Google’s new advertising program tracks offline shoppers, violates privacy
2 August 2017
Privacy watchdog Electronic Privacy Information Center (EPIC) filed a formal complaint against Google before the Federal Trade Commission (FTC) Monday, alleging that Google’s new advertising program violates consumers' privacy. The complaint documents how Google’s new Store Sales Measurement (SSM) technique, which links offline purchases with online activity, poses grave privacy risks and is likely illegal.
SSM is Google’s new consumer profiling technique, and correlates offline purchases using credit and debit cards with online activity such as location searches. The technique, announced May 23, marks a qualitative increase in Google’s efforts to obtain and monetize information about its users.
Under SSM, Google takes information from undisclosed data brokerage firms and credit card companies and aggregates and anonymizes it using a proprietary algorithm. This data—which can include customers’ names, purchase location, purchase time and the amount of money spent—is then correlated to the information on Internet usage that Google has been accumulating and analyzing for years.
Through its search engine and other services, including YouTube, Gmail and Google Maps, Google can assess where its users are going, with whom they are communicating and what types of videos they are watching. This data, combined with information on how users interact with ads (for example, if they click on an ad preceding a YouTube video), provides a disturbingly thorough picture of users’ lives.
This type of data can reveal medical conditions, religious beliefs, political affiliations and personal relationships. Google’s intimate relationship with the US intelligence apparatus is particularly troublesome in this context.
Google claims that the two data sets—Google’s data on its users’ Internet activity and its partner companies’ data on credit card transactions—are handled separately via “double-blind” encryption. According to the Washington Post: “The [non-Google] companies know only that a certain number of matches have been made. In addition, Google does not know what products people bought.”
By analyzing this vast trove of data, advertisers can get a much fuller picture of the success of their ads at every step. Previously, advertisers were only able to see if a customer clicking on an ad led to a sale, which often leaves out intermediate steps, including searches and ads they did not click on. Understanding the role each marketing step plays in getting a customer to buy something is considered the “Holy Grail of marketing,” according to Forbes contributor Robert Hof.
Google’s SSM program vacuums up a disturbing amount of information, including, by Google’s own estimate, “approximately 70% of credit and debit card transactions in the United States,” either directly from the credit card companies themselves or through third-party companies.
In the EPIC filing notes, “Google ‘would not say’ whether customers have consented to the use of their data to tie purchases to advertising and other actions.” Google claims it has “the rights necessary” to use the data. Google also refused to reveal the algorithm that supposedly anonymizes the purchase information, citing a pending patent application.
However, what little is known about the algorithm—that it is based on the algorithm CryptDB—raises privacy concerns, because CryptDB has been compromised in the past. One of EPIC’s requests of the FTC is that it “mandate algorithmic transparency,” which would allow independent researchers to verify that the algorithm is secure.
Even if the information is kept securely, it is nearly impossible to opt out of having this information accumulated and analyzed. Because Google does not reveal which credit card companies it has partnered with, consumers cannot choose to use one card over another for personal privacy reasons.
Several pages of EPIC’s FTC filing are dedicated to the labyrinthine nature of Google’s privacy settings and how it is difficult for any but the most technologically savvy users to find out how to opt out of having their information used for advertising purposes. Opting out of in-store purchase tracking requires Google users to opt out of location tracking, which EPIC says would not be surmised by “a reasonable consumer.”
Google’s highly invasive tracking of its users’ every move and the near-impossibility of opting out combines the Orwellian with the Kafkaesque.
EPIC has previously brought Google-related privacy complaints before the FTC, including a 2010 filing that alleged that Google used deceptive practices to populate Google Buzz, Google’s short-lived social network, with Gmail users. The FTC agreed with EPIC and settled with Google in 2011.
The 2011 settlement included a consent order mandating that Google create a program to “address privacy risks.” The FTC found that Google promptly violated this order and fined Google $22.5 million in 2012 for misrepresenting its practices to users of Apple’s Safari browser.
EPIC’s filing against Google regarding SSM alleges that Google is engaged in multiple unfair trade practices and deceptive acts in violation of federal law, and that the FTC therefore has regulatory authority to impose fines. In the filing, EPIC requests that the FTC investigate Google and enjoin Google from implementing the program as it currently stands, including with its opaque algorithm and opt-out process.
Google’s invasive SSM technique was released on the heels of the implementation of a new censorship algorithm in April. This secret algorithm, justified in the name of a bogus effort to counteract the dissemination of “fake news” on the internet, is suppressing left-wing, anti-war and progressive websites in Google’s search results. The World Socialist Web Site in particular is being targeted by Google’s new algorithm.