Google Private about Privacy: and Breaking the Law?
What a difference a blog makes. Last Tuesday, The New York Times Bits Blog covered Google’s efforts to join the Network Advertising Initiative (a group that sets standards in collecting data in advertising; DoubleClick helped to form the NAI). The NAI requires members to link to their privacy policies clearly and conspicuously; this is usually taken to mean on the home page. Google refuses:
Larry Page, the company’s co-founder, didn’t want a privacy link “on that beautiful clean home page,” said one executive at a Google competitor who is involved in reviewing Google’s N.A.I. application. (The executive didn’t want his name used because the applications are meant to be considered privately.)
“His argument is when you come to Google and you are looking for information, it is that big fat box” for search and little else, the executive said.
Okay, yes, when you navigate to Google.com, you’re probably looking for a search box. Google spokesman Steve Langdon confirmed Google’s desire:
We do believe that having very limited text on our home page is important and that is something we have shared with the N.A.I.
Oh, that’s good. Wait, what? Correct me if I’m wrong, but even if I’m not signed in to Google, I see fourteen links on across the top of, in the middle of and at the foot of that “beautiful clean home page” (signing in adds one link for me):
- Shopping (which, really, does anyone use?)
- more (which contains another 13 links)
- Sign in
- Advanced Search
- Language Tools
- Advertising Programs
- Business Solutions
- About Google
That doesn’t include the Google logo itself or the buttons.
How conspicuously? The site needs to link to the policy “located on the homepage or first significant page after entering the Web site.” And the law has some rules for how prominent the link must be.
Now everyone’s favorite privacy watchdogs have latched on to the case. SFGate reports that “In addition to the Electronic Privacy Information Center, the letter’s signatories included the ACLU of Northern California, Center for Digital Democracy and World Privacy Forum.”
There is also a vague safe harbor in the California law which states that “privacy policies must be displayed where a ‘reasonable person would notice it.'”
Normally, I wouldn’t be out arguing that Google or any other company online has to comply to every single state’s law (Utah trademark law, anyone?) . . . but Google is based in California, and I think that if a company should be required to comply to any one state’s laws, it should be the state in which they’re based.
The privacy & trade groups could move toward legal action. Other than the ‘reasonable person’ standard, Google doesn’t seem to have much recourse. As most people have noted in the Bits Blog, what’s two more words on a supposedly clean page with (at least) twenty words in links?