Google posted to its Public Policy blog this morning to emphasize the point that they are changing their privacy policies, not their privacy controls, and to share a letter the company wrote to members of congress.
Specific members include: Cliff Steams, Joe Barton, Marsha Blackburn, G.K. Butterfield, Henry Waxman, Edward Markey, Diana DeGette and Jackie Spier.
In the blog post, Google reminds people of five points:
- We’re still keeping your private information private — we’re not changing the visibility of any information you have stored with Google.
- We’re still allowing you to do searches, watch videos on YouTube, get driving directions on Google Maps, and perform other tasks without signing into a Google Account.
- We’re still offering you choice and control through privacy tools like Google Dashboard and Ads Preferences Manager that help you understand and manage your data.
- We still won’t sell your personal information to advertisers.
- We’re still offering data liberation if you’d prefer to close your Google Account and take your data elsewhere.
There are some more specifics about the control Google offers users in the letter.
In the letter, Google notes that the old policies have restricted the company’s ability to combine info within an account for web history (search history for signed in users) and YouTube. “For example, if a user is signed in and searching Google for cooking recipes, our current privacy policies wouldn’t let us recommend cooking videos when she visits YouTube based on her searches – even though she was signed into the same Google Account when using both Google Search and YouTube,” Google says in the letter.
Below is the full text of the letter:
Dear Members of Congress:
Thank you for your letter of January 26, 2012 about Google’s plans to update our privacy policies by consolidating them into one document that is publicly available on our site at www.google.com/policies/privacy/preview.
We’re pleased to answer your questions, and we welcome the opportunity to correct some of the misconceptions that have been circulated about our updated privacy policy.
Some have expressed concern about whether consumers can opt out of our updated privacy policy. We understand the question at the heart of this concern. We believe that the relevant issue is whether users have choices about how their data is collected and used. Google’s privacy policy – like that of other companies – is a document that applies to all consumers using our products and services. However, we have built meaningful privacy controls into our products, and we are committed to continue offering those choices in the future.
There are several other key points that we appreciate the chance to clarify:
- Our approach to privacy has not changed. We’ll continue to focus on providing transparency, control, and security to our users. In fact, the announcement of changes to our privacy policy is a great example of our effort to lead the industry in transparency. It’s been the most extensive user notification effort in Google’s history – including promotions on our homepage, emails to our users, just-in-time notifications, and more – to ensure that our users have many opportunities to learn about these changes.
- Google users continue to have choice and control. The main change in the updated privacy policy is for users signed into Google Accounts. Individuals don’t need to sign in to use many of our services including Search, Maps, and YouTube. If a user is signed in, she can still edit or turn off her search history, switch Gmail chat to ―off the record,‖ control the way Google tailors ads to her interests using our Ads Preferences Manager, use Incognito mode on Chrome, or use any of the other privacy tools we offer. These privacy tools are listed at www.google.com/privacy/tools.
- The privacy policy changes don’t affect our users’ existing privacy settings. If a user has already used our privacy tools to opt out of personalized search or ads, for example, she will remain opted out.
- Our users’ private information remains private. The updated privacy policy does not change the visibility of any information a user has stored with Google. The update is about making our services more useful for that individual user, not about making information visible to third parties.
- We’re not collecting any new or additional data about users. Our updated privacy policy simply makes it clear that we use data to refine and improve our users’ experiences on Google – whichever services they use. This is something we have already done for a long time for many of our products.
- We are not selling our users’ data. We do not sell users’ personally identifiable information, and that will not change under the updated privacy policy.
- Our users can use as much or as little of Google as they want. For example, a user might have a Google Account and choose to use Gmail, but not use Google+. Or she could keep her data separated with different accounts – for example, one for YouTube and another for Gmail.
- We will continue to offer our data liberation tools. Our users will continue to have the ability to take their information elsewhere quickly and simply (more information about data liberation is available at www.dataliberation.org).
There are two reasons why we’re updating our privacy policies: to make them simpler and more
understandable, and to improve the user experience across Google.
The first reason is simplicity. Google started out in 1998 as a search engine, but since then, like other technology companies, we’ve added a whole range of different services. Gmail, Google Maps, Google Apps, Blogger, Chrome, Android, YouTube, and Google+ are just a few of our many services now used by millions of people around the world.
Historically when we launched (or acquired) a new service, we added a new privacy policy, or left the existing one for that service in place. This approach eventually created a wide range of policies.
In September 2010, we took a first step toward simplifying these policies by folding a dozen service-specific notices into our main Privacy Policy. But that still left more than 70 notices. So last week we announced that we’ve re written our main Google Privacy Policy to make it much more readable, while incorporating most of our existing service specific privacy notices. This now gives users one comprehensive document that outlines our privacy commitments across our services.
Regulators globally have been calling for shorter, simpler privacy policies, and we’ve received good feedback from several agencies since last week’s announcement. For example, Ann Cavoukian, the Information and Privacy Commissioner for Ontario, Canada, who is credited with the concept of ―Privacy by Design,‖ recently said about our new Privacy Policy, ―By pulling it all together into one central location and simplifying it, it makes it much more accessible and user friendly. So I think this is a positive development.
The second reason is to create a better user experience. Generally speaking, the main Google Privacy Policy applies across Google, allowing data to be used generally to improve our services, unless it is limited by a specific restriction in the privacy notice for a particular service. Most of our privacy policies have traditionally allowed us to combine information gathered in connection with one service with information from other services when users are signed into their Google Accounts. By combining information within a user’s account we can improve their experience across Google.
For example, today we make it easy for a signed-in user to immediately add an appointment to her Calendar when a message in Gmail looks like it’s about a meeting. As a signed-in user she can also read a Google Docs document right in her Gmail, rather than having to leave Gmail to read the document. Our ability to share information for one account across services also allows signed-in users to use Google+’s sharing feature – called ―circles‖ – to send directions to family and friends without leaving Google Maps. And a signed-in user can use her Gmail address book to auto-complete an email address when she’s inviting someone to work on a Google Docs document. These are just a few examples of how we make our users’ experience seamless and easy by allowing information sharing among services when users are signed into their Google Accounts.
However, our privacy policies have restricted our ability to combine information within an account for two services: Web History, which is search history for signed-in users, and YouTube, the video-sharing service we acquired in 2007. (We had not updated YouTube’s original privacy policy to include Google, with the result that Google could share information with YouTube, but not vice versa.) For example, if a user is signed in and searching Google for cooking recipes, our current privacy policies wouldn’t let us recommend cooking videos when she visits YouTube based on her searches – even though she was signed into the same Google Account when using both Google Search and YouTube.
This kind of simple, intuitive experience across Google benefits our signed-in users by making things easier and letting them find useful information more quickly. Indeed, we often get suggestions from users about how to better integrate our services so that they work together more seamlessly. So our updated privacy policy makes it clear in one comprehensive document that, if a user is signed in, we may combine information she has provided from one service with information from our other services. We’ll treat that user as a single entity across all our services, which will mean a simpler, more intuitive Google experience.
We hope this overview of our updated privacy policy, together with our attached answers to your specific questions, will address your concerns. However, if you would like to discuss this further, please let us know.
Sincerely,
Pablo Chavez
Director of Public Policy
Google Inc.