Think of yourself now, and what currently surrounds you. A computer or a phone, perhaps? How often did you use them today? Try and think back. Back to every phone call, text, and app download, to every keystroke, website, and search. It’s overwhelming, isn’t it? Now, think about how each of those actions reveals a little bit about you. A purchase you’re mulling over, an article you’re working on, maybe even where you are planning on eating dinner tonight. Separate, each piece is insignificant, but put them together, and they develop an identity. Your identity. How much is that information worth?

            Our personal information used to be tucked away: hidden behind the locked doors of a bank or within the records of a library. Now, all of that information gets housed online, some protected and some not. Searches are not. “Every day Google answers more than one billion questions from people around the globe in 181 countries and 146 languages” (Facts About Google). They track those searches, and sell their results to large companies who gather consumer information and use it to advertise. This type of tracking advances privacy concerns because of the lack of control individuals have over how they are monitored. As more and more of our lives become dependent on the Internet, these concerns grow.

The development of Smartphones expanded privacy issues into a new category, and a 2012 Wall Street Journal discovery brought these issues to light. According to the article, “Google Inc. and other advertising companies [were] bypassing the privacy setting of millions of people using Apple Inc.’s Web browser on their iPhones and computers – tracking the Web-browsing habits of people who intended for that kind of monitoring to be blocked” (Angwin). For this privacy violation, Google faced fines from the Federal Trade Commission (FTC), along with lawsuits both in the United States and Great Britain. As only the latest in a list of privacy violations and murky policies, we are left questioning the ethical intent of a company who claims their corporate motto is “Don’t Be Evil.”

Google’s Tracking: Supply and Demand

In order to understand the ethical implications of Google’s web-based tracking system, it is important to first understand their tracking method, and why marketers find it so appealing.  Tracking takes place in the form of web cookies, which send bits of text back and forth between a user’s computer and a website server. (Harris,2). While Google uses the initial set of cookies to aid their algorithm in producing search results, additional cookies, called third party cookies, can be sent to a computer once the search is complete and a user has clicked on a link to an image or new webpage. The third party cookies make it possible for marketers to “track and compile an individual’s Web activity across the sites of different companies as well as personal information” (Harris, 3).

Google Search

Courtesy of Darden School of Business Case, “Google and Internet Privacy (A)”

Easy access into consumer insight draws in marketers. Compared to traditional studies involving surveys or focus groups, web-based tracking is cheaper and tends to produce better results. By partnering with a search engine like Google, marketers guarantee themselves exposure to millions of visitors daily, all providing new and unique information. Marketers can then turn around and target those same users with specific advertisements in exchange for a fee. The low cost and growing number of individuals using Google and other search engines provides “a very cost effective way [for marketers to reach] vast audiences at any hour on any day”  (Harris, 2). Smartphones expanded this audience, and allowed marketers to reach and track people while they were out, living their day-to-day lives.

Google and Privacy History

An increase in demand for web-based tracking convinced Google to incorporate it into their business model, but led some consumers to question the ethical and legal implications of tracking. Up to this point, there was little monitoring of Internet privacy policies because experts had difficulty defining what a potential violation consisted of. Originally, through the work of Samuel D. Warren and Louis D. Brandeis in their well-known Harvard Law Case, “the concept of a ‘right to privacy’ called for the right to be left alone [where] publication and dissemination of personal information extend[ed] from this right, [but where]… the right to privacy stop[ped] when the individual consent[ed] to give up that right” (Peslak, 2). The Internet created ambiguity with this definition because the terminology ‘consent to give up’ morphed into ‘opting-out.’ This meant that instead of an individual writing to discard their privacy, they needed to formally give notice to keep it. With regards to Google, the ambiguity was amplified by deceptive information in their privacy policy statement. To quote Google’s Privacy Policy from 2000, they said “ we [Google] only divulge aggregate information about our users and will not share personally identifiable information with any third party without [their] express consent” (Google Privacy Policy 2000). As you will see below this was not the case.

