Google offers a wealth of devices, applications, and features that have become incredibly useful in this connected world of ours, but you do give up some of your privacy for the privilege. The return makes the trade-off an easy one to make for most folks, but in the eyes of the Electronic Privacy Information Center (EPIC), one such trade-off involving Google’s Store Sales Management program might have stepped over the line.
Unveiled back in May, the program uses your credit card transactions to determine how many sales were generated by digital ad campaigns. More specifically, this data is then combined with other financial information in order to create your profile, which tells companies what you search for in terms of goods and services. These searches then theoretically result in real-world purchases, which Google wants to prove are the results of its online ads.
The problem, according to EPIC’s complaint with the U.S. Federal Trade Commission, is how secretive Google is when it comes to the anonymization process. When Google’s Store Sales Management program creates your profile, it supposedly does so without revealing your name, credit card number, or other private data.
EPIC is concerned that, since Google remains secretive about this anonymization process, there is no way to determine whether it does what it does well. This concern is augmented by CryptDB, a system that the process is based on, and its “known security flaws”:
The foundational algorithm on which the Google platform is based has known security flaws. In 2015, researchers were able to hack into a CryptDB protected database of healthcare records and access over 50 percent (sometimes 100 percent) of sensitive patent data at an individual level.
In the complaint, EPIC also states that there is no clear way for people to opt out of Google’s purchase tracking:
Consumers cannot easily avoid Google’s tracking of their in-store purchase behavior. As described above, there appears to be no mechanism by which Google users can opt out of purchase tracking other than by disabling location tracking entirely. It is not clear to users, however, that the way to avoid tracking of purchases is by disabling location tracking.
Generally speaking, these are not the only concerns regarding the Store Sales Management program. For one, Google also refused to share how the system works in detail when it was first unveiled. It is also unknown which companies analyze credit and debit card records on Google’s behalf. In other words, there is plenty we do not know about the program, but whether that is a good or bad thing, or something in between, is a different question.
Android Authority will reach out to Google for comment on the matter and will update accordingly.