Attorneys General challenge Google's privacy policy

Thirty-six US state Attorneys General have written to Google CEO Larry Page raising concerns over the search giant’s upcoming privacy policy update and its impact on fraud and security.

The latest complaint comes as the search giant prepares to launch its new privacy policy on March 1, allowing it to internally share information about signed-in account holders across multiple services - for example, Gmail and YouTube.

The search giant earlier this month faced calls from European data protection authorities to put a hold on the rollout until an investigation into its likely impact was conducted.

The US state Attorneys General say they have “strong concerns” about the proposed change, focusing on the lack of a “proper ability to opt out” of the new information sharing Google will do.

“Google’s new privacy policy is troubling for a number of reasons. On a fundamental level, the policy appears to invade consumer privacy by automatically sharing personal information consumers input into one Google product with all Google products,” the letter reads [pdf].

Connecticut Attorney General George Jepson said it made Google a more attractive target to hackers.

“This not only raises personal privacy issues, but it makes the collected personal information an attractive target for hackers and identity thieves,” Jepsen said.

“Google has not given users a real choice to participate and the policy makes it practically impossible to opt out, short of exiting all Google services.”

Some of the complaints Google has already dealt with, such as the Attorneys General concerns that the policy will impact the security and privacy of its Google Apps for enterprise and Government customers.

Google has said that contractual obligations under those agreements would not change after it brings in the new policy.

The company earlier this month responded to questions raised by several members of US Congress. However, the Attorneys General said these explanations only raised more concerns.

“[W]hile we appreciate your efforts to inform elected officials and other members of the public, the letters have  not allayed our concerns regarding the multiple issues discussed above. Indeed, they have raised as many questions as they have answered,” they wrote.

Google maintains that controlling privacy will be made simpler under the policy.

“Our updated Privacy Policy will make our privacy practices easier to understand, and it reflects our desire to create a seamless experience for our signed-in users,” a company spokesperson told the Wall Street Journal’s All Things Digital blog.

“We’ve undertaken the most extensive notification effort in Google’s history, and we’re continuing to offer choice and control over how people use our services services. Of course we are happy to discuss this approach with regulators globally.”