Google recently announced a suite of new tools for advertisers, allowing them to link a customer’s offline credit card purchases with the things they look at online. Shockingly, some privacy advocates think this sort of tracking goes too far and have called on the federal government to investigate.
The Electronic Privacy Information Center this morning filed a complaint [PDF] with the Federal Trade Commission, asking the agency to investigate Google’s Store Sales Management consumer profiling technology and stop the company from tracking customers’ in-store purchases.
According to EPIC, Google’s system, which can allegedly track 70% of all credit and debt card transactions in the U.S., puts the personal information — including product searches, location searches and payment information — of shoppers and Internet users at risk of hacks or other data breaches.
The group alleges that Google is increasing that risk by refusing to reveal details about the algorithm that “deidentifies” — or removes shoppers’ personal details — customers while tracking their purchase.
“Google claims that it can preserve consumer privacy while correlating advertising impressions with store purchases, but Google refuses to reveal—or allow independent testing of the technique that would make this possible,” the complaint states. “The privacy of millions of consumers thus depends on a secret, proprietary algorithm. And although Google claims that consumers can opt out of being tracked, the process is burdensome, opaque, and misleading.”
The Advertising Tool
Businesses are willing to spend some money on advertising and outreach, but only if they see it translate into a return. Google’s system attempts to do just this.
Back in May, Google launched the Store Sales Measurement tool as a way to connect in-store revenue for purchases to adverting purchased from Google.
The technique correlates in-store purchases with actions users take on their smartphones using Google’s Internet-based services, such as searching for products or searching for alternative locations to make purchases.
To do this, Google collects credit card transaction information from credit card companies, data brokers, and others. The company then links this information to a customer’s phone searches or internet history.
Google noted at the time that the data it collects won’t have customers’ names attached to it. The data is anonymized and then hashed over. So what advertisers see is something more like, ten users, with names like 08a862b091c379fe9767615d10873, saw these ads in the morning, and spent between $23 and $28 on those products at a certain grocery store that afternoon.
Despite this, EPIC claims that Google’s reliance on a secret, proprietary algorithm to ensure customer privacy is anything but safe.
According to EPIC, the mathematical technique that Store Sales Measurement is based on is known to have security risks, as researchers were able to hack into a CryptDB protected database of healthcare records in 2015.
Additionally, the group claims that Google would not specify if users had consented to having their credit and debit card transactions shared with advertisers.
Google claims that users can delete and/or opt out of location history tracking on both Android and iPhone devices if they do not want to be tracked. To do so, users can visit their My Activity Page, click on Activity Controls and uncheck Web and Web Activity.
Still, EPIC claims that Google’s opt-out settings and description are confusing and opaque.
Also, because Google won’t identify which companies are providing it with transaction records, customers cannot know which cards not to use or where not to shop if they do not want their purchases tracked.
“Google’s collection of massive numbers of credit card records through unidentified ‘third-party partnerships,’ and Google’s use of an opaque and misleading ‘opt-out’ mechanism are unfair and deceptive trade practices subject to investigation and injunction by the FTC,” EPIC said in the complaint.
EPIC claims that if Google’s program is allowed to move forward and does not work as described by the company, millions of consumers’ credit card transactions and other private information could be at risk for exposure.
A rep for Google tells the Washington Post that its new advertising system is “common” and that it “ensures users’ data remains private, secure, and anonymous.”