Summary of Google’s Privacy Policy – March 2012

Disclaimer: I am not a lawyer and my views are simply my interpretation of information posted publicly by Google.  However, I think I put together a pretty good and easy to read intepretation of the new policy.

Google announced a new privacy policy the other day and characterized it as very user friendly because it combines more than 60 policies into a single policy.  I have to agree with that characterization.  One of the most important features of a privacy policy should be it’s transparency and having 60-some overlapping policies is not very transparent and pretty well impossible to read through.

One other significant change is that while you may have created accounts with special aliases to hide your identity, these are not necessarily anonymous anymore.  Google has be transitioned to a unified Google account where a single profile is attached to multiple services. Some or all Google services may replace your pseudonym  with your Google Profile account name and picture and make that information available publicly.  This has become part of the ‘Information you volunteered to Google’ [see below].

WHAT THEY COLLECT

  1. Information you volunteer to Google – Information you give Google when you sign up for a service like your name, email address, telephone number or credit card and possibly a publicly visible Google Profile, which may include your name and photo.
  2. Information Google learns while you use their services
    1. Device Information – such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number). Google is able to associate your device identifiers or phone number with your Google Account.
    2. Log information – Details of how you used a Google service, such as your search queries, IP Address, cookies, browser type, browser language, the date.  Some applications may log, device event information such as crashes, system activity, hardware settings.
    3. Log information – Details of how you used a Google service, such as your search queries, IP Address, cookies, browser type, browser language, the date.  Some applications may log, device event information such as crashes, system activity, hardware settings.
    4. Unique application number – Tracks Google application versions for automatic updates.
    5. Cookies – limited data is collected through cookies and shared with advertisers (opt-in consent for personal info)

WHO HAS THE ACCESS TO THE INFO

  • Google Employees – They say the information is distributed on a ‘need-to-know’ basis, but there are certainly some Google employees who have access to all of the information, sensitive and otherwise.
  • Companies Outside Google – may purchase information, but personal (confidential medical facts, racial or ethnic origins, political or religious beliefs or sexuality) information is not shared without your consent (opt-in)
  • External Processing Companies – companies that process the data for Google in accordance with Google privacy policies.
  • Law Enforcement/Govt. – Any enforceable governmental request or if are believed to have violated the Terms of Service.

TRANSPARENCY
In the interest of transparency Google offers these links to assist you to understanding the scope of the information stored and to control that information, in a limited way.

  1. Review Your Accounthttps://www.google.com/dashboard/?hl=en
  2. Advertising Managementhttps://www.google.com/settings/u/0/ads/preferences/?hl=en
  3. Edit Your Profilehttp://support.google.com/accounts/bin/answer.py?hl=en&answer=97706
  4. Control Your Circle of Friendshttp://support.google.com/plus/bin/static.py?hl=en&page=guide.cs&guide=1257347
  5. I want outhttp://www.dataliberation.org/

References:
ACLU Article hammering home the danger of targeted ads.

About Jay Farschman - Jay currently works as a Senior Systems Administrator for an asset management company in Colorado where he works with companies that produce hardware, telecommunications software and financial services.  Jay previously owned a consulting company and provided training and consulting services for three Fortune 500 companies and numerous small businesses where he leveraged Linux to provided exceptional value.