Google can never be trusted to protect your privacy

Privacy & Security Posted on August 17, 2012

Google can never be trusted to protect your privacy

Last week saw Google slapped with a $22.5 million fine by the US Federal Trade Commission, in order to settle allegations that the search giant broke its privacy policy, by secretly tracking the browsing habits of millions of people who use Apple’s Safari browser.

The fine represents the biggest penalty every imposed by the FTC, but is a drop in the ocean when you consider that Google’s profits for Q2 2012 alone were $12.21 billion. Furthermore, the punishment was not actually due to Google’s data tracking - Google still admits no wrongdoing - but rather because Google “misrepresented” (re: lied) about what was occurring.

“The Commission has allowed Google to buy its way out of trouble for an amount that probably is less than the company spends on lunches for its employees and with no admission it did anything wrong,” said John Simpson, privacy project director for the nonprofit Consumer Watchdog.

It all begs the question. Is Google capable of protecting user privacy? Or will the company’s business model continually push it toward privacy violations?

Compulsive liar

Last week’s FTC ruling, wasn’t the first time Google’s been wrist-slapped around privacy violations. In March 2011 Google was found guilty of deceiving users and violating its own privacy policy when it launched Buzz in 2010. Buzz – a geo-location social network similar to Foursquare – harvested personal information from Gmail users without permission and exposed private data.

The FTC’s ruling on Buzz, resulted in a settlement that forced Google to submit to independent privacy audits for the next 20-years. It also stipulated that Google cannot make privacy misrepresentations. But Google’s inability to adhere to this last point is precisely what caused the FTC to impose its record fine last week, which hardly inspires confidence.

But the biggest privacy scandal concerning Google concerns Google Streetview. In 2010 German regulators forced Google to reveal its Streetview cars were collecting personal data from private Wi-Fi connections, as they roamed across the country. The data included personal emails, passwords and images. Google said the data collection was unintentional and not intended for any Google products.

However, it turns out – surprise surprise – that Google lied. In fact, an engineer at Google designed the software included in the Streetview cars to specifically to collect data. This engineer even shared his plans and documents with the rest of the Streetview team. The FCC therefore concluded that Google “intended to collect, store and review” the data. The FCC also concluded that this data was probably intended to be used in other Google products.

Did you get that? Google deployed cars around the country to spy on private Wi-Fi connections and collect your personal emails, messages and images, with the probable intention of profiting from such information.

Nature of the beast

All the FCC did in the above case was impose a laughable $25,000 fine on Google for obstructing the investigation. Apparently Google’s data collection was not breaking any specific laws. However, the case has been reopened in the UK because – guess what – yep, Google lied to UK regulators too.

So what can we conclude about all this? Well, I’d say Google has proven itself to be a company willing to lie and steal in order to get its way. Now, that may not be too surprising, many companies do the same. But unlike other companies, Google has a vested interest in eroding our online privacy.

When Eric Schmidt says only people who have something to hide are concerned about online privacy, he is doing it for purely commercial reasons – not because of any real belief. Like Facebook, Google trades in personal data, and as long as it wants to remain competitive and profitable, it will always try to milk its user base for as much information as possible. That’s the company’s business model. And that’s why Google keeps on proving that it can never be trusted to protect your privacy.

We invite you to discuss this post in our Reddit community or on Twitter. You can also send your feedback to

Independent security audit concluded

By Nick Pestell


IVPN applications are now open source

By Viktor Vecsei


Beta IVPN Linux app released

By Viktor Vecsei

IVPN TunnelCrack vulnerability assessment Privacy & Security

IVPN TunnelCrack vulnerability assessment

Posted on September 7, 2023 by IVPN Staff

Context TunnelCrack is the combination of two independent security vulnerabilities (LocalNet attack and ServerIP attack) that affect VPN applications. The research paper detailing these vulnerabilities was published and presented on 11 August 2023. IVPN apps were not tested by the researchers, and unlike other providers, we did not receive a vulnerability disclosure.
Most people don't need a commercial VPN to work from home securely Privacy & Security

Most people don't need a commercial VPN to work from home securely

Posted on April 7, 2020 by Nick Pestell

Many small businesses and their employees are concerned about the security of their data whilst working from home during the coronavirus pandemic. We see a lot of confusion surrounding this topic, even from fairly technical folk and there is unfortunately a lot of misinformation being spread by commercial VPN providers themselves.
Spotted a mistake or have an idea on how to improve this page?
Suggest an edit on GitHub.