Keeping Your Tax Identity Safe

Posted by Rob Mahini, Policy Counsel

Once upon a time, Tax Day meant pens and pencils, paper forms, and long waits at the post office. Now, the Internet makes tax day much simpler -- online software and e-Filing now allows everyone a much smoother Tax Day experience. Unfortunately, the Internet also makes something else easier: tax identity theft that allows scammers to do things like file for fraudulent tax refunds or apply for jobs.

As the FTC noted earlier this month, "identity theft has been the top consumer complaint to the FTC for 13 consecutive years, and tax identity theft has been an increasing share of the Commission’s identity theft complaints." In fact, tax ID theft accounted for more than 43 percent of the FTC's ID theft complaints, "making it the largest category of identity theft complaints by a substantial margin."

With this in mind, the FTC hosted events around the country last week as part of its Tax Identity Theft Awareness Week, to educate consumers about the risks of tax identity theft and how to avoid becoming a victim. The IRS also released a video this month to educate taxpayers on what to do if they are victimized by tax ID theft.

At Google's Good To Know site, consumers can learn about the many ways that they can protect all of their data, including their SSN, tax forms, and other information that tax identity thieves are after. For example:

• Don’t reply if you see a suspicious email, instant message or webpage asking for your personal or financial information. Identity thieves try to use these phishing techniques to steal your information such as your social security number or other tax info. 
• If you see a message from someone you know that doesn’t seem like them, their account might have been compromised by a cyber criminal who is trying to con you into providing your SSN or other sensitive information. 
• Don’t send your password via email, and don’t share your password with others -- thieves that gain access to your accounts can then steal your tax identity. Legitimate sites won’t ask you to send them your passwords via email, so don’t respond if you get requests for your passwords to online sites.

The ease and convenience of the Internet has helped simplify tax filing. And following these tips will help keep your tax information safe in the process.

Don't get locked out: set up recovery options for your Google Account

Posted by Diana Smetters, Software Engineer

This summer we’re posting regularly with privacy and security tips. Knowing how to stay safe and secure online is important, which is why we created our Good to Know site with advice and tips for safe and savvy Internet use. -Ed.

Strong passwords help protect your accounts and information on the web. But forgetting your password is like losing your keys—you can end up locked out of your own home. It gets worse if your password gets compromised or stolen. Sometimes the thief will change your password so you can't get back into your own account—kind of like someone stealing your keys and then changing the lock.

If you've lost your Google password, you need a way to get back into your Google Account—and back to all of your stuff in Gmail, Maps, Google+ and YouTube. To help you, Google needs to be able to tell that you’re the rightful account owner even if you don't have the right password. There are a few easy steps you can take right now to make it easy for you—and no one else—to get into your Google Account if you forget or don’t know the password.

1. Add a recovery email address. By registering an alternate email address with your Google Account settings, you’re giving Google another way to reach you. If you forget your password, Google can send a link to that recovery email address so you can reset your password. Google can also use that email address to let you know if we detect something suspicious happening with your account.

Setting up your recovery options can help you get back in

if you get locked out of your Google Account

2. Add a phone number to your Google Account. Your mobile phone is the best way to regain access to your account if you forget your password. It's like the "fast lane" for account recovery: we text a code to the phone number you've registered with us, and you're back in business in no time. Your phone is more secure and reliable than other means of recovering your account. Methods like “secret” questions (asking your mother’s maiden name or city where you were born) may have answers that are easy to remember, but they are also possible for bad guys to uncover. And we’ve consistently seen that people who register a recovery phone are faster and more successful at getting their accounts back than those recovering their accounts via email.

You can also get a text message if Google detects that something suspicious is going on with your account. Giving a recovery phone number to Google won’t result in you being signed up for marketing lists or getting more calls from telemarketers. 3. Keep your recovery options up to date. It’s a good idea to check your recovery options every so often. For example, if you change your phone number after setting up your recovery options, take just a minute to update your recovery settings to match. We'll remind you of your current settings every so often to make it easier for you to keep them up to date.

That’s it! You can either update your recovery options next time you’re prompted, or you can take two minutes to do it right now on our Account recovery options page. For more advice on how to protect yourself and your family online, visit our Good to Know site, or check out some of the other posts in our series on staying safe and secure.

Dude, where’s my phone? Simple steps to protect your Android device this summer.

