Google Book Search: Protecting Privacy as the Library Moves Online

Aug. 27, 2009— -- Imagine having online access to virtually any book, at anytime, including millions of books no longer in print.

Imagine being able to browse through this extraordinary collection of much of the world's knowledge, search for quotes and key passages, annotate pages with your own thoughts, and share the marked-up page with friends and colleagues.

Now imagine that this uber-library never closes; that it's always just one mouse-click away.

This isn't fiction, it is the ambitious vision of Google Book Search, an online service that stands to revolutionize the way people access and interact with books.

A copyright fight dragged Google's book-search product through the courts, resulting in a controversial settlement that expands the service to the benefit of both sides.

Controversial Settlement Waits for Court Approval

That settlement is now waiting for court approval in October. While the settlement is not perfect, given the extraordinary value that Google Book Search will provide to society, my organization, the Center for Democracy & Technology, is supporting approval of the settlement, as do most library organizations, albeit not without reservations.

One issue — reader privacy — remains unresolved as the date for the settlement hearing fast approaches. While the massive settlement agreement resolves a host of issues between the parties, it says little to nothing about how privacy will be protected as Google takes on the functions of a library.

Yet, offline, the right to read anonymously enjoys strong constitutional protection. For decades, libraries have protected the rights of readers to remain anonymous. Such anonymity is protected by the First Amendment and is a cornerstone of intellectual and political freedom. Almost all states have library confidentiality laws.

The question is whether and how Google will honor these protections as it designs and builds Google Book Search and develops policies to guide its use of customer data.

Privacy at Risk

Under the proposed settlement, Google will be required to collect a substantial amount of information about the people who use Google Book Search. Google will need certain information to control how much content users access electronically (in most cases, users will have access to about 20 percent of a book's content before they must pay) and to track royalties due authors and publishers, among other things.

Even taken in a vacuum, the idea of a massive database of readers, cross-referenced by their reading preferences, choices and activities, raises serious privacy concerns. But those concerns are magnified when considered in the context of the sensitive personal information that Google already collects and controls.

Through its broad array of applications and services, Google has access to a great deal of user information.

Compiling User Information Could Lead to Privacy Vulnerabilities

Google's capacity to collect information, coupled with its often-confusing tangle of policies governing how that information is used, has troubled privacy advocates for years. While Google has taken important steps on the privacy front in the past year, the addition of the Google book data adds a complexity that cannot be ignored.

Combining reader information with its existing database of user information would allow Google to add a rich and intimately personal dimension to its profiles — profiles that could become very attractive to marketers, litigators, the government and others with an interest in profiting from sensitive personal data.

It's easy to see how such an environment could easily lead to significant privacy exposures, especially given the absence of a comprehensive federal consumer privacy law.

Taking thoughtful steps to protect privacy now will help to ensure that Google Book Search lives up to its promise as a powerful social good, rather than becoming the next lightning rod in our ongoing national debate over privacy on the Internet.

Clear, Strong Policies Needed

The privacy challenges presented by the new Google Book Search present Google with an opportunity to step up as a corporate privacy leader by establishing clear policies to protect readers' privacy and pledging to the judge overseeing the settlement to adhere to them going forward.

Because the service is not yet fully implemented, many details of such policies will likely remain in flux into the foreseeable future. But that shouldn't stop Google from committing to a baseline approach that protects users' fundamental rights.

In July, the Center for Democracy & Technology issued a report detailing specific privacy commitments Google could make to ensure that Google Book Search does not infringe on users' rights. The recommendations are grounded in the Fair Information Principles that should form the foundation of all commercial and governmental privacy policies.

Google Must Clearly Explain What Information It Collects

First and foremost, Google must make absolutely clear to its users what information it is collecting, and how that information will be used. While such notice is a linchpin of all privacy policies, Google Book Search should strive to set a new bar for clarity and conspicuousness. Readers should know exactly what they're getting, and exactly what they're giving up in return.

The recommendations also call on Google to establish limits so that it collects only the information it needs to complete Google Book Search transactions. For instance, Google shouldn't have to collect or store significant information about how users are accessing books online (what pages they read, their annotations, etc.). Google's default position must be, "if we don't need it, we won't collect it."

It is also critical that Google limit how it uses the information it is required to collect about users. If such information is needed to calculate payments to publishers, then it should be used for that purpose and no other. Reader data is simply too sensitive to be lumped indiscriminately into online marketing dossiers.

Google Has Opportunity to Set High Standard for Online Reader Privacy

Most importantly, Google should commit to take strong steps when others, including the government, demand reader information.

Given the sensitivity of the information associated with reading and the potential comprehensiveness of the service, Google should commit to insisting that the government obtain a court order or warrant issued upon probable cause before it discloses information that could be used to identify or associate a reader with access to particular books. It should, likewise, resist demands for access by civil litigants and provide users with prompt notice about such demands.

Google has begun to take important steps in the right direction, making some, but not all, of the relevant privacy promises in a recent blog post.

While those promises are welcome, they are neither complete nor enforceable and, thus, fall short of the mark.

With the settlement hearing fast approaching, Google has an opportunity to set a high standard for online reader privacy that will set a precedent for all who follow: first, by publishing a strong privacy policy for the service that covers the full range of issues raised by privacy advocates and, second, by pledging adherence to that commitment in its filing with the court.

With so many issues likely to be raised before the settlement judge, taking the privacy concerns off the table now is good for Google, as well as for readers everywhere.

Leslie Harris is president and CEO of the Center for Democracy & Technology.