From Cnet/Declan’s blog:
A top Republican in the House of Representatives is demanding that Google answer a barrage of questions about privacy, some of which are related to the company’s proposed purchase of the DoubleClick advertising firm.
Rep. Joe Barton, who has positioned himself as a privacy advocate and previously criticized the merger last month, complained in a letter to Google CEO Eric Schmidt that the company had initially agreed to let his aides visit the so-called Googleplex in Mountain View, Calif. but then didn’t confirm a date. Barton is the senior Republican on the House Energy and Commerce Committee, which has Internet regulation as one of its responsibilities.
Interesting to see what Barton wants to know about, his letter to Google outlining his requests about the company’s information use and technology is very, very extensive. Snippets:
To help us better understand the privacy and consumer protection implications of this transaction, please respond to the following questions:
1. Please describe Google’s retention policy with respect to the following data. Include in your response a description of the type of data retained (for example, URL, Internet Protocol [IP] address, date, time of connectivity); the length of time the data is retained; where the data is retained; who has access to the retained data; and how the data is removed, deleted, or anonymized once the retention period lapses.
a. Search queries on Google search;
b. Search queries on Google maps;
c. Search queries on Google news;
d. Search queries on Google images;
e. Email sent, received, or drafted on Gmail;
f. Information or data collected or retained through a website’s use of Google Analytics;
g. Information or data collected or retained from an individual’s use of Google Desktop Search, including the Google Desktop Search feature, Search Across Computers;
h. Google Maps for Mobile;
i. Google Web History Program for registered Google users/Google users with sign-in accounts;
j. Information or data collected or retained from an individual’s use of Picasa;
k. Information or data collected or retained from an individual’s use of Calendar;
2. Please explain how Google uses the information or data described in Question 1(a) – (l), including, but not limited to, the following uses: perfecting Google’s search algorithm; operating Google’s advertising programs such as AdWords and AdSense; and research or analysis of user activity on www.google.com.
… 5. In particular, please explain whether Google Maps directs advertisements to IP addresses based on that user’s Google Maps search query history.
6. Please explain how and why information is combined or shared across platforms when consumers opt-in for personalized services and whether Google first requires consent prior to such information-sharing. (For instance, whether search query data is shared with or linked to a user’s Gmail account.)
a. Please describe how Google interprets “reasonably linked.”
b. Please explain in what circumstances Google links information
such that an individual can be identified.
c. Please explain whether Google considers an IP address to be “personal information.”
d. Please explain whether technology exists to personally identify or determine the personal characteristics, including, but not limited to, name, email address, physical address or location, age, gender, or ethnicity of an Internet user based on that user’s IP address.
e. Please explain whether Google is capable of identifying or determining personal characteristics, including, but not limited to, name, email address, physical address or location, age, gender, or ethnicity of an Internet user based on that user’s IP address.
…. 20. If the merger of Google and DoubleClick is approved, please describe what use Google plans to make of the data retained and collected by DoubleClick (for example, data from DoubleClick’s tracking cookies or DoubleClick click-stream data), and whether Google plans to combine or merge DoubleClick’s data with data Google retains from individual search queries and other user activity on www.google.com.
a. If Google does not intend to merge or combine the data Google retains with the information or data retained or collected by DoubleClick, please describe the efficiencies of the Google-DoubleClick merger. (emphasis mine) b. If Google does not intend to merge or combine the data Google retains with the information or data retained or collected by DoubleClick, please explain how the information will be segregated.
…24. The House passed the Securely Protect Yourself Against Cyber Trespass (SPY ACT) in the current and prior two Congresses. The SPY ACT, H.R. 964, sponsored by Representatives Mary Bono and Adolphus Towns, mandates an opt-in privacy regime by prohibiting the collection of personal information from a computer without a user’s notice and consent prior to the execution of any information collection program. H.R. 964 also demands that a user be able to easily remove or disable the information collection program. Please explain whether Google’s applications are subject to H.R. 964’s consent requirements. If the answer is no, please explain why these programs, which collect personal information, are not subject to the consent regime established by H.R. 964.
I for one and very, very happy Rep. Barton has laid this out, and very eager to see what response will be given.
Update: Henry speculates that this may be the work of MSFT.