Posted by Adrian Ludwig, Android Security Engineer

This summer we’re posting regularly with privacy and security tips. Knowing how to stay safe and secure online is important, which is why we created our Good to Know site with advice and tips for safe and savvy Internet use. -Ed.

With summer vacation in full swing, you’re likely out and about, using your smartphone or tablet to get answers on the go or check out the latest cool apps and games. But you don’t have to leave safety at home! In this post, we’re sharing a few tips and tools that you can easily set up if you’re on an Android phone or tablet to keep your device—and the contents inside—safe and secure, including a new service that makes it easy to locate a misplaced device.

1. Lock your device screen. Whether you’re on a phone or a tablet, it’s easy to set up a screen lock. This is important to do in case your device gets left in the back of a car, or you’re worried about someone picking up your phone and scrolling through your stuff. You can lock your device with a pin, password, pattern (or even your face!) by going to Settings > Personal > Security > Screen Lock.

2. Protect your phone from suspicious apps. We automatically scan Google Play to block and remove harmful apps. That makes Google Play the safest place to get Android apps. But Google Play can also help protect you even for apps you get elsewhere, like the web or a third-party app store. The first time you start to install an app from an unknown source, a message will pop up asking if you’d like Google to scan the file to make sure it’s not harmful. Tap “OK” to let Google help protect you from harmful apps.

3. Locate, ring and wipe a misplaced device. Have you ever lost your phone in between the couch cushions or left it in a restaurant? Later this month, you will be able to use a new service called Android Device Manager, which can quickly ring your phone at maximum volume so you can find it (even if it’s been silenced), or locate it on a map, in real time, using Android Device Manager. If your phone can’t be recovered, or has been stolen, you can quickly and securely erase all of the data on your device to keep your data from ending up in the wrong hands. The Android Device Manager will be available for devices running Android 2.2 and above, as part of Google Play. You can read the full announcement on the Android blog.

For more advice on how to protect yourself and your family online, visit our Good to Know site, and stay tuned for more posts in our security series.

A few easy tools the whole family will love

Posted by Matthias Helier, Staff Software Engineer

This summer we’re posting regularly with privacy and security tips. Knowing how to stay safe and secure online is important, which is why we created our Good to Know site with advice and tips for safe and savvy Internet use. -Ed.

Summer is here, and with kids out of school it is a great time for families to explore the web together—from learning what makes fireflies glow to playing online games together. But while there is a lot of entertaining, educational content online, there are also materials I’d rather not see when I’m surfing the web with my family. Google has built a number of tools that parents can use to help keep content they would rather not see from popping up on the family computer. It takes less than five minutes to turn them on, so follow the steps below to help make your search results more family-friendly this summer.

1. Turn on SafeSearch in Google Search
Turning on SafeSearch is an easy way to help you hide images, search results and videos intended just for adults. It’s especially helpful if you’re concerned about the content that might pop up on your family computer, and it’s easy to turn on. Just visit the Google Search Settings page, go to the "SafeSearch filters" section, and check the box to filter mature content from Google Search result pages. These preferences will apply for any searches done using that browser on your computer. If you have multiple browsers on your family computer, you might want to turn SafeSearch on for each one.

You can turn SafeSearch on or off from the Search Settings page

2. Save and lock your preferences
Once you’ve set your preferences, make sure to click the Save button at the bottom of the page. And if you're signed in to your Google Account, you can also lock the SafeSearch filter so others can’t change your preferences—just click “Lock SafeSearch.” Now the setting is protected with your Google Account password. While no filter is 100 percent perfect, with SafeSearch on you can feel more confident browsing the web with your family.

3. Turn on YouTube Safety Mode
YouTube Safety Mode helps you and your family avoid videos that might be OK with our Community Guidelines, but you might not want popping up on your family computer. Turning on Safety Mode in YouTube takes just one step. Scroll down to the bottom of any YouTube page and click on the button that says “Safety” at the bottom of the page—now you can choose your preferences for Safety Mode.

Click the button that says “Safety” at the bottom of any YouTube page, and then choose your preferences

4. Lock your Safety Mode preferences
Just like with Safe Search, you can also log in with your Google Account and lock YouTube Safety Mode on each one of your computer’s browsers. It will filter videos with mature content, so they won’t show up in video search results, related videos, playlists, shows or films. YouTube Safety Mode will also help hide objectionable comments.

