It Shouldn't Take a Letter from Congress for Google to Give Straight Answers About Privacy Policy Changes

Last week, Google announced a new, simplified privacy policy. They did a great job of informing users that the privacy policy had been changed through emails and notifications, and several experts (including Ontario’s Privacy Commissioner Dr. Ann Cavoukian) have praised the shift toward a simpler, more unified policy. Unfortunately, while the policy might be easier to understand, Google did a less impressive job of publicly explaining what in the policy had actually been changed. In fact, it took a letter from eight Representatives to persuade them to provide straightforward answers to the public about their new policy.

Here’s what you need to know about the substantive changes in the new policy:

Up until March 1, 2012, the data Google collected on you when you used YouTube was carefully cabined away from your other Google products. So, in effect, Google could use data they collected on YouTube to improve and customize the users’ YouTube experience, but couldn’t use the data to customize and improve user experience on, say, Google+. The same siloing took place for your search history. Previously, Google search data was kept separate from other products. Even when users were logged in, Google promised not to share the information they gathered about you from your Google search history when customizing their other products. Considering how uniquely sensitive user search history can be (indicating vital facts about your location, interests, age, sexual orientation, religion, health concerns, and much more), this was an important privacy protection.

The new privacy policy removes the separation between YouTube, Google search, and other Google products. By describing the change as "treat[ing] you as a single user," Google intends to remove the privacy-protective separations from YouTube and Google search

Unfortunately, Google’s original explanation left much to be desired. The policy’s overview page said nothing about the substantive changes that were occurring in the policy, and the FAQ was equally vague:

What’s different about the new Privacy Policy? First, we’ve rewritten the main Google Privacy Policy from top to bottom to be simpler and more readable. The new policy replaces more than 60 existing product-specific privacy documents. This all should make it easier for you to learn about what data we collect and how we use it. Second, the new policy reflects our efforts to create one beautifully simple, intuitive user experience across Google. It makes clear that, if you have a Google Account and are signed in, we may combine information you’ve provided from one service with information from other services. In short, we can treat you as a single user across all our products.

"Beautifully simple" and the ability to "treat you as a single user" don’t actually get at the kernel of what changed: that they are specifically enacting a change to how they treat data they collect through YouTube and search history. To be clear, they aren’t collecting more information, but they are sharing that information in a new way.

We were heartened to see the letter and Q&A Google published yesterday in response to the questions from Congress in which they gave straight answers about their new policy. They stated:

Specifically, our policies meant that we couldn’t combine data from YouTube and search history with other Google products and services to make them better. So if a user who likes to cook searches for recipes on Google, we are not able to recommend cooking videos when that user visits YouTube, even though he is signed in to the same Google Account when using both.

This is a great deal clearer than their original notification, so we applaud that. It’s unfortunate that it took a letter from Congress to get them to give the public straightforward explanations.

For individuals who would like to continue using Google products, but want to create some type of silo between Google search, YouTube, and other products, there is an option to set up multiple Google accounts. Users can set up two or more accounts as long as they have different Gmail addresses; however, individuals using this strategy to protect their privacy should be careful not to commingle-consider using separate browsers for each of your Google accounts. To be extra careful, users might want to use the Data Liberation tool to grab a copy of all of their data from a particular Google product, delete the data from the original account, and then upload that data onto the new account. For example, an individual might set up a secondary Google account for browsing and sharing YouTube videos. She could then download all of her existing YouTube videos to her computer, delete them from her primary Google profile, and then use a separate browser to upload them to a new secondary Google account. Unfortunately, this is a somewhat laborious process. To help users who wish to keep separate accounts, Google should make the process simpler and easier.

Users who are concerned about search privacy can find additional advice in our whitepaper: 6 Tips to Protect Your Search Privacy.