ATENEO DE DAVAO UNIVERSITY

E. Jacinto Street, Davao City

Google: The Quest to Balance Privacy with Profits

A Case Analysis Presented to the Faculty of
School of Business and Governance of
Ateneo de Davao University

In Partial Fulfillment of the Requirement for the course IT 2

Submitted to:
Mr. John Karlo S. Dalangin

Submitted by:
Arandia, Irish
Cabido, Titian
Embrado, Krystalet Nera
Pamaong, Kent Raysil
Quiatchon, Pamela
Saludes, Carla Mae
Singco, Anne Kristelle

BSA 4-A

January 6, 2019
CASE SUMMARY
 From a humble search engine, Google is now the most successful internet company
globally. It now caters mobile operating systems, cloud storage, productivity and communication
services, and advertising to name some. They are also known as the "best company to work
for" since they established certain principles and practices to guide and empower their
workforce. However, despite Google's success, they are experiencing a lot of ethical risks and
issues as they continue to grow and expand in the internet industry. Some complications stem
from organizations because of copyright infringements and from the government because of the
possible violation of antitrust laws. However, the center of attention from all these issues is
regarding Internet Privacy. Google keeps track of users' search terms, records, and stores all
this information --some of which without the user's permission. Although Google strives to
emphasize that the information they collect is for them to provide better services, questions on
violation of users' rights to privacy still arise. Users feel uneasy that Google knows so much
about them. Its data collection poses a threat to these pondering users. Google's lack of
attention in strengthening users' privacy could jeopardize the company's vision to become
responsible corporate citizens.

STATEMENT OF THE PROBLEM

 How can Google maintain user information confidentiality to eradicate breach of privacy while
continuing its profitable operations and quality services that need user information?

The proponents identify this as the major problem since it concerns the privacy of all
users of their services, instead of certain groups or individuals only. Aside from that, the
collection of users' information is essential to Google in order to provide quality service and to
keep its business profitable. For example, Google can present users with a list of book users
may find preferable to read because Google carries information enough to determine the users'
preferences. Thus, the collection of information is an indispensable role of Google.
Consequently, a huge problem between users' interest and that of Google's needs arose. Users
are becoming more concerned about their privacy nowadays. It cannot be avoided especially
now that internet technology has made it possible for hackers to cyber attack 4 of 10 business in
the past twelve months (Ipsos MORI). As users become more concern about their privacy, it
becomes a growing conflict because privacy is an ethical issue that also creates multiple legal
suits aside from merely creating a negative image of the company. At the same time, giving
complete privacy to address this issue would entail the company both financial and non-financial
losses. The challenge then for Google is to find a balance between users' right to privacy and
the company's interest in the profitability and sustainability of its business.

AREAS OF CONSIDERATION
 Google tracks location in most of its services for the benefit of its users.

While it provides convenience, some users are not in favor of this feature. To
them, it seems like an invasion of privacy.

 Google also tracks online activity, despite adding "Do not track" features on some of its
platforms.

With the option presented as a small box, this feature is not usually noticeable to
most users.

 There were restrictions by way of government legislation in China, specifically on

censorship of controversial topics.

The Chinese government is particularly concerned about the information

reaching its citizens, especially which are against them. With this, Google is
forced to consider allowing the government to monitor its search queries and
database.

 Biannual privacy audits are conducted by third parties as settled with the Federal State
Commission (FTC) on Google’s operations.

It was done after the FTC launched an investigation and found out that Google
acted deceptively and violated its privacy policies.

 Google's vulnerability to hacking should be considered.

Its users had been victims to a wide-scale phishing attack which broke into Gmail
accounts.

 Google had issues about bypassing anti-tracking mechanisms.

It occurred when Google bypassed Apple's Safari browser, which had high
security as well as other anti-tracking software.

 There is little regulation as to how Internet companies can gather and use user
information.

This way, Google technically has more freedom in conducting its operations.

 People fear that Google might be gaining too much power.

 It applies more to its consumers and competitors. With this, the company should
carefully reflect upon these issues to consider which venture they should expand
to.

 The benefits of addressing privacy issues should outweigh the costs.

The impact (financial or nonfinancial) of addressing users’ privacy to Google’s

services should be considered especially advertising, which is their primary
source of revenue.

 Assessing the breach of privacy as to whether it has detrimentally harassed or harmed

users in some way.

Users’ complaints depend on whether the breach of privacy is grave or light.