5. Turn on SafeSearch on mobile
SafeSearch is available on your phone or other mobile device, as well as the web. You can turn on SafeSearch for Google on your mobile device by opening your phone’s browser and visiting google.com/preferences. Scroll to the SafeSearch Filters section to select what level of filtering you would like to enable. Be sure to tap “Save Preferences” after you’ve made your selection.

To enable SafeSearch on YouTube’s mobile app, first open your settings, then press “Search.” From there, select “SafeSearch Filtering” and select moderate or strict filtering.

Helping your family have a positive and safe experience with Google is important to you, and it’s important to us, too. That’s why we’ve partnered with parents and experts on free and easy to use tools and resources to help your family stay safe and secure when browsing online. If you’re interested in even more of our tools and tips, please see our Good to Know site, and stay tuned for more security tips throughout the summer.

(Cross-posted from the Official Google Blog)

Protecting Seniors from Identity Theft

Posted by Jenny Backus, Public Policy Team

Every day in this country, someone’s mother, grandfather, or older neighbor is a victim of identity theft. Whether the identity thieves attack through a confusing telemarketing scam, a misleading piece of mail, or over the Internet, seniors and their families are increasingly at risk of long-term financial and emotional damage that can take years to undo.

In order to address this issue, the Federal Trade Commission and a coalition of public and private partners like the National Consumer League’s Fraud.org are working together to protect seniors from identity theft. Google will also be recognizing Older Americans Month this May by offering tips for seniors to help them stay safe and secure online.

The FTC’s report of 2012 consumer complaint data recently showed that complaints about identity theft from older Americans are increasing at a faster rate than for any other age group. In fact, identity theft complaints from those over 70 increased by almost 70% since 2010, while complaints from 60 to 70 year olds increased by 53% in the same period.  

Google’s Good to Know site is designed to help educate consumers of all ages about online threats and tools they can use to protect themselves, including information on how to protect themselves from identity theft.

Here are five tips from our security experts:

• Don’t reply if you see a suspicious email, instant message or webpage asking for your personal or financial information. Identity thieves can steal your information and then use it to withdraw money from your bank account.
• Never enter your password if you’ve arrived at a site by following a link in an email or chat that you don’t trust.
• If you see a message from someone you know that doesn’t seem like them, their account might have been compromised by a cyber criminal who is trying to get money or information from you. Think before responding!
• Don’t send your password via email, and don’t share your password with others. Legitimate sites won’t ask you to send them your passwords via email, so don’t respond if you get requests for your passwords to online sites.
• Report any suspicious emails and scams. Many email providers, including Gmail, provide an easy way for you to report fishy emails and scams, and it can help our teams stop similar mail from being sent to you and others.

Seniors around the country can also learn more by attending or viewing by webcast the FTC’s workshop today on protecting seniors from identity theft. With speakers from some of the most trusted consumer groups, local, state and government leaders, and lead experts on fraud prevention, the FTC workshop will focus on forms of ID theft that are particularly significant for seniors, from the risks that seniors face in nursing homes to the identity theft concerns that arise when they file their taxes or seek government assistance, which is increasingly happening online.

Stopping bad actors who target seniors and preventing the rise of identity theft is a shared mission for all of us. Google is committed to making the Internet safer, and protecting our users of all ages.

Plan your digital afterlife with Inactive Account Manager

Posted by Andreas Tuerk, Product Manager

Not many of us like thinking about death — especially our own. But making plans for what happens after you’re gone is really important for the people you leave behind. So today, we’re launching a new feature that makes it easy to tell Google what you want done with your digital assets when you die or can no longer use your account.

The feature is called Inactive Account Manager — not a great name, we know — and you’ll find it on your Google Account settings page. You can tell us what to do with your Gmail messages and data from several other Google services if your account becomes inactive for any reason.

For example, you can choose to have your data deleted — after three, six, nine or 12 months of inactivity. Or you can select trusted contacts to receive data from some or all of the following services: +1s; Blogger; Contacts and Circles; Drive; Gmail; Google+ Profiles, Pages and Streams; Picasa Web Albums; Google Voice and YouTube. Before our systems take any action, we’ll first warn you by sending a text message to your cellphone and email to the secondary address you’ve provided.

We hope that this new feature will enable you to plan your digital afterlife — in a way that protects your privacy and security — and make life easier for your loved ones after you’re gone.

 

Giving you more insight into your Google Account activity

Posted by Andreas Tuerk, Product Manager

(Cross-posted from the Official Google Blog)

Every day we aim to make technology so simple and intuitive that you stop thinking about it—we want Google to work so well, it just blends into your life. But sometimes it’s helpful to step back and take stock of what you’re doing online.

