If the Electronic Privacy Information Center (EPIC) has its way, the Google ads “shopper tracking” may be getting a bit of federal oversight in the near future. In case you’ve forgotten, Google recently outlined a method for pairing a user’s online ad views to their in-store purchases, which totally wasn’t creepy at all… really. The privacy rights watchdog EPIC would like for the FTC to take a look at this system in order to make sure everything is above board.
Google has of course assured everybody that all of the data the collect is anonymized and hashed, not to mention encrypted and all of the other safe-sounding words they can muster. EPIC is quick to point out though, Google claims to be building the encryption and mathematical formulas to keep user data anonymous, though they just seem to want people to trust that the formulas work as intended. EPIC simply wants another (non-Google) set of eyes on these encryption formulas. Their complaint to the FTC notes that the mathematical technique that the whole system relies on — CryptDB — has had security concerns in the past.
Another potential issue brought up in the complaint is whether or not Google even has the right to use the credit/debit card information from their partners:
Google also would not disclose which companies were providing it with the transaction records. When asked if users had consented to having their credit and debit transactions shared, Google would not specifically say. The company replied it requires that its unnamed partners have “the rights necessary” to use this data.
All in all, the whole thing just seems shady and like it will be a colossal breach of users’ privacy if implemented. Maybe Google should stick with throwing 17¢ to users on Google Opinion Rewards after asking them about their shopping habits (even if they’re incorrect about 99% of the time). At least that way they’ll know for sure that users have opted-in for the questioning.Source: The Washington Post