ALTERNATIVE COURSES OF ACTION

Impose automatic deletion of data to strengthen users’ privacy

Since Google is an ad company, it lives off with users’ information. Data collection is
indispensable for the company. The proponents propose that Google should continue collecting
data. However, data collected must be deleted once it has served its purpose. Google has
stated that the data previously collected through its search engine become anonymous after 18
months of being stored in their database. Well, a lot can happen in a one-and-a-half-year. With
the onset of technological development, people can be tracked in just hours. How much more in
a year? Thus, to increase protection, automatic deletion after satisfying its intended purpose is
considered.
Google collects data from users by making use of a ‘crawler.' This crawler goes over and
collects data from billions of websites around the globe. The collected data will be sent to
Google’s data center, then eventually to its respective database where it will be scanned leaving
the necessary data only (Donner, 2016).
As to its search engine, Google can collect enough data in order to analyze and predict
user behavior by making use of ‘logs.' Logs could provide information as to when and what
pages are being browsed (Donner, 2016). With these data, Google engineers and analysts can
devise services that suit the taste of individual users.
On the other hand, Android, Google’s mobile operating system, continues to be in the
hot seat for collecting data online and offline. A study directed by Douglas Schmidt, a computer
science professor at Vanderbilt University, has shown that 900 samples are being sent by an
idle android-operated device in 24 hours (Sutton, 2018). With these data, Google can tell the
places users were last night. Fishy, isn’t it?
The proponents propose that in order to address this issue data collected should be
limited to data used by users. Google can only collect those data that are entered voluntarily by
users. This includes implied data such as the date and time they access what webpage online
since these are indispensable in Google’s provision of services. Whatever they have entered on
a website will be used by Google. However, data collected is subject to a time restriction that
depends on the purpose of the data collected.
The proponents have classified data into personal data and other data to facilitate the
discussion.
Personal data such as user profiles (name, birth date, address and other personal
inputs) are kept until users have deleted those data themselves. An option to delete data or
information stored or entered in Google applications must be provided in the said app. The
delete option must be treated as a fundamental choice, as fundamental as the create option. In
consonance with this, it must be made evident and easily accessible to users. For example, an
option to delete emails exists in users' Gmails or users can even delete their Gmail account
itself. Once data has been deleted by the user, Google must at the same time erase such data
in its database—a sort of an automatic deletion. If such user becomes inactive for some time,
an automatic deletion must occur. According to a software engineer in a Google product forum,
a Gmail account which is inactive for approximately nine months are deleted (Jordan, 2012).
However, the proponents propose that once considered inactive for a month such account must
be deleted. Real users make use of their accounts daily. An average number of email received
by an office worker is 121 emails per day (expandedramblings.com) in exchange for an average
of 40 emails sent.
Other data such as search terms, the date and time accessing what websites and the
places users have been to are to be kept by Google until it has served its purpose. The
‘crawlers' and ‘logs' still do the same job, collect data and send it to Google. However, automatic
deletion of data collected will occur once the activity has been recorded. Recorded, in a sense
that it has been used as input to know webpage rank and frequently searched terms. This
automatic deletion of collected data acts as a safeguard to deprive Google of accessing data or
info after it has served its purpose. The control has to be embedded in Google’s system of data
collection itself.
The automatic deletion that the proponents propose works on a real-time basis. As to
personal data, once a user has deleted his data, the server being used will send notifications to
the ‘crawlers' informing that data has been deleted in this website. The ‘crawlers' will notify the
database where such data is located which will trigger auto-deletion. With this feature, data
entered by users is really under their control. In the case of inactive user profiles, a time limit of
a month of inactivity will trigger auto-deletion. While in other data, the proponents propose that
an average time for Google data collection be considered. Right after data collected has
reached the data-collecting unit which could be a computer and has recorded necessary data,
auto-deletion occurs. A time limit has to be imposed to facilitate independence from the control.
The time limit reflects the average time it takes for Google to collect data necessary for its
undertakings.
Furthermore, auto-deletion supports the objective of biannual privacy audits as settled
with the Federal State Commission. Auditors are provided greater assurance with the time limit
acting as an internal control against breach of privacy.
Although there are concerns as to data deleted still stored in Google’s hard drive which
is potential for restoration. The proponents propose that hard drive is encrypted to protect
unauthorized access. By encrypting the drive, deleted data are transformed into unreadable
codes. Encryption is unnecessary if Google destroys the drive containing deleted data
physically. However, since thousands of data are deleted at the same time, the proponents
propose that it be encrypted.
By implementing an automatic-deletion mechanism,

o Users are more assured of their privacy with more power over their data and
information online and offline under their control. The system depends on the
users’ decision to delete.
o Google can save space for deletion is real-time.
o It fosters trust and confidence between Google and its various stakeholders,
especially their users.
o It could lessen penalties from the government for breaching users’ right to privacy
if there is.
o Google can still collect data for its advertising services by jotting down data and
info entered by users immediately.
o Regardless of the importance of the data or info, harm against hackers and the
like are lessened for data collected by Google are deleted immediately.
o With data immediately deleted by Google, no data to be shared to state
governments who are thinking of manipulating search results like the Chinese
government.