Today we’re introducing Account Activity, a new feature in your Google Account. If you sign up, each month we’ll send you a link to a password-protected report with insights into your signed-in use of Google services.

For example, my most recent Account Activity report told me that I sent 5 percent more email than the previous month and received 3 percent more. An Italian hotel was my top Gmail contact for the month. I conducted 12 percent more Google searches than in the previous month, and my top queries reflected the vacation I was planning: [rome] and [hotel].

Click the image for a larger version

Knowing more about your own account activity also can help you take steps to protect your Google Account. For example, if you notice sign-ins from countries where you haven’t been or devices you’ve never owned, you can change your password immediately and sign up for the extra level of security provided by 2-step verification.

Give Account Activity a try, and tell us what you think by clicking on the “Send feedback” button in the lower right corner of your report. Over the next few months, we plan to incorporate more Google services. Meanwhile, we hope this feature helps you better understand and manage your information on Google.

Google welcomes broad industry agreement on advertising and privacy

Posted by Susan Wojcicki, SVP, Advertising

There’s been a lot of debate over the last few years about personalization on the web. We believe that tailoring your web experience -- for example by showing you more relevant, interest-based ads, or making it easy to recommend stuff you like to friends -- is a good thing. We also believe that the best way to protect your privacy is to enable you to exercise choice through meaningful product controls. That said, given the number of different browsers and products available online today -- many of which have different privacy controls -- we recognize that it can get confusing.

So we’re pleased to sign up to today’s industry-wide agreement (you can read the details here) -- put together by the White House, the Federal Trade Commission and the Digital Advertising Alliance (DAA), which represents over 90 percent of all online advertising in the U.S -- to create a simpler, more unified approach to privacy on the web. Under this agreement, users will be able to exercise choice under the DAA Principles by setting what has been called a “Do Not Track” header straight from their browser. The DAA Principles, and therefore the header, cover some aspects of tailored advertising. But, for example, if users have requested personalization (such as by signing up for particular services) or visit websites that use “first party” cookies to personalize the overall experience (for example a news website recommending articles to its readers, or a video site remembering your volume preferences), then browsers will not break that experience. In addition, today’s agreement supports continued innovation and competition on the web, as well as important, basic web functionality -- such as malware, spam and fraud detection.

We look forward to working with our industry partners, the White House, the FTC, the DAA and all the major browsers including Google Chrome, to adopt a broadly consistent approach to these controls -- rather than the situation today where every browser sets its own defaults, policies, and exceptions. In particular, we are pleased that today’s agreement will ensure that users are given an explicit choice, and be fully informed of the available options.

This agreement will not solve all the privacy issues users face on the web today. However, it represents a meaningful step forward in privacy controls for users. We look forward to making this happen.

Busting myths about our approach to privacy

Posted by Betsy Masiello, Policy Manager


A number of myths are being spread about Google’s approach to privacy. We just wanted to give you the facts.

• Myth:In 2011, Google made $36 billion selling information about users like you. [Fairsearch Ad - See this piece for more]
• Fact: Google does not sell, trade or rent personally identifiable user information. Advertisers can run ads on Google that are matched to search keywords, or use our services to show ads based on anonymous data, such as your location or the websites you’ve visited.

• Myth: Google’s Privacy Policy changes make it harder for users to control their personal information. [Microsoft]
• Fact: Our privacy controls have not changed. Period. Our users can: edit and delete their search history; edit and delete their YouTube viewing history; use many of our services signed in or out; use Google Dashboard and our Ads Preferences Manager to see what data we collect and manage the way it is used; and take advantage of our data liberation efforts if they want to remove information from our services.

• Myth: Google is changing our Privacy Policy to make the data we collect more valuable to advertisers. [Microsoft]
• Fact: The vast majority of the product personalization Google does is unrelated to ads—it’s about making our services better for users. Today a signed-in user can instantly add an appointment to their Calendar when a message in Gmail looks like it’s about a meeting, or read Google Docs within their email.
  
  
• Myth: Google reads your email. [Microsoft]
• Fact: No one reads your email but you. Like most major email providers, our computers scan messages to get rid of spam and malware, as well as show ads that are relevant to you.

• Myth: Google Apps aren't safe, and aren't government-certified. [Microsoft]
• Fact: Google's Apps are certified for government use because they are secure.

