Home Affairs CommitteeWritten evidence submitted by the Initiative for a Competitive Online Marketplace [EC 19]

I am writing to you and your fellow Members on the Home Affairs Select Committee in my capacity as director of the Initiative for a Competitive Online Marketplace (ICOMP). As an organization which is interested, inter alia, in promoting privacy and security on the Internet, we have followed your recent hearing on E-crime with a lot of interest. However, we believe that a number of responses from Google’s Head of UK Public Policy, Sarah Hunter were misleading. In order to allow your committee to carry out its important work on the basis of a correct assessment of the factual situation I am writing to you to provide our point of view on these matters.

As you may know, ICOMP is an industry initiative for businesses and organisations involved in Internet commerce. Our mission is to encourage widespread support for principles that are essential to a healthy and competitive online marketplace. To this end, we take a keen interest in data privacy and security as do our members.

During the hearing, it was put to Ms Hunter that Google has faced criticism by 10 Information Commissioners over its attitude to user privacy and had been fined by the United States Federal Trade Commission for bypassing security settings on Apple’s Safari browser. When asked what impression this gave of Google’s respect for user privacy, Ms Hunter expressed “deep regret” for the incidents, saying they were “mistakes and as soon as we identified them, we owned up; we were very public about it.”

We think it is important to point out that Google’s “workaround” was first brought to light by the Wall Street Journal in an article of 17 February 20121 before Google had been “public about it”. The following day, it emerged that, far from owning up and going public, Google had in fact tried to hide the evidence of its misrepresentations by removing cached versions of the opt-out page from Google’s search engine, so that the old opt-out page could no longer be found by means of a Google search.2 Google responded to these revelations by claiming that the ad cookies “do not collect any personal information.”3 Chairman Eric Schmidt later distinguished the Safari incident from the “mistakes” over the Wi-Fi data grab, describing the former as “industry practice.”4 Neither of these claims was accurate and neither, as I’m sure you’ll agree, quite constitutes the immediate and public admission of guilt that Ms Hunter described.

These instances are serious enough in themselves but we believe they are also symptomatic of a broader, far more important and indeed very worrying issue: Google’s attitude towards privacy and its conduct towards the institutions which are tasked with holding them to account.

In recent years, Google has committed a litany of privacy transgressions including the aforementioned Safari and “Spy-Fi” incidents, and more recently the unilateral changes to its privacy policies in contravention of privacy legislation in the UK and the other EU member states. I enclose a copy of ICOMPs analysis of both the investigation on behalf of the European privacy enforcers including the Information Commissioner into Google’s privacy policy change. I also enclose the response given by Google to the Information Commissioners Office in relation to the ICOs investigation into the above-mentioned Spy-fi incident.5 These detail the infractions in more detail but in short, Google’s response to each of them has been worryingly consistent. First it attempts to cover-up the facts, next it issues a denial either that the instance occurred or that it had any impact and finally it attributes the breach to a “mistake” on the part of one single “rogue” member of staff. Once each of these statements has been debunked, Google then responds to the ensuing investigation with a calculated strategy of obfuscation and prevarication.

What is so worrying about this attitude is the fact that it shows a deep disrespect for users’ privacy. Such an attitude can only lead to further privacy violations and there is abundant evidence that intrusions into people’s privacy are becoming the order of the day at Google. Indeed almost every privacy watchdog which has investigated Google in recent years has found cause to comment on its unwillingness to cooperate and, in some cases, deliberate efforts to impede proceedings.

In this regard one can only wonder what the value is of Ms. Hunter’s statement that “(u)ser trust is at the heart of our business model”. She went on to claim that “(i)f you think about our businesses, they’re free and there is a lot of competition out there—there are a lot of alternatives—so if our users don’t believe we’re keeping their data safe, they’ll go somewhere else.”

As you may know, the European Commission is currently investigating Google for allegations across Europe that it has abused its dominant position in the market to the detriment of European citizens and the online ecosystem at. Those investigations are based in part on a complaint by ICOMP in which we have claimed that Google’s dominance has partly been created by illegal exclusive agreements to the detriment of what Ms. Hunter called “a lot of competition”. Thanks in part to those agreements Google currently controls over 90% of the search market in Europe.6

It is precisely because there is not that much competition and thus not “a lot of alternatives” that Google is able to continually flout the legitimate privacy concerns of consumers in a way which would destroy any other company operating in a healthy and competitive marketplace. The sad truth is that Google has taken steps to ensure that if, as Ms Hunter says, “users don’t believe [Google is] keeping their data safe” there is nowhere else for them to go and nothing they can do about it. Because of comments such as those at your hearing last week they do not even realise that there is a problem.

We would hope that these comments help your committee see through Google’s attitude towards public authorities and would very much welcome a chance to meet with you on this issue.

Auke Haagsma
Director of ICOMP

March 2013

1 Google’s iPhone Tracking, The Wall Street Journal (17 February 2012)

2 Letter from Marc Rotenberg, Executive Director, EPIC, to Fed. Trade Comm’n (17 February 2012), http://epic.org/privacy/ftc/google/EPIC-FTC-Google-Consent-Ltr-02-17-12.pdf.

3 Google Spies on Apple Users, REUTERS, (18 February 2012), http://rt.com/usa/news/google-apple-safari-iphone-627/.

4 Charles Arthur, Google’s Big Tent event: porn, copyright, Eric Schmidt and all, THE GUARDIAN, (23 May 2012), http://www.guardian.co.uk/technology/2012/may/23/google-big-tent-porn-copyrihgt-schmidt

5 Both not printed

6 http://gs.statcounter.com/#search_engine-eu-monthly-201108-201207

Prepared 29th July 2013