Google’s new pro­gram to track shop­pers sparks fed­eral pri­vacy com­plaint


A prom­i­nent pri­vacy rights watch­dog is ask­ing the U.S. Fed­eral Trade Com­mis­sion to in­ves­ti­gate a new Google ad­ver­tis­ing pro­gram that ties con­sumers’ on­line be­hav­iour to their pur­chases in brick-and-mor­tar stores.

The le­gal com­plaint from the Elec­tronic Pri­vacy In­for­ma­tion Cen­ter, filed with the FTC on Mon­day, al­leges that Google is newly gain­ing ac­cess to a trove of high­l­y­sen­si­tive in­for­ma­tion — the credit and debit card pur­chases records of the ma­jor­ity of U.S. con­sumers — with­out re­veal­ing how they got the in­for­ma­tion or giv­ing con­sumers’ mean­ing­ful ways to opt out. More­over, the group claims that the search gi­ant is re­ly­ing on a se­cre­tive tech­ni­cal method to pro­tect the data — a method that should be au­dited by out­siders and is likely vul­ner­a­ble to hacks or other data breaches.

“Google is seek­ing to ex­tend its dom­i­nance from the on­line world to the real, off-line world, and the FTC re­ally needs to look at that,” said Marc Roten­berg, the or­ga­ni­za­tion’s ex­ec­u­tive di­rec­tor.

Google called its ad­ver­tis­ing ap­proach “com­mon” and said it had “in­vested in build­ing a new, cus­tom en­cryp­tion tech­nol­ogy that en­sures users’ data re­mains pri­vate, se­cure and anony­mous.”

Ex­ec­u­tives have hailed the pro­gram, Store Sales Mea­sure­ment, as a “revo­lu­tion­ary” break­through in ad­ver­tis­ers’ abil­i­ties to track con­sumer be­hav­iour. The com­pany said that, for the first time, it would be able to prove, with a high de­gree of con­fi­dence, that clicks on on­line ads led to pur­chases at the cash regis­ter of phys­i­cal stores.

To do this, Google said it had ob­tained ac­cess to the credit and debit card records of 70 per cent of U.S. con­sumers. It had then de­vel­oped a math­e­mat­i­cal for­mula that would anonymize and en­crypt the trans­ac­tion data, and then au­to­mat­i­cally match the trans­ac­tions to the mil­lions of U.S. users of Google and Google-owned ser­vices like Gmail, search, YouTube, and maps. This ap­proach pre­vents Google from ac­cess­ing the credit or debit card data for in­di­vid­u­als.

In a state­ment, Google said that it had taken pains to build cus­tom en­cryp­tion tech­nol­ogy that en­sures that the data the com­pany re­ceives re­mains pri­vate and anony­mous.

The pri­vacy or­ga­ni­za­tion is ask­ing the gov­ern­ment not to not take Google’s word for it and to review the al­go­rithm it­self. Google would not dis­close which com­pa­nies were pro­vid­ing it with the trans­ac­tion records. When asked if users had con­sented to hav­ing their credit and debit trans­ac­tions shared, Google would not specif­i­cally say. The com­pany replied that it re­quires that its un­named part­ners have “the rights nec­es­sary” to use this data.

In its com­plaint, the pri­vacy group al­leges that if con­sumers don’t know how Google gets its pur­chase data, then they can­not make an in­formed de­ci­sion about which cards not to use or where not to shop if they don’t want their pur­chases tracked.

Newspapers in English

Newspapers from Canada

© PressReader. All rights reserved.