The public first became outwardly suspicious of Google’s behavior when it announced in April 2007 that it would purchase DoubleClick, an Internet marketing firm that served major corporations like Microsoft, General Motors, and Coca-Cola. (Harris, 11). The deal, which the FTC approved in December 2007, was worth $3.18 billion, and arose “concerns about potential consumer-privacy abuse” (Harris, 3). Shortly after Google’s announcement, the Electronic Privacy Information Center (EPIC) filed a complaint with the FTC, pushing them to ensure Google users could opt out of tracking in regards to addresses, destroy cookies that could identify users, and force Google to allow individuals to see what personal data Google kept on them. Despite the complaint, Google did not change its web cookie policies, and formally purchased DoubleClick in March of 2008.

Less than three years after Google’s purchase of DoubleClick, the FTC brought Google before them again, this time for deceitful privacy policies of their social network, Google Buzz. According to the official FTC report, “Google led Gmail users to believe that they could choose whether or not they wanted to join the [Google Buzz] network, [yet] the options for declining or leaving the social network were ineffective” (FTC Report). Even when a user clicked the “Nah, go to my inbox” link when the Google Buzz feed popped up, they were not fully removed from the program, and Google still collected certain personal information. Google settled with the FTC in early 2011, agreeing to properly represent their privacy policies, obtain consumer consent before sharing information with third parties, and to establish and maintain a comprehensive privacy program, with biennial audits conducted by independent third parties.

A Persisting Problem

google's technique

Courtesy of The Wall Street Journal article, “Google’s iPhone Tracking”

Tracking Apple Users

Courtesy of The Wall Street Journal article, “Google’s iPhone Tracking”

Despite the settlement with the FTC in 2011, in 2012, Google violated the terms of its agreement by creating a code that tricked Apple’s Safari into letting Google monitor its users. Safari, which naturally blocks web cookies, makes exceptions when a user interacts with a website, like when a person fills out a form online. (Angwin). Google’s code, discovered by Stanford researcher, Jonathan Mayer, exploited this loophole by convincing Safari that users were filling out an invisible form every time they visited a Google page. The code enabled “Google tracking over [a] vast majority of websites,” on both computers and Smartphones (Angwin). In fact, after testing the 100 most frequented sites ranked by Quantcast, Wall Street Journal technology advisor, Mr. Soltani, found Google’s code placed on many popular websites, such as Match.com and AOL.com.

As a result, the FTC found Google guilty of violating their settlement from the year before, and fined the corporation $22.5 million, the biggest fine ever paid for violating a FTC settlement. Outside of the United States, Google is also currently facing lawsuits from a group of 12 Apple users in the United Kingdom seeking damages for privacy breaches (Gore). More than that, many other consumers feel that the 2012 privacy violation, so soon after their settlement in 2011, shows Google’s lack of desire to change its ways, and worry about how this could impede people’s privacy rights in the future. The laws and regulations pertaining to Internet privacy can’t seem to keep up to Google’s inventive ways to break them, leaving many wondering, “what can we do now?”

Who are Google’s stakeholders?

Unfortunately, the answer to “what can we do now?” lies in Google’s hands, giving consumers a valid reason to be concerned. As you have read, privacy violations are not a new trend for Google, and only seem to be growing with technological expansion. So, why does Google face so many ethical issues?

One explanation is that Google has lost sight of who its primary stakeholders are, and their importance to the success of the company. In an article entitled Business Ethics at the Millennium, Edward Freeman discusses the Principle of Stakeholder Cooperation, saying, “value is created because stakeholders can jointly satisfy their needs and desires. Value creation and trade is not a zero sum game. Capitalism works because entrepreneurs and managers put together and sustain deals or relationships among customers, suppliers, employees, financiers, and communities” (Freeman, 176). Each of these relationships, and stakeholders, are critical to the success of the company.