However, despite its benefits, it also carries some drawbacks,

o Once data has been deleted, it is difficult to be retrieved back. Careful judgment
by the user has to be exercised.
o Although data are immediately deleted right after its purpose, users' information
is still collected by Google even if done in a shorter time.
o With limited time for data collected in the hands of Google, necessary data could
be overlooked.
o Personal data not yet deleted by the user is still exposed to Google.
o Highly dependent on the system's integrity. If the system crashes, trust also
crashes.
o Considering the alterations to be made in the system, it will be costly for Google.

Impose charges to users who do not want to expose their privacy to Google

Since data collection is an indispensable role for Google to keep its business alive, then
the idea of removing such part in their business is not an option. Instead of completely removing
the data collection role which is essential for Google, the proponents have thought of filtering
the users. It is a prerogative that once users join a networking site, personal information will be
asked (name, birth date, gender, address, and all others). Of course, this information and all the
rest of information generated every time users transact something online or even if they do
nothing offline are exposed and collected by the said networking site, one of which is Google.
Information such as the places users have been to in the past years and that they turned on
their bedroom lights last night are just some of what Google knows about their users (Haselton,
2017).
Although there are privacy reminders before joining Google, it cannot be avoided that
there are certain things users wish to keep by themselves. And because of this privacy issue
has become a big deal in internet companies, such as Google.
In order to avoid such aggravation, users who do not want Google to collect their data
made available online and offline—in the case of Android-operated phones, must pay a certain
amount of price. Google services are not entirely free because user data and information are
obtained in exchange for this. Of course, it would be costly to those who value their privacy
compared to those who think it’s-harmless-anyway. It is a trade-off between Google's free
services and one's data and information.
By imposing a charge for those who do not want their data and info be collected and
made used by Google, users are given an option whether to pay to protect one’s privacy or to
share one’s data to avail free Google services. It requires no alteration as to the system itself.
The only difference this time is the filtering mechanism that limits who, what and which are to be
collected. Google surrenders all its cards by letting the users choose for themselves. This way,
no breach of one’s right is to be spoken of.
In addition to that, biannual privacy audits are still to be conducted to ensure complete
protection of privacy. With the new payment system, auditors may have to develop another audit
program that ensures Google does not collect the data of those who paid.
Before availing Google services (from devices, operating system to its Google Chrome), Google
will provide users with their privacy policies telling its users what data are exposed to them.
Then an option whether they agree or not will be given to users. If they agree, then they can
avail Google's free services in exchange for their data. Otherwise, users will be asked to pay a
certain amount in order to avail Google services. An online form will be filled in to obtain
particular information from the users who will pay — information such as name and payment
terms. Payment terms could be in forms convenient to users such as bank deposits or credit
card payments. The payment system works real time since different users avail it in various
times. It is also a prepaid system. Once the subscription has expired, users will lose access to
Google services. In this way, no Google will be blamed for breach of privacy.
A separate database will be established for those who paid. Those who did not will be
treated the same way as usual. A unique identification number will be assigned to paying users.
It is necessary to identify those who have expired subscription and at the same time to identify
users whenever they use different servers. In this way, each time users access Google online,
and before surfing the net, they will have to choose whether they are paying or not. Those who
paid will enter their identification number to allow access.
The system works quite differently with android-operated devices. As users purchase
their devices, the merchant will have the responsibility to provide buyers with an application
form to avail of the payment system that will protect their privacy. The application form
containing information such as the name of the user, payment terms and the serial number of
the device bought will be submitted to Google. Upon subscription, the device is free from
whatever Google data collection such as location detection.
Unlike Google online services where it is availed only when needed, Android-operated
devices are availed all the time. Therefore, the payment to subscribe for privacy protection will
be made lump sum and upon purchase of the device. Assessments as to the useful life of the
device will be considered since privacy protection is expected to last as long as the device lasts.
It will be used to estimate the subscription price to be added to the original cost of the device. If
the device will not work anymore because it was heavily damaged via physical obliteration, such
occasion is treated as malpractice in the hands of the user. Any cost not yet realized is a loss on
the part of the user. However, if the device will not work because of manufacturing issues,
warranties can be availed.
As observed, once privacy subscription is availed, Google collects no more than the
necessary information required for the payment system.
By filtering users through the imposition of a certain amount to protect privacy,
o Free Google services will be much more appreciated.
o There is no breach of users’ right to privacy since they have been informed and
they are the ones who chose.
o Users who value their privacy can still avail of Google's quality services in
exchange for the price paid.
o By filtering data collected, there will be more space available.
o Provision of services is unaffected. Therefore the same quality is expected.
o Penalties for breaching users' privacy are lessened if there is.
o It supports both ends, users who value their privacy and those who value
Google’s free services, all of which not affecting the service quality.
 Despite the benefits, it also has its downside,

