Electronic Privacy Information Center filed federal complaint against Google over privacy issues in linking user data to purchase transaction records

Briefing

Electronic Privacy Information Center filed federal complaint against Google over privacy issues in linking user data to purchase transaction records

August 29, 2017

Briefing

  • Advertising Program Complaint – Electronic Privacy Information Center (EPIC) filed complaint against Google's new advertising program "Store Sales Measurement" introduced in May 2017 that ties online behavior, such as ad clicks, with in-store purchases
  • How It Works – Program matches Google services (e.g. Gmail, search, YouTube and maps) user data with credit and debit card records of 70% of U.S. customers, mathematically anonymized and encrypted, which Google turns over as aggregated data to advertisers
  • Privacy Concerns – Google obtained debit and credit card purchase records from undisclosed sources without adequate options for users to opt out, and refused to declare how data is obtained
  • No Access to Personal Credit Card Data – Google said company (and advertisers) do not have access to names and personal information of individual credit and debit card users but anonymizes transaction data through technology
  • Flawed Encrypting Technology – EPIC claims that basis for program's data encrypting technology CryptDB has known flaws, prone to hacks and data breaches

Accelerator

Market Disruption

Sector

Information Technology, Wholesale and Retail Trade

Organization

Electronic Privacy Information Center (EPIC), Google Inc., U.S. Federal Trade Commission

Source

Original Publication Date

July 30, 2017

Leave a comment