• Myth: Google’s Privacy Policy changes jeopardize government information in Google Apps. [SafeGov.org]
• Fact: Our new Privacy Policy does not change our contractual agreements, which have always superseded Google’s Privacy Policy for enterprise customers.

• Myth: Microsoft’s approach to privacy is better than Google’s. [Microsoft]
• Fact: We don’t make judgments about other people’s policies or controls. But our industry-leading Privacy Dashboard, Ads Preferences Manager and data liberation efforts enable you to understand and control the information we collect and how we use it—and we’ve simplified our privacy policy to make it easier to understand. Microsoft has no data liberation effort or Dashboard-like hub for users. Their privacy policy states that “information collected through one Microsoft service may be combined with information obtained through other Microsoft services.”

We’ve always believed the facts should inform our marketing—and that it’s best to focus on our users rather than negative attacks on other companies. Onwards!

Changing our privacy policies, not our privacy controls

Posted by Pablo Chavez, Director, Public Policy

Last week we heard from members of Congress about Google’s plans to update our privacy policies by consolidating them into a single document on March 1. Protecting people’s privacy is something we think about all day across the company, and we welcome discussions about our approach.

We hope this letter, in which we respond to the members’ questions, clears up the confusion about these changes. We’re updating our privacy policies for two reasons:

First, we’re trying to make them simpler and more understandable, which is something that lawmakers and regulators have asked technology companies to do. By folding more than 60 product-specific privacy policies into our main Google one, we’re explaining our privacy commitments to users of those products in 85% fewer words.

Second, we want to make our users’ experience seamless and easy by allowing more sharing of information among products when users are signed into their Google Accounts. In other words, we want to make more of your information available to you when you’re signed into Google services.

Some important things aren’t changing:

• We’re still keeping your private information private -- we’re not changing the visibility of any information you have stored with Google.
• We’re still allowing you to do searches, watch videos on YouTube, get driving directions on Google Maps, and perform other tasks without signing into a Google Account.
• We’re still offering you choice and control through privacy tools like Google Dashboard and Ads Preferences Manager that help you understand and manage your data.
• We still won’t sell your personal information to advertisers.
• We’re still offering data liberation if you’d prefer to close your Google Account and take your data elsewhere.

While our privacy policies will change on March 1, our commitment to our privacy principles is as strong as ever.

Setting the record straight about our privacy policy changes

Posted by Betsy Masiello, Policy Manager

A lot has been said about our new privacy policy. Some have praised us for making our privacy policy easier to understand. Others have asked questions, including members of Congress, and that’s understandable too. We look forward to answering those questions, and clearing up some of the misconceptions about our privacy policies that first appeared in the Washington Post.

So, here’s the real story:

• You still have choice and control. You don’t need to log in to use many of our services, including Search, Maps and YouTube. If you are logged in, you can still edit or turn off your Search history, switch Gmail chat to “off the record,” control the way Google tailors ads to your interests, use Incognito mode on Chrome, or use any of the other privacy tools we offer.
• We’re not collecting more data about you. Our new policy simply makes it clear that we use data to refine and improve your experience on Google — whichever products or services you use. This is something we have already been doing for a long time.
• We’re making things simpler and we’re trying to be upfront about it. Period.
• You can use as much or as little of Google as you want. For example, you can have a Google Account and choose to use Gmail, but not use Google+. Or you could keep your data separate with different accounts -- for example, one for YouTube and another for Gmail.

For more detail, please read the new privacy policy and terms, and visit this site to learn more.

Tech tips that are Good to Know

Posted by Alma Whitten, Director of Privacy, Product and Engineering

(Cross-posted from the Official Google Blog)

Does this person sound familiar? He can’t be bothered to type a password into his phone every time he wants to play a game of Angry Birds. When he does need a password, maybe for his email or bank website, he chooses one that’s easy to remember like his sister’s name—and he uses the same one for each website he visits. For him, cookies come from the bakery, IP addresses are the locations of Intellectual Property and a correct Google search result is basically magic.

Most of us know someone like this. Technology can be confusing, and the industry often fails to explain clearly enough why digital literacy matters. So today in the U.S. we’re kicking off Good to Know, our biggest-ever consumer education campaign focused on making the web a safer, more comfortable place. Our ad campaign, which we introduced in the U.K. and Germany last fall, offers privacy and security tips: Use 2-step verification! Remember to lock your computer when you step away! Make sure your connection to a website is secure! It also explains some of the building blocks of the web like cookies and IP addresses. Keep an eye out for the ads in newspapers and magazines, online and in New York and Washington, D.C. subway stations.



