We need to talk about Google

We are slowly getting used to the idea that if you browse certain things online, you will likely see digital ads related to them afterwards – a highly effective form of advertising that is good for both the user and the advertiser. Google’s platform, the largest for this type of digital marketing, works particularly well because Google knows what you’re up to online. In fact, they know a lot more about you than that. Given that almost all aspects of our lives are managed using the internet, Google is privy to more sensitive and personal information than perhaps you realise. But the implications of this are far more serious than just some Californians knowing your internet browsing habits.

Google is huge. Pretty much every stat about them is mind-blowing: 2.3 million searches per minute, made by 1.17 billion unique users per month, and when Google went down for just five minutes in 2013, global internet traffic dropped by 40%. And, of course, not excluded from the plethora of unfathomable numbers associated with this tech giant are their revenue figures from their internet advertising services. Alphabet Inc, Google’s parent company, reported second-quarter 2016 earnings of £17 billion. This is, in large part, a result of their domination of the online search market. Google is synonymous with search – you don’t ‘Bing’ something, you ‘Google’ it, a definition that has now made it into the Oxford dictionary. This is particularly prevalent in the UK where Google handles around 84% of all desktop, tablet and mobile searches, casting a very gloomy shadow over Microsoft’s search engine which takes just 11%. All of this means that they process colossal amounts of data about everyone and everything. In today’s information age, not only does this makes them immensely powerful but it makes them a big target. This concentration of data in the hands of a single party is completely unprecedented and so perhaps we should more closely examine the risks of this, as well as reaping its rewards.

 

Edward Snowden was behind the biggest intelligence leak in the NSA’s history. Credit: The Guardian

 

Ever since the Edward Snowden affair in 2013 which revealed how British and American intelligence agencies were accessing people’s personal data, people have become far more sensitive to how their digital information is used. In particular, internet users are waking up to the idea that the masses of personal data that they volunteer online every day isn’t always kept secure and private. If this information is abused or obtained by rogue parties, it can cause problems ranging from spam emails to identity fraud to blackmail. This change in the social climate is putting data security high on the end agenda and big institutions are responding: the EU has issued it General Data Protection Regulation (GDPR – read more about this in our blog) and banks are taking a lead in raising consumer awareness – (watch this brilliant advert from Barclays). So what about Google, then?

As Mathias Döpfner puts it, “nobody knows more about its customers than Google”. Between the search engine, Maps, Chrome, YouTube, Gmail and a number of other products, Google is gathering and storing vast quantities of personal and private data. What Google does with this data is “create a more personalised internet experience for users” – which is to say, they effectively sell this information to advertisers in the form of targeted ads. It has become normalised to see adverts relevant to something you have recently browsed online. With the release of Google’s Gboard, I wouldn’t be too surprised if they were able to contextualise what you type into private messages, emails (they’re already reading your Gmail, by the way) and potentially even Whatsapp’s messages and feed this into your ‘interest topics’ (others have suggested this isn’t possible but I am currently testing this by sending dummy messaging using keywords unrelated to my usual interests to see if I start to see relevant ads). Therefore, Google potentially has the means to record and store even the most intimate aspects of your personal data. As Eric Schmidt once said, “we can more or less know what you’re thinking about”.

 

Alphabet Inc’s Executive Chairman, Eric Schmidt, is having to tackle some difficult problems as Google faces increasing scrutiny. Credit: Quartz

 

In my opinion, this isn’t the main issue. The simple fact is that you have more control over how Google uses your data than you think. Even though Google was challenged last year when they deleted a clause in their privacy policy which meant they could merge your browsing history with personally identifiable information without your consent, they reiterated that anyone can access their account and change their privacy settings to prevent this. As much as people claim that they value their privacy, how often do they read a Google privacy policy update in full or review their own privacy settings? Although I don’t agree with Schmidt’s statement of “if you have something that you don’t want anyone to know, maybe you shouldn’t be doing it in the first place”, I think it is true that you can retain a large element of control over your personal data. I think that the bigger issue is the extent to which Google can guarantee the security of the information they hold about you. Up until recently, the way they stored your data was secure by its very design – someone at Google couldn’t simply bring up your file and go through your personal data because it wasn’t associated with anything that could identify that that data belonged to you. Let’s call you “Mr Smith”, for example. Yes, they could target you as “Person A” who has browsed websites related to topic “B”. But there was no way they could say “Mr Smith is interested in topic B”. That’s changed now and with this recent data merge, all of the data they have on their users is associated (or “combined”) with personally identifiable information. So now, Google can say “Mr Smith is interested in Topic B… and he is an accountant… who gets the tube to work… usually at 8.15am… after he’s had a coffee at Costa… and emailed his car dealer about a new model…” and on and on and on. All of this information is held by a single entity.

 

Google has vast facilities called Data Centers where it stores all of its/our data. Credit: CNET

 

And that’s still fine. As long as they can absolutely guarantee that all of this information is secure. I believe Google’s intentions are ultimately harmless. Yes, they are all about making money from your data, but in order to do that they need your trust. This would fall apart if they abused or directly sold everything they know about you. However, given the value of this information to hackers, to identity thieves, to political parties and even to rogue nation states, Google need to fortify their data centres and cyber security systems to protect against the theft of this information. Even if they are 99.9999% safe – that’s still not good enough. One data breach and not only will Google’s reputation be shattered, but we will all have much bigger problems to worry about than just seeing ads related to the websites we’ve visited.

 

HCW.