Posted June 4, 2008 2:46 pm by with 9 comments

Tweet about this on TwitterShare on LinkedInShare on Google+Share on FacebookBuffer this page

What a difference a blog makes. Last Tuesday, The New York Times Bits Blog covered Google’s efforts to join the Network Advertising Initiative (a group that sets standards in collecting data in advertising; DoubleClick helped to form the NAI). The NAI requires members to link to their privacy policies clearly and conspicuously; this is usually taken to mean on the home page. Google refuses:

Larry Page, the company’s co-founder, didn’t want a privacy link “on that beautiful clean home page,” said one executive at a Google competitor who is involved in reviewing Google’s N.A.I. application. (The executive didn’t want his name used because the applications are meant to be considered privately.)

“His argument is when you come to Google and you are looking for information, it is that big fat box” for search and little else, the executive said.

Okay, yes, when you navigate to, you’re probably looking for a search box. Google spokesman Steve Langdon confirmed Google’s desire:

We do believe that having very limited text on our home page is important and that is something we have shared with the N.A.I.

Oh, that’s good. Wait, what? Correct me if I’m wrong, but even if I’m not signed in to Google, I see fourteen links on across the top of, in the middle of and at the foot of that “beautiful clean home page” (signing in adds one link for me):

  • Images
  • Maps
  • News
  • Shopping (which, really, does anyone use?)
  • Gmail
  • more (which contains another 13 links)
  • iGoogle
  • Sign in
  • Advanced Search
  • Preferences
  • Language Tools
  • Advertising Programs
  • Business Solutions
  • About Google

That doesn’t include the Google logo itself or the buttons.

Then the Bits blog found out last Friday that a certain search giant may be violating a California law stipulating that they link to their privacy policy “conspicuously”:

The California Online Privacy Protection Act of 2003 requires the operator of a commercial Web site that collects personal information about users to “conspicuously post its privacy policy on its Web site.”

How conspicuously? The site needs to link to the policy “located on the homepage or first significant page after entering the Web site.” And the law has some rules for how prominent the link must be.

Now everyone’s favorite privacy watchdogs have latched on to the case. SFGate reports that “In addition to the Electronic Privacy Information Center, the letter’s signatories included the ACLU of Northern California, Center for Digital Democracy and World Privacy Forum.”

There is also a vague safe harbor in the California law which states that “privacy policies must be displayed where a ‘reasonable person would notice it.'”

While Google has become a bit infamous for its hard-to-find privacy policy, the Google “Privacy Center” is within two clicks of the homepage or a SERP: Click on “About Google” in the footer of the page, then click on “Privacy Policy” in the footer of the About Google page. (You still have to click at least once to find any specific policy, however.) Notably, iGoogle pages have a direct link to the iGoogle privacy policy in their footers.

Normally, I wouldn’t be out arguing that Google or any other company online has to comply to every single state’s law (Utah trademark law, anyone?) . . . but Google is based in California, and I think that if a company should be required to comply to any one state’s laws, it should be the state in which they’re based.

The privacy & trade groups could move toward legal action. Other than the ‘reasonable person’ standard, Google doesn’t seem to have much recourse. As most people have noted in the Bits Blog, what’s two more words on a supposedly clean page with (at least) twenty words in links?

  • Jordan – Google should also be aware the Better Business Bureau requires all of members to Post and Adhere to a Privacy Policy.

    Per the policy:
    Online advertisers should post and adhere to a privacy policy that is open, transparent, and meets generally accepted fair information principles including providing notice as to what personal information the online advertiser collects, uses, and discloses; what choices customers have with regard to the business’ collection, use and, disclosure of that information; what access customers have to the information; what security measures are taken to protect the information, and what enforcement and redress mechanisms are in place to remedy any violations of the policy. The privacy policy should be easy to find and understand and be available prior to or at the time the customer provides any personally identifiable information.

    I believe that Google should be held to a higher standard, not a lesser one.

    Our Monmouth’s last blog post..Client Follow-Up in the Service Industry

  • Jordan McCollum

    As far as I can tell, Google isn’t a member of the BBB, but it still sounds as though they already meet the requirements you’ve posted here. They have a privacy policy which isn’t too terribly difficult to find (in fact, Steve Langdon suggested that concerned parties google [Google privacy policy]).

    Unlike the CA law, the BBB doesn’t explicitly state that it has to be on the homepage.

    From a legal standpoint, I disagree that Google should be held to a higher standard than an independent and voluntary entrance organization. That would be like telling nonSEMPO members that they absolutely have to adhere to SEMPO guidelines—or a higher standard.

  • I would not be shocked if CA or the NAI changed its law/policy to accommodate Google, rather than force Google to do something it doesn’t want to do.

    It should comply, but it seems Google is large enough to bend/break the rules.

  • PS3

    @ Monmouth – What weight/power does the Better Business Bureau actually have?

    I am in the UK and tried to use them when I had a dispute with an online retailer in the US. They seemed very helpful but couldn’t compel the retailer to do a great deal.

  • @PS3 about as useful as udders on a bull. 😉

  • I agree there’s little The BBB can do these days and there opinion seems to matter less & less with each passing year. This really makes you wonder what Google has to hide…..

    Bill’s last blog post..Are my emails private?

  • Yeah I’m not too sure this matters???? I guess I’m a little lenient but it seems silly to require a privacy policy in a certain area or on a certain page.

  • I think it’s funny, that Google who makes a living while telling all their business partners what their websites should look like, all of a sudden balks when someone tells them the same. See how they like it.

    Top Rated’s last blog post..The Very Best Digital SLR Cameras

  • This is an extremely well written post and my compliments to you Jordan for it. Sadly, no matter what the blog world says, G simply does not listen. Have you known them to, ever? Unless they are dragged there screaming and yelling by some government department, they are not about to oblige anyone else.

    Nicole Price’s last blog post..Home Decorating? Here are some Ideas