The campaign and Good to Know website build on our commitment to keeping people safe online. We’ve created resources like privacy videos, the Google Security Center, the Family Safety Center and Teach Parents Tech to help you develop strong privacy and security habits. We design for privacy, building tools like Google Dashboard, Me on the Web, the Ads Preferences Manager and Google+ Circles—with more on the way.

We encourage you to take a few minutes to check out the Good to Know site, watch some of the videos, and be on the lookout for ads in your favorite newspaper or website. We hope you’ll learn something new about how to protect yourself online—tips that are always good to know!

Update Jan 17: Updated to include more background about Good to Know.

Good to Know

Posted by Will DeVries, Privacy Policy Counsel

We know that staying safe while navigating the web can be a challenge for many people. Today, we’re launching a new resource on the Google website, Good to Know, that makes learning about security and privacy even easier for our users.

Privacy policies and terms of service can often be long, complex and legalistic. Our goal with the Good To Know campaign is to provide people with practical guidance, like how to select a safe password or keep their online accounts secure. In the past few years, we’ve tried to make it easier for our users to learn about staying safe online by equipping them with a variety of tools through our Privacy, Security, and Family Safety centers.

The new Good to Know website builds on this commitment to explaining things in simple language. The in-depth resources are still there, but we hope a one-stop-shop resource will make this information more accessible for everyone. Improving media literacy is a shared task, and we’ll continue to do our part to help empower and educate consumers.

Me, Myself and I: Helping to manage your identity on the web

Posted by Andreas Tuerk, Product Manager

In recent years, it’s become easier and easier to publish information about yourself online, through powerful new platforms like social networking sites and photo sharing services. One way to manage your privacy on these sites is to decide who specifically can see this information, determining whether it is visible to just a few friends, family members or everyone on the web. But, another important decision is choosing how you are identified when you post that information. We have worked hard to build various identity options into Google products. For example, while you may want to identify yourself by name when you post an answer to a question in a forum so that readers know the response is reputable, if you upload videos about a controversial cause you may prefer to post under a pseudonym.

However, your online identity is determined not only by what you post, but also by what others post about you -- whether a mention in a blog post, a photo tag or a reply to a public status update. When someone searches for your name on a search engine like Google, the results that appear are a combination of information you’ve posted and information published by others.

Today we’ve released a new tool to help make it easier to monitor your identity on the web and to provide easy access to resources describing ways to control what information is on the web. This tool, Me on the Web, appears as a section of the Google Dashboard right beneath the Account details.

Savvy web users may already have used Google Alerts to set up notifications for mentions of their name or email address in websites and news stories. If you haven’t set up alerts yet, Me on the Web makes it even easier to do so and even automatically suggests some search terms you may want to monitor.

Me on the Web also provides links to resources offering information on how to control what third-party information is posted about you on the web. These include common tips like reaching out to the webmaster of a site to ask for the content to be taken down, or publishing additional information on your own to help make less relevant websites appear farther down in search results.

This is just one of our first steps in continuing to explore ways to help make managing your identity online simpler.

Testimony on location services and mobile privacy

Posted by Alan Davidson, Director of Public Policy, Americas

Mobile location services create enormous social and economic benefits. Many of us are already experiencing those benefits – things as simple as getting real-time traffic maps that aid your commute, or finding the closest gas station on your car’s GPS.

But the value of these services extends far beyond commerce and convenience. They can also be lifesavers. Mobile location services can help you find the nearest hospital or police station, or let you know where you can fill a prescription at one in the morning for a sick child. And this is just the start.

We are now working with partners like the National Center for Missing and Exploited Children to explore how to deliver AMBER alerts about missing children within seconds to all users nearby. And mobile services will soon be able to alert people in the path of a tornado or tsunami, or guide them to an evacuation route in the event of a hurricane.

Mobile services have growing importance for our economy; according to recent market reports, their potential economic impact is staggering. These services are creating jobs in new businesses and increasing jobs in existing businesses.

To succeed in the long run, however, they require consumer trust built on strong privacy and security protections. We are committed to providing that trust.

This morning I testified before the Senate Commerce Committee about how we protect our users’ privacy, including those who use mobile location services. You can read my full testimony here.

