Google Book Search Privacy Policy Mirrors Web Search, with One Hopeful, albeit Limited, Difference

The proposed Google Book Search Settlement Agreement has been the target of numerous criticisms, not the least of which has been its incredible impact on — and incredible silence about — users’ intellectual privacy. Well before the settlement even emerged, I tried to highlight some of the privacy concerns related to the growing reliance on Google Book Search for our information-seeking needs. More recently, as the possible approval of  settlement looms, various advocacy groups have again brought attention to the fact that Google might gain even greater ability to monitor the books you browse, the pages you read, and even the highlights and marginal notes you make on digital copies of books, including the Electronic Frontier Foundation, the ACLU, and the Center for Democracy & Technology.

In July 2009, Google posted a brief FAQ regarding privacy and Book Search, promising that the services provided under the Settlement will be bound by its general Privacy Policy, that it will only share aggregate usage data with the Book Rights Registry, that Google Accounts will not be required to access the services (although there will be some access limits for those who don’t login).

To most, including myself, this FAQ failed to sufficiently quell concerns over GBS’s impact on intellectual privacy and the freedom to read anonymously.

At the “Google Books Settlement and the Future of Information Access” conference organized by the UC-Berkeley Information School, I joined other advocates in calling on Google to be more forthright about the privacy concerns — and need for more specific protections — related to the GBS settlement and proposed infrastructure for accessing digital books. Google has insisted, however, than a more detailed privacy policy was impossible to construct since the actual technology has not yet been developed. Google’s Privacy Counsel, Jane Horvath, noted this apparent obstacle in an August 31, 2009 letter to the FTC:

Because the settlement agreement has not yet been approved by the court, and the services authorized by the agreement have not been built or even designed yet, it is not possible to draft a final privacy policy that covers details of the settlement’s anticipated services and features.

Sharing the concern of privacy advocates, the FTC refused to fully accept Google’s deferment, and urged Google to publish a privacy policy outlining Google’s specific privacy commitments for the Book Search product:

[I]t is important for Google to develop a new privacy policy, specific to Google Books, that will apply to the current product, set forth commitments for future related services and features, and preserve commitments made in the existing privacy policy.

As Google develops its new privacy policy, we urge Google to focus in particular on appropriately limiting secondary uses of data collected through Google Books, including uses that would be contrary to reasonable consumer expectations.

So, upon receiving this demand from the FTC, Google did what it has previously said was impossible: it published a Privacy Policy for Google Books.

:::

In announcing the publication of this privacy policy, Google notes that “Google Books has always been covered by the general Privacy Policy for all of Google’s services”, and in the policy itself it is stated that “Any publicly available product authorized by the settlement will have a privacy policy comparable to policies you can see in our Privacy Center today for other Google products.” While this sounds comforting, it is the very fact that Google intends to treat Book Search records with the same (and in many ways, limited) privacy protections as its other products that causes much of the concern.

As I noted in my remarks at the Berkeley event, there are particular expectations of privacy when it comes to seeking information in a library setting. The context of the library brings with it specific norms of information flow regarding patron activity, including a professional commitment to patron privacy. But the insertion of Google into this context raises an alarm, and merely promising that the same privacy standards of Web searching will apply is insufficient. Here’s why:

Searching for information on the World Wide Web was a new experience for most everyone. It was a new frontier of information-seeking, which developed its own business model, its own technical infrastructure, and its own technical standards and best practices, ones that rely heavily on the tracking and capturing of user data. Google has gone to some lengths to explain how & why it must track and collect user data for Web searches. Many people accept this as the norm for Web searchers: in order to benefit from what companies like Google have created, we need to acquiesce to this kind of tracking of our search activity. Yes, Google promises not to give to other people except in specific circumstances, but in general, people know and accept that Google can see what they’re searching for, and they keep and use that data for a variety of purposes. For most, that’s just the way the Web works.

But the context of the library is altogether different. In the library, users intellectual activities are protected by decades of established norms and practices intended to preserve patron privacy and confidentiality, most stemming from the ALA’s Library Bill of Rights and related interpretations. As a matter of professional ethics, most libraries protect patron privacy by engaging in limited tracking of user activities, having short-term data retention policies (many libraries actually delete the record that you ever borrowed a book once it is returned), and generally enable the anonymous browsing of materials (you can walk into a public library, read all day, and walk out, and there is no systematic method of tracking who you are or what you’ve read). These are the norms of the library.

With the proposed GBS settlement, we are talking about the de facto transfer of library practices (reading a book) to a Web-based infrastructure powered by Google (searching the Web). It will be reasonable to expect the same informational norms that exist in the libra
ry settings – limited tracking, short-term data retention, possibilities of anonymous browsing – to translate into the proposed digital system for browsing books. If these are the expected norms of information flow, we must ensure they are respected by any system designed for browsing digitized books. In short, the system must be conceived as an extension of the library – with its informational norms in tow – and not an extension of Google, burdened with its standard practice of gathering user information.

Unfortunately, the fact that Google repeats that Google Books will follow the same privacy policy of general Web searching means the norms of data collection of the Web will likely prevail over the norms of the library. All the reasons we are concerned about the privacy of our Web searches are now amplified with the possible emergence of a large-scale infrastructure to track and monitor book searches. This is part of why most advocates where disappointed with the privacy policy released by Google.

:::

That said, there is one hopeful difference in the privacy commitment laid out by Google. Google notes the existence of special protections, in some jurisdictions, protecting the the privacy of people’s activities in libraries:

Special legal privacy protections for users may apply in cases where law enforcement or civil litigants ask Google for information about what books an individual user has looked at. Some jurisdictions have special “books laws” saying that this information is not available unless the person asking for it meets a special, high standard – such as proving to a court that there is a compelling need for the information, and that this need outweighs the reader’s interest in reading anonymously under the United States First Amendment or other applicable laws.

This is an important recognition of how people’s actions in the library setting often deserve special protections (something I wish Google would recognize with all information-seeking activities). In response Google promises that (emphasis added): “Where these “books laws” exist and apply to Google Books, we will raise them.” Quite honestly, I don’t know what Google means by stating it will “raise them”. The most basic reading of this statement means that if the law exists, then Google will bring that law to the Court’s attention (as if the Court wouldn’t have already addressed it?). That’s not the same as a promise to require warrants, challenge subpoenas, or otherwise require compliance with these laws.

Perhaps I’m wordsmithing, but this is such an important issue, Google should be more precise in their intentions (which was the whole point of demanding this policy in the first place). Further, this seems to be yet another case where Google is thinking like lawyers about privacy, suggesting that “there are some laws that might protect readers’ privacy, and we’ll “raise them” when appropriate.” But it seems to be only the existence of such laws that prompts Google’s additional attention to the uniqueness of intellectual privacy.

What Google needs to do is think like a librarian, and do whatever it takes to ensure readers’ privacy and confidentiality is protected, regardless of what the law requires.