On Privacy Policies

Effective 1 March 2012, Google adjusted the terms of its privacy policy, affecting users of all its applications. There was no option to waive or deny these changes, aside from cancelling one’s accounts, which would still require the migration and/or deletion of emails, documents, and personally identifying information from Google’s servers. Further, the policy became homogenous across every service and product that Google offers. These were not unprecedented changes, as many End User License Agreements and other similar contracts assume that use of a product or service constitutes unmitigated acceptance of the provider’s terms. But this round of legalese brings two unique changes to discussions of privacy and openness. Ongoing lawsuits against Google (among other large technology providers) highlight the stakes of these discussions. Many of us are so deeply invested in the daily use of Google’s products and services — with or without knowing it — that the opportunity cost to simply find new information or technology providers seems to far outweigh any perceived offense on their part. Google’s legal and PR representatives know this. They took great care to frame the recent changes as matters of convenience, simplicity, and security, rather than in more complex and realistic terms.

Making the policy easy to read was not their only motivation. Though Google posted many on-screen notices, and even sent a mass email to all their users (a rare occurrence), the changes took many by surprise. More importantly, for those users who bothered to read the information made public about the change, Google only made available a brief overview of the policy, in layman’s terms, and a revised FAQ page — the actual terms and conditions were not linked from those pages, and were scarcely to be seen upon further inquiry. Once acquired, though, these terms reveal a curious shift in the way that Google will manage their relationship and responsibility towards their users. The shift — which deals with slippery phrases and ideas, such as identity and information — effectively both strips users of control over what happens to their digital footprints, and hides that control in Google’s prerogative to maintain a vast, persistent, and deeply centralized set of records. Since only Google can benefit from those records, and only users can be harmed by their use and abuse, the policy can seem to value privacy only when Google’s corporate interests are in question. So we enter the late stages of a technology monopoly’s rise: their consolidation of control over their users’ decision-making.

Turning to specific issues in the policy, we find a less obvious, but no less serious conundrum. It arises in the unexpected distinction between what counts for data, as opposed to information.

content vs information. sensitive personal info

content vs data. user uploaded content

what counts for which where determines what is sold and what is kept hidden. what is kept hidden is not deleted including server and search logs by ip addresss.

Leave a Reply

Your email address will not be published.