Our Senate testimony on protecting Android users’ privacy

Posted by Alan Davidson, Director of Public Policy, Americas

This morning I’ll be testifying before the Senate Judiciary Committee about the important issue of mobile privacy. You can read my full testimony here or watch a webcast of the hearing here starting at 10 a.m. EDT.

Mobile devices and location services are now used routinely by tens of millions of Americans and create enormous benefits for our society. Those services will not be used – and they cannot succeed – without consumer trust, built on a sustained effort by our industry to protect user privacy and security. With this in mind, at Google we have made our mobile location services opt-in only – treating this information with the highest degree of care possible.

Google focuses on privacy protection throughout the life cycle of product development, starting with the initial design. We are particularly sensitive when it comes to location information. We provide transparent information for users about what is collected; opt-in choice before location information is collected; and high security standards to anonymize and protect information. Our hope is that this becomes a standard for the broader industry.

The freedom to be who you want to be…

Posted by Alma Whitten, Director of Privacy, Product and Engineering

Peter Steiner’s iconic “on the Internet, nobody knows you’re a dog” cartoon may have been drawn in jest--but his point was deadly serious, as recent events in the Middle East and North Africa have shown. In reality, as the web has developed--with users anywhere able to post a blog, share photos with friends and family or “broadcast” events they witness online--the issue of identity has become increasingly important.

So, we’ve been thinking about the different ways people choose to identify themselves (or not) when they’re using Google--in particular how identification can be helpful or even necessary for certain services, while optional or unnecessary for others. Attribution can be very important, but pseudonyms and anonymity are also an established part of many cultures -- for good reason.

When it comes to Google services, we support three types of use: unidentified, pseudonymous and identified. And each mode has its own particular user benefits.

Unidentified. Sometimes you want to use the web without having your online activity tied to your identity, or even a pseudonym—for example, when you’re researching a medical condition or searching for that perfect gift for a special someone. When you’re not logged into your Google Account (or if you never signed up for one), that’s how you’ll be using our services. While we need to keep information like IP addresses and cookies to provide the service, we don’t link that information to an individual account when you are logged out.

Pseudonymous. Using a pseudonym has been one of the great benefits of the Internet, because it has enabled people to express themselves freely—they may be in physical danger, looking for help, or have a condition they don’t want people to know about. People in these circumstances may need a consistent identity, but one that is not linked to their offline self. You can use pseudonyms to upload videos in YouTube or post to Blogger.

Identified. There are many times you want to share information with people and have them know who you really are. Some products such as Google Checkout rely on this type of identity assurance and require that you identify yourself to use the service. There may be other times when it’s more desirable to be identified than not, for example if you want to be part of a community action project you may ask, “How do I know these other people I see online really are community members?”

Equally as important as giving users the freedom to be who they want to be is ensuring they know exactly what mode they’re in when using Google’s services. So recently we updated the top navigation bar on many of our Google services to make this even clearer. In the upper right hand corner of these Google pages, you will see an indicator of which account, if any, you are signed into.

We’re also looking at other ways to make this more transparent for users. While some of our products will be better suited to just one or two of those modes, depending on what they’re designed to do, we believe all three modes have a home at Google.

Celebrating Data Privacy Day

Posted by Alma Whitten, Director of Privacy, Product and Engineering
(Cross-posted from the Official Google Blog)

It’s become a welcome tradition: Today is the fourth annual Data Privacy Day. Dozens of countries have been celebrating with events throughout the week to inform and educate us all about our personal data rights and protections.

This is the first year I’ve marked this day as director of privacy across both engineering and product management at Google. I’ve chosen to spend the day in Washington, D.C., where there’s a been a lot of robust and productive discussion lately. People from Congress, the Federal Trade Commission, the Department of Commerce, and industry and consumer groups have been contributing to these important conversations about how to best protect people’s data, and we’re happy to be participating too. I’m doing my part by bringing my geek sensibilities into a public discussion that we’re hosting today. In fact, that’s what we’re calling it: “The Technology of Privacy: When Geeks Meet Wonks.” I’ll be joined on the panel by technologists from the Electronic Frontier Foundation, the Federal Trade Commission and the National Institute of Standards and Technology. If you can’t attend in person, don’t worry—we’ll be uploading a video of the event later in the day on our Public Policy blog and you’ll also be able to see it on the Google Privacy Channel on YouTube.

