HARRISBURG – In a letter to Google Chief Executive Larry Page, Pennsylvania Attorney General Linda Kelly, joined by 35 Attorneys General from across the United States, outlined multiple concerns with recently announced changes to Google’s Privacy Policy that is scheduled to automatically go into effect for all users of Google products and services on March 1, 2012.
“This policy change threatens the privacy of those users of various Google products who wish to keep various parts of their online experience separate,” Kelly said. “It also has the potential to heighten the risk of damaging identity theft and fraud, given that Google will now be storing richer personal information profiles.”
Kelly said that under the new privacy policy, Google gives itself the freedom to combine users’ personal information from services like Web History and YouTube with all other Google Products, and precludes existing users from opting out of this policy change without opting out of the Google ecosystem entirely.
“We are deeply concerned about Google’s effort to force this major privacy change on consumers without giving them the opportunity to opt out,” Kelly said. “Google has billed itself as committed to meaningful privacy choices and we want to know why Google is not giving consumers the option of saying no to a privacy policy change of this magnitude.”
Kelly explained that the ramifications of the new privacy policy will be virtually impossible to avoid for millions of consumers who already use Android-powered smartphones, currently estimated to be 50 percent of the national smartphone market. Users of these smartphones must log in to Google to activate much of the functionality of their devices. They would now have to choose between either frequently logging in and out to avoid Google’s consolidation of their data, thus greatly reducing the efficiency of their smartphones, or replacing their smartphones at great personal expense.
Threats to consumers’ privacy go beyond the consolidation and use of personal data. Consolidated personal data profiles offer a tantalizing target for hackers and privacy thieves. In the letter to Google, Inc., the Attorneys General write:
“Those consumers who remain in the Google ecosystem may be making more of their personal information vulnerable to attack from hackers and identity thieves. Our offices litigate cases of identity fraud with regularity and it seems plain to us that Google’s privacy policy changes, which suggest your company’s intent to create richer personal data profiles, pose the risk of much more damaging cases of identity theft and fraud when that data is compromised, a risk that will grow as instances of computer hacking grow. With this newly consolidated bank of personal data, we foresee potentially more severe problems arising from any data breach.”
The Attorneys General recognize there may be many consumers who will welcome the consolidation and sharing of their personal information and data across multiple platforms. Unfortunately, many more consumers will either dislike the consolidation or not realize the potential harm that comes from it. Consumers deserve a full accounting of how this new privacy policy may impact them, and a meaningful opportunity to avoid being subjected to it.
Given the serious concerns expressed on behalf of those consumers, the Attorneys General have requested a meeting with Google Inc. CEO Larry Page as soon as possible. Mr. Page has been asked to reply no later than Wednesday, February 29.
The states and territories signing on to this letter are Arizona, Arkansas, California, Connecticut, Delaware, District of Columbia, Guam, Hawaii, Illinois, Indiana, Iowa, Kansas, Kentucky, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Montana, New Hampshire, New Mexico, New York, North Carolina, North Dakota, Northern Mariana Islands, Pennsylvania, Puerto Rico, Rhode Island, South Dakota, Tennessee, Texas, Utah, Vermont, Virgin Islands, and Washington.