Saturday, February 4, 2012

The new Google Privacy Policy

             A lot of talk is going on these days regarding the changes in the “Google Privacy Policy”. I thought of going through the privacy policy and decided to share my understanding with you all.

             This Google Privacy Policy applies to all of the services offered by Google Inc. and its affiliates, including services offered on other sites (such as Google’s advertising services), but excludes services that have separate privacy policies that do not incorporate this Privacy Policy. This clearly means that, though the new Privacy Policy is more generic and user understandable than its previous versions, it does not state any details for individual services offered by Google. All Google services like Google Maps, Google Earth, Google Gears, etc. which have their own privacy policies, may not share a lot of policies from this more generic Google Privacy Policy. Privacy policies of these Google services will state their own, more service relevant policies.

          I have tried to keep the content as simple as possible and have also tried to not make it boring…What follows are the highlights of the new “Google Privacy Policy” that will be coming in effect from March 1, 2012.

The “Google Privacy Policy” explains 3 key points:
  • What information Google collects and why it collects that information.
  • How Google uses this information. 
  • The choices that Google offers to users, including how to access and update the information.

Let’s have a look at each of these points in further details.

Information that Google collects
Google collects information in 2 ways:
·         Information that the users provide. Several of Google’s services require the user to sign up for a Google Account, where the user is required to provide information like name, email address, phone number or even a credit card number in some cases, e.g. when you are signing up for a Google Maps API Premier (licensed) service or for any other licensed Google service. If the user wishes to take full advantage of the sharing features that Google provides, then the user might have to create a publicly visible Google Profile with a photo and name.


·         Information that Google gathers from the users’ use of various Google services. Google may collect the information about how and which service is being used by the user. For example, if the user visits a website using the Google Ads services and interact with the ads there, then Google may keep a log of the nature of ads clicked to get you more relevant ads the next time you visit the same website. Let’s take a detailed look into what all information Google gathers:
o   Device Information
Google may collect device-specific information (such as the user’s hardware model, operating system version, unique device identifiers, and mobile network information including phone number). Google may associate the user’s device identifiers or phone number with his/her Google Account.

o   Log Information
When a user uses a Google service or views content provided by Google, Google may automatically collect and store certain user information in server logs. This information is generally in the following format.

123.45.67.89 - 25/Mar/2003 10:15:32 -
      http://www.google.com/search?q=cars -
      Firefox 1.0.7; Windows NT 5.1 - 740674ce2123e969

Here, you can see that this information includes the user’s IP, the date and time of accessing Google search page, the search query, the type of browser and local browser language, user’s OS and the unique cookie ID. Google may also maintain telephony log information like the user’s phone number, calling-party number, forwarding numbers, time and date of calls, duration of calls, SMS routing information and types of calls. This information is usually gathered when a user is using the Google Voice service.

o   Location Information
When a user uses a location-enabled Google service, Google may collect and process information about the user’s actual location, like GPS signals sent by a mobile device. Google may also use various technologies to determine location, such as sensor data from the device that may, for example, provide information on nearby Wi-Fi access points and cell towers. This sort of information is maintained by Google to show search results using the Places API service, where the user can search for a place near his/her current location using some keyword like “garage”.

                         


o   Unique Application Numbers
Certain services like Google Earth, Picasa, Google Desktop, etc. include a unique application number which bears the information about the user’s installation (for example, the operating system type and application version number) and this information may be sent to Google when the user installs or uninstalls that service or when that service periodically contacts Google’s servers for automatic updates. Another example is when a user wants to download chrome , Google Gears, Lively or Google Earth’s plug-in, Google first downloads a small setup file that needs an internet connection to obtain the actual software.

o   Local Storage, Cookies and Anonymous Identifiers
Google may collect and store information (including personal information) locally on the user’s device using mechanisms such as browser web storage (including HTML 5) and application data caches. When a user accesses a Google service, Google may send one or more cookies and anonymous identifiers – “A random string of characters that is used for the same purposes as a cookie on platforms, including certain mobile devices, where cookie technology is not available.” Google uses these cookies and identifiers, also when a user interacts with services that Google offers to its partners such as the advertising services.

How Google uses and shares the information it collects
          Google uses all the information collected from the user to provide the user with tailored content to make the user’s Google experience better. The other thing that they do use this information is to provide, maintain, protect and improve the existing Google services and also generate new services. Google may combine a user’s information provided for one service with all other services that he/she uses thereafter. Google does not share any sort of personal information of any user with anybody outside Google, unless under following circumstances:
  • The user has provided opt-in consent on sharing the information. 
  •  If the user’s Google account is managed by a domain administrator (usually in case of Google Apps users) then the domain administrator and resellers who provide user support to the user’s organization will have access to the user’s Google Account information (including your email and other data). 
  •  Google provides personal information to its affiliates or other trusted businesses or persons to process it for them, based on Google’s instruction and in compliance with a Privacy Policy and any other appropriate confidentiality and security measures. 
  •  Google will share personal information with companies, organizations or individuals outside of Google if they have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
§  meet any applicable law, regulation, legal process or enforceable governmental request.
§  enforce applicable Terms of Service, including investigation of potential violations.
§   detect, prevent, or otherwise address fraud, security or technical issues.
§  protect against harm to the rights, property or safety of Google, our users or the public as required or permitted by law.
  • Google may share aggregated, non-personally identifiable information publicly and with their partners – like publishers, advertisers or connected sites. This information is usually used to share trends of use of a particular Google service or to bloggers to show the trend of users from various regions across the globe that access the blog, trends of the OS these visitors use, etc. Google trends usually appear as seen in the image below.

 
Google strives to maintain transparency in their privacy settings and hence allows the user to control the privacy of his/her content and information.

Information the user shares
          Several Google services like Google office, Google Fusion Tables allow the users to share information with others users. If this content is shared publicly, then it would become indexable by search engines. However, Google services provide various options on sharing and deleting the data.
If this post has helped you, leave a comment or show your love by liking the Spatial Unlimited Facebook page. You could even consider buying me a coffe! Till next time; happy coding!