In some ways, Google excels at the Principle of Stakeholder Cooperation. As opposed to many other companies, Google focuses a great deal of its resources on creating value for their employees. Between on-site perks like medical and dental facilities and oil change and bike repair to their Global Education Leave program, which enables employees to take reimbursed leaves of absence, Google pours time and energy into its employees. (Chatterjee). Yet, this type of dedication does not seem to apply to its consumers. On their corporate website under “Ten things we know to be true,” Google lists number one as, “focus on the user and all else will follow” (About Google 2013). While Google works tirelessly to improve the efficiency of its search engine to better serve its customers, their disregard of consumer privacy shows Google is not, in fact, focusing on its users’ needs. Freeman would argue that, in the long run, this will harm Google as “the support of each group is vital to [a company’s] success…without the support of all stakeholders [a company] simply cannot be sustained” (Freeman, 176). As shown with the examples above, Freeman’s predictions are already coming true. The fines imposed on Google by the FTC and a diminishing lack of consumer confidence due to privacy violations demonstrates how important the “consumer” stakeholder is, and what problems can arise if Google does not look out for their interests.

Open Communication

           One way Google could improve their protection of “consumer” stakeholders is to follow a Kantian approach to ethical decision-making. In Norman Bowie’s article, A Kantian Approach to Business Ethics, he states, “Kant’s ethics…is an ethics of duty rather than an ethics of consequence,” where the respect of people is paramount (Bowie, 4). In other words, ethics lie in the intent of an action, not the action’s consequences. This is especially relevant to Google because of their relationship with their customers. On the one hand, Google intends to provide their users with fast, reliable service, while on the other, they intend to deceive their consumers for the purpose of profit. Their “intent to deceive” directly conflicts with Kantian ethics, and his Formula of Humanity. According to Kant scholar Christine Korsgarrd, “coercion and deception are the most fundamental forms of wrongdoing to others – the roots of all evil” (Bowie, 8). Therefore, Google’s deception of its consumers, Bowie might argue, is where Google needs to improve. This also corresponds with how the U.S. government appears to view Google’s privacy violations. Both the FTC’s initial case against Google and their subsequent fine in 2012 dealt with Google’s deception of its customers and their misleading privacy policies, not the actual code and cookies Google used to implement these practices (Shaer).

In some ways, Google has worked to improve its relationship with its customers, with detailed information regarding how they track consumers. In 2000, as stated in the case above, Google’s privacy policy stated that Google did not share personal information with third parties (Google Privacy Policy 2000). When more privacy concerns appeared, though, Google was forced to clarify what type of information they collect. In 2010, Google’s privacy policy consisted of specific information web cookies would take from a user’s computer including “interaction with a service, Internet Protocol address, browser type, browser language, [and] the date and time of request” (Google Privacy Policy 2010). After the iPhone Safari concerns in 2012, Google edited their privacy policy again to include information cookies could retrieve from your phone. This included:

“Device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number). Google may associate your device identifiers or phone number with your Google Account” (Google Privacy Policy 2012).  

Despite a slightly more open approach to their privacy policies, Google still operates with deception towards their customers for corporate gain. As a result, their consumer stakeholders do not appear like a priority. In one of the last sections of Bowie’s article, he states that a corporation “should act as if [it] were a member of an ideal kingdom of ends in which you were both subject and sovereign at the same time” (Bowie, 10). Currently, Google acts entirely as the sovereign, with their consumers following their rules. In order to create a symbiotic relationship, this needs to change. If deception was removed from the business practice, Google could create a higher value for its consumers, just as it has already done for its employees.

Conclusion: Will they change?

A recent CBC News article reported that Google has begun using their Android’s app downloads to further track their customers. Eric Sherman wrote, “Apple keeps the identities of [app] users under wraps. [But] if you buy an Android app, Google sends personal information to the developer without explicitly telling you” (Sherman). This report, compiled with a history of spotty privacy violations, leads us to believe that Google does not have a strong desire to change its ways. Yet, we have to wonder how long they can keep it up. The terms of their FTC agreement mention that “the fine for violating the [settlement with Google] is $16,000 per violation, per day” (Angwin). While the fine may not deadly to a company that posted $12.21 billion of revenue in the second quarter of 2012 alone, the damage to consumer confidence could be deadly in the future (Shaer). Perhaps when Google realizes the true value of its consumer stakeholders, it will begin searching for a way to include them in the decision making process. Until then, we are left asking the question: will they change?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s