Column Here we go again. Google, that universal vacuum of all data created by humanity, can't seem to swim within the lane carefully laid out for it by regulators.

With its ubiquitous tracking data attached to nearly every action on the commercial web – via a hidden "Push Page" – browser maker Brave asserts that Google has violated the intent of the EU's GDPR legislation, creating only just enough anonymity to let every Google partner do a bit of quick work with their databases – and voila! That protection of privacy vanishes.

But wait, there's more: Google just paid a $170m fine for hoovering up the info of children, because – as both Jesuits and advertisers know – you gotta get 'em while they're young. Neither of these "erosions" of personal privacy happened accidentally. Each required design, engineering, testing and deployment. Yet at no point along the way did any Googler involved in this say, "Hey, just a minute here!" and stop these – and too many other outrages to mention here – from happening.

Let's be honest, and admit something Google can't: like a crack addict doing anything for its next data fix, Google cannot stop misbehaving. It does not know how to stop. Years and years of getting high have robbed it of any capacity to make ethical decisions that favour the privacy and agency of its users.

So it's time for an intervention.

I've recently learned that we've been here before. At another time in history, privacy issues so overwhelmed an industry that regulators intervened to save both that industry and preserve the agency of its customers.

That industry was banking.

One hundred and fifty years ago, in the aftermath of the US Civil War, as the Reconstruction-era economy grew explosively – giving birth to the US as an economic superpower – American banks had deep insight into their customer's activities, through their cheques. A cheque reveals a lot about a business and its customers – how much they're spending, when, and with whom. Even in an age before computers and analytics, that data would have proven immensely valuable. A bank could take that data and weaponise it, going into competition against their customers, or favouring one customer with the insights gained from another.

That possibility threatened the integrity of the entire US banking system: if one bank could misbehave, undermining customers in its favour, how could any business trust any bank? Without banking, businesses can't trade and can't grow, and can't protect their earnings. Something had to be done – so the US Congress (at the height of the Gilded Age, a notoriously laissez-faire period in US politics) intervened comprehensively with a series of laws forbidding banks from making any use of the payments data passing through them. Under this legislation, banks could handle the payment, but they couldn't learn from them. This saved US banks from the temptation of weaponised data, and kept the US on track to become the world's banker following the World Wars.

A river of user data and not a drop to drink

We now need a direct legislative analogy for Google, Facebook, and every other firm that attempts to profit from the user data flowing through it. Google offers a free search service, and monetises that through advertising, so does it actually need to see more than a search term to place a relevant ad? No. But it has learned how to multiply the value of those searches, tracking and profiling every user in nearly every commercial web activity. Google doesn't just serve up searches – it serves up users, based on their searches, and tells us that's all part of making the service better for those users.

Google Pixel 2 XL: Like paying Apple-tier prices then saying, hey, please help yourself to my data READ MORE

Poppycock. That makes the service better for Google's shareholders, but it's based on Google's presumption that it can spy on this search information, weaponise it, and sell it to advertisers. It needn't be that way, and – as these infractions multiply and amplify – it will increasingly be seen that it mustn't be that way.

Dependent on effective search to help us navigate the unknowable richness of the web, every request places us further into a bind of Google's making, an expropriation of privacy effectively resulting in the web becoming less alluring. On current trend, it won't be long until Google is seen as the moral equivalent of Facebook – utterly corrupt and to be avoided whenever possible.

At this moment, regulators can save the third most valuable company in the world – from itself. Law can mandate that search data remains entirely private: never stored, profiled or sold. That would hit Google's revenues, but a papercut-like sting would heal quickly, bringing Google back into rude health, and possibly giving it a stronger trust relationship with its billions of users. Without that intervention, Google will simply keep hitting the user data pipe until it hits rock bottom. ®

Soon after this column was published, dozens of US state attorneys general announced an antitrust probe into Google.