Consumer Federation of California

Letter to CEO says company is violating state’s privacy law, threatens
government action

California lawmaker has joined the chorus of voices urging Google Inc. to include a link to its privacy policy on the home page of its Web site, as required by state law.

In a letter addressed to Google CEO Eric Schmidt and dated yesterday, State Assemblyman Joel Anderson warned the search engine giant that he was prepared to push for new legislation or seek the state attorney general’s help to force the company to comply with the law if it refuses to do so on its own. Anderson’s office didn’t immediately respond to a request for clarification on what sort of legislation he might author.

His letter follows a petition that was sent to Google last week by 14 consumer and privacy advocacy groups, including the Privacy Rights Clearinghouse, the World Privacy Forum, the Electronic Frontier Foundation, Consumer Action, the American Civil Liberties Union of Northern California and the Consumer Federation of California.

In their petition, the groups urged Google to add a link to its privacy policy as mandated by the California Online Privacy Protection Act, which was approved in 2003 and took effect in July 2004. Doing so would make it easier for Web users to access information on the company’s policies related to the personal data that it collects and stores, the groups said. They described Google’s reluctance to put a privacy-policy link on its home page as "alarming."

Under the California privacy act, Web sites that collect personal information are required to include a prominent link to their privacy policies on their home pages. In addition, the links must provide one-click access to the policies.

Anderson, a Republican whose state assembly district includes portions of San Diego and eight surrounding communities, said in a statement announcing his letter to Schmidt that Google was "clearly in violation of the law" and that the company should heed "the reasonable request" of the advocacy groups.

"If Google continues to hide behind legal loopholes, then I will take matters into my own hands and close the loophole," Anderson said in the statement. "New legislation is one way I can close that loophole." He added that his letter was prompted by that fact that many consumer rights groups from California, including ones based in his legislative district, had signed the earlier petition to Google.

Google didn’t immediately return a call seeking comment about Anderson’s letter. The company has maintained that although it considers privacy protections to be important, it doesn’t think a link to its policy is needed on its home page.

According to Google, users who want to read its privacy policy can simply type the words "Google privacy policy" into the company’s search engine and access not only the policy but more information about privacy. That meets the spirit of the California privacy law, Google contends.

In responses to a New York Times reporter, who wrote about the issue in late May, Google also said that adding a privacy link to its google.com search engine page would needlessly clutter the mostly blank-white space.

Google is being targeted over its reluctance to add the privacy-policy link because of the vast amount of personal information it collects ‘ including health care data as part of its new Google Health service. The link issue is only the latest in a growing list of concerns that have been expressed by various groups over Google’s privacy practices.