The cloud world is buzzing as Google announced that effective March 1, 2012, it would consolidate more than 60 privacy policies for different services into a single, simplified policy covering all Google services. Not surprisingly, we are already fielding calls from our Google Apps for Business / Education / Government customers with questions about the impact of the change.
Rest easy. Here are the answers.
Not Much is Changing
The consolidated privacy policy is not changing how Google collects or uses information with individual services or across services. The policy is providing a simpler, easier to understand document that is consistent across all services. Google has also removed components of its existing privacy policies that are redundant with content in the Terms of Service policy for each service, which are also being updated and consolidated into a single, consistent policy.
Note that the Privacy Policy address how Google collects and uses information about individual users, but that the Terms of Service dictate how Google treats content you place or store using Google services. To understand how your information is protected, you must review both documents.
Public and Free Services versus Business / Education / Government Services
The new Terms of Service and Privacy Policy provide a baseline for all services. The Terms of Service clearly states that
“Also, in some of our Services, there are terms or settings that narrow the scope of our use of the content submitted in those Services.”
Google Apps for Business, for Education, and for Government all have these additional terms and settings.
Confidentiality in Google Apps for Business / Education / Government
The Terms of Service for Google Apps for Business, for Education, and for Government each define Confidential Information as follows:
“Confidential Information means information disclosed by a party to the other party under this Agreement that is marked as confidential or would normally be considered confidential under the circumstances. Customer Data is Customer’s Confidential Information.
Very simply, the agreement defines all user/customer content in these services as confidential.
The Terms of Service prevent Google from accessing or disclosing customer information without permission and guarantee a standard of care related the security, availability, and privacy of customer information.
Exceptions
There are exceptions when Google may disclose or publicly display Google Apps for Business / Education / Government customers.
- A User Marks Content as Public: If a user marks content as “public” or as “publish on the web”, the user is giving permission to Google and instructing Google to index the content in Google search engine and to make the content available to everyone publicly. Google Apps administrators can limit user permissions to prevent them from marking content as public.
- Required Disclosure: Per the Terms of Service, Google may “… disclose the other party’s Confidential Information when required by law but only after it, if legally permissible: (a) uses commercially reasonable efforts to notify the other party; and (b) gives the other party the chance to challenge the disclosure.”
Summary
While Google’s consolidation of privacy policies makes for great, sensational headlines, the reality is that their is no material change in how Google addresses information privacy. For Google Apps for Business, for Education, and for Government customers, there is no change what so ever.