FTC asked to in­ves­ti­gate the track­ing of shop­pers

The Denver Post - - BUSINESS - By El­iz­a­beth Dwoskin and Craig Tim­berg

WASH­ING­TON» A prom­i­nent pri­vacy rights watch­dog is ask­ing the Fed­eral Trade Com­mis­sion to in­ves­ti­gate a new Google advertising pro­gram that ties con­sumers’ on­line be­hav­ior to their pur­chases in brickand-mor­tar stores.

The le­gal com­plaint from the Elec­tronic Pri­vacy In­for­ma­tion Cen­ter, sched­uled to be filed with the FTC on Mon­day, al­leges that Google is newly gain­ing ac­cess to a trove of highly sen­si­tive in­for­ma­tion — the credit and debit card pur­chases records of the ma­jor­ity of U.S. con­sumers — with­out re­veal­ing how they got the in­for­ma­tion or giv­ing con­sumers’ mean­ing­ful ways to opt out. Also, the group claims that the search gi­ant is re­ly­ing on a se­cre­tive tech­ni­cal method to pro­tect the data — a method that should be au­dited by out­siders and is likely vul­ner­a­ble to hacks or other data breaches.

“Google is seek­ing to ex­tend its dom­i­nance from the on­line world to the real, off­line world, and the FTC re­ally needs to look at that,” said Marc Roten­berg, the or­ga­ni­za­tion’s ex­ec­u­tive di­rec­tor.

Google called its advertising ap­proach “com­mon” and said it had “in­vested in build­ing a new, cus­tom en­cryp­tion tech­nol­ogy that en­sures users’ data re­mains pri­vate, se­cure and anony­mous.”

Ex­ec­u­tives have hailed Google’s pro­gram, Store Sales Mea­sure­ment, as a “rev­o­lu­tion­ary” break­through in ad­ver­tis­ers’ abil­i­ties to track con­sumer be­hav­ior. The com­pany said that, for the first time, it would be able to prove, with a high de­gree of con­fi­dence, that clicks on on­line ads led to pur­chases at the cash reg­is­ter of phys­i­cal stores.

To do this, Google said it had ob­tained ac­cess to the credit and debit card records of 70 percent of U.S. con­sumers. It then de­vel­oped a math­e­mat­i­cal for­mula that would anonymize and en­crypt the trans­ac­tion data, and then au­to­mat­i­cally match the trans­ac­tions to the mil­lions of U.S. users of Google and Google-owned ser­vices such as Gmail, search, YouTube and maps. This ap­proach pre­vents Google from ac­cess­ing the credit or debit card data for in­di­vid­u­als.

But the com­pany did not dis­close the math­e­mat­i­cal for­mula it uses to pro­tect con­sumer’s data. In a state­ment, Google said that it had taken pains to build cus­tom en­cryp­tion tech­nol­ogy that en­sures that the data the com­pany re­ceives re­mains pri­vate and anony­mous.

The pri­vacy or­ga­ni­za­tion is ask­ing the gov­ern­ment to not take Google’s word for it and to re­view the al­go­rithm it­self. In its com­plaint, the or­ga­ni­za­tion said the math­e­mat­i­cal tech­nique that Store Sales Mea­sure­ment is based on, Cryp­tDB, has se­cu­rity flaws. Re­searchers hacked into a Crypt-DB-pro­tected health care data­base in 2015, ac­cess­ing more than 50 percent of the stored records.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.