On this Data Privacy Day, a major focus for Google is on creating ways for people to manage and protect their data. We’ve built tools like the Google Dashboard, the Ads Preferences Manager and encrypted search, and we’re always working on further ideas for providing transparency, control and security to empower our users. For example, earlier this week we launched an extension for Chrome users called Keep My Opt-Outs, which enables you to opt out permanently from ad tracking cookies. And pretty soon we’ll be extending the availability of 2-step verification, an advanced account security solution that is now helping protect more than 1,000 new accounts a day from common problems like phishing and password compromise. Right now it’s available to Google Apps Accounts; we’ll be offering it to all users in the next few weeks.

Data Privacy Day 2011 reminds us that as industry and society are busy moving forward, we face new challenges that together we can tackle through conversation and innovation. We’re eager to be part of the solution.

Update (2/1/11):  Here's the video of our panel, "The Technology of Privacy: When Geeks Meet Wonks." Enjoy –

Keep your opt-outs

Posted by Sean Harvey and Rajas Moonka, Product Managers

Today we’re making available Keep My Opt-Outs, which enables you to opt out permanently from ad tracking cookies. It’s available as an extension for download in Chrome.

Why have we developed this feature?

Recently, the Federal Trade Commission and others have expressed interest in a “Do Not Track” mechanism that could offer users a simple way to opt out of personalized advertising. Advertising companies that are members of the Network Advertising Initiative (NAI) already let you opt out of tracking for the purposes of personalizing advertisements, and many online advertisers and trade associations have also joined a major self-regulatory effort to enforce a uniform privacy icon for ads, as well as opt-out guidelines.

There are more than 50 companies that are members that offer opt outs via these programs, including the top 15 largest ad networks in the U.S. Some, like Google, enable you not only to opt out, but to tailor the personalization of ads by specifying what types of ads you’re most interested in seeing.

However, the industry has faced a recurring technical challenge with these opt-outs and controls. If you clear your browser’s cookies, all customized settings — including these opt-outs — are lost. Another challenge is that sometimes new companies offer opt-outs, so you’d have to check frequently to make sure you’re opted out of what you want. A better “Do Not Track” mechanism is a browser extension that means you can easily opt out of personalized advertising from all participating ad networks only once and store that setting permanently.

We’ve been working on addressing these issues for awhile. Nearly two years ago, we engineered a solution for Google’s ad system. We made available, for all major browsers, a downloadable browser plugin that enables you to permanently opt out of Google’s advertising cookie, even if you deleted all your browser’s cookies. We’ve also built granular cookie controls into Chrome directly, and integrated Adobe Flash Player storage management into these controls. We’ve also modified Chrome’s incognito mode to ensure that it applies to “Flash cookies” in addition to regular cookies.

Today we are building on this work, and that of others, by allowing you to permanently opt out of ad tracking from all companies that offer opt-outs through the industry self-regulation programs. Keep in mind that once you install the Keep My Opt-Outs extension, your experience of online ads may change: You may see the same ads repeatedly on particular websites, or see ads that are less relevant to you.

Importantly, we’ve designed the extension so that it should not otherwise interfere with your web browsing experience or website functionality. This new feature gives you significant control without compromising the revenue that fuels the web content that we all consume every day.

More to come

We’re working to make this feature available for other browsers, too. We’ve also decided to make the code for this extension available on an open-source basis, so that other developers can let us know if there’s a bug, or even extend the code’s capabilities if they want to. We’re excited by the speed of innovation in online privacy and look forward to seeing future developments.

The Technology of Privacy: When Geeks Meet Wonks

Posted by Jenna Wandres, Public Policy Communications

Our privacy online depends a lot on the technology we use. So what better way to mark Data Privacy Day than to hear the latest in technology and policy from the people who have a deep understanding of how information gets transmitted and protected online?

Come to Google’s Washington, DC offices for a panel discussion about how privacy affects technology and vice versa. This discussion won’t linger on policy alone. Instead, it will focus on engineering and the mechanics behind the best practices of online privacy.

Moderator:

Kim Hart, Reporter, Politico

Panelists: 

Peter Eckersley, Senior Staff Technologist, Electronic Frontier Foundation

Ed Felten, Chief Technologist, Federal Trade Commission

Ari Schwartz, Senior Internet Policy Advisor, National Institute of Standards and Technology

Alma Whitten, Director of Privacy, Product and Engineering, Google

Friday, January 28, 2011 

Panel begins at 10:00 AM 

Google DC 1101 New York Avenue, NW 2nd Floor
Entrance on Eye Street Washington, DC

Click here to RSVP!