the Obama administration unfurled a voluntary “consumer bill of rights” that puts Google and others on notice.

Come March 1, Google will consolidate the privacy policies for some 60 products and introduce one unified privacy protocol that will allow it to share information across its programs and applications.

The company notes that it already collects — although it doesn’t amalgamate — this information and that none of it will be shared outside the company. It has also done an admirable job of notifying users about the change in policy.

Google says that a primary goal of its approach is to simplify and enhance the Google experience, including by matching users with ads that should be of greater interest to them. For example, someone logged in to his Google e-mail account who then uses Google’s search engine to research automobiles may be on the receiving end of an e-mail or exposed to an ad alerting him to a sale at the car dealership down the block. This approach is also likely to increase revenue for Google, which makes money each time a user clicks on an ad.

Privacy advocates recoil at the thought of a giant Internet company weaving together information about a user’s every move and using the bundled information to benefit advertisers.

Government agencies and businesses concerned about leaks of confidential information will generally not be subject to the new data mining policy. They typically have the ability to negotiate specific security or privacy settings when they enter into contracts to use Google’s suite of programs and applications. Individual users do not have this option; Google thus far has resisted calls to allow an opt-out for individuals.

Google argues that users already can control their information through existing tools. Some users can avoid being trailed virtually by logging off of one Google program before using another. But this is cumbersome and defies Google’s stated goal of simplifying the user experience. Most users may welcome the new policy, but for those who do not, Google should work to make it as easy as it now is for business and government entities to shield themselves from unwanted ads or potential security breaches.