 Users who are loyal to their privacy and Google’s free services are forced to pay
a certain amount of price.
 Areas who can pay more for their privacy could be an ideal market for Google
rather than those who cannot, potentially making services more intensive to well-
off areas. In this case, a new market for privacy assurance could arise.
 Those who opt not to pay still bear the risk of their data being accumulated by
Google with the potential of being shared and manipulated if such practice exists.
 With people being able to safeguard their data and information, information
collected and available online might be limited in contrast with Google’s vision.
 It could be a hindrance to a borderless world.

RECOMMENDATIONS AND CONCLUSION

To balance out the interest, that of the users' and that of the company's, imposing
charges to the former who are not willing to expose their privacy to Google is recommended.
This action is the best win-win situation for both of the parties involved because those who
deem their privacy as truly important would have the option to protect it at a certain price and
those who do would not have to change a thing. This way, users can weigh in their respective
costs and benefits and decide for themselves which is more advantageous. On the company's
part, they get benefits in return for the opportunities lost due to the complete privacy option.
Also, the company might get more users because those who currently do not use Google at all
for privacy reasons, might start to do so due to the new privacy protection.
The first course of action stated which is imposing an automatic deletion of data to
strengthen users' privacy would admittedly mitigate the issue of privacy rather than clearing it
out. In this course of action, the company still has their power over all the information a user has
made available. The only difference of this from the current system is the time retention of data.
Also, the time retention of the other data is still subject to their discretion since only they know
whether data have already served its purpose. Although privacy audits are conducted to inspect
retained data, an easy escape is provided since it is in their judgment on whether it has already
served its purpose or not. Aside from this, Google has to tweak its current system which will
undoubtedly entail a cost, but the benefits derived from this new system would not justify the
cost since it would not clear them away from their current privacy issues.
To implement the chosen action, the company should start by formulating a way to
secure the privacy of those who pay for it. Since anything from these users should be
completely private, it may be likely not to retain any data from them. However, since it is
impossible for these users not to have any data at all, a separate database should be provided
for them. In this separate database, only information for their respective accounts is stored. Also
taking into account, data collection of Google is not merely done only for their advantage, it is
also done to provide certain conveniences to users. Thus, upon availing the option to pay, there
shall be certain options a user could activate. It is in default that everything is to be secured and
not to be used for anything; however, this should not hinder users from availing conveniences
that could be obtained through data collection. That is why a user should be allowed to have
specific data collected if it is in their interest to do so. It cannot entirely be said that users want
everything in private so in order to adequately cater their needs, options are made regarding
their privacy too. In this case, the information they allow to be gathered are not stored on the
separate database; instead, it is forwarded to other databases for its purpose. It is to be
reiterated that it is only an option in order to allow users access to conveniences data collection
provide and that complete privacy using a separate database is still the default. Therefore, the
only information they opt to be collected is used, and this does not affect anything else.
It is impossible for the company to know whose privacy to protect if they do not know the
user. Thus identity is a must. However, many people are likely to have the same name and
asking for more personal details to trace who is who seems to be still opening a room for a
breach of privacy. That is why a unique identification number is highly suggested to identify
those who opt to pay instead. This way, users who opt to pay are assured that their details are
truly protected. Another area to be covered is the payment process. The company should
enable these users to have easy options of payment and set up the price using the currency of
every country. The payment system is not new to Google, which means that setting this up
would not entail much additional cost.
For the protection of privacy concerning Android devices themselves, particularly with
the tracking of the location of these devices, an option to subscribe for complete privacy may be
availed at the time of purchase. Therefore, the device itself is considered to be private regarding
its location and any data that may have been gathered from the device usage. It is to be pointed
out that this is different from the payment option mentioned above, that was an account for
Google services while this option is for the device only. With that in mind, the payment of this
option, contrary to the former, is made in lump-sum at the time of the purchase of device. So
Google will be connected to the companies who offer these android devices and they will give
them the authority to set this up on their respective devices. Consequently, the profit derived
from this will be shared but the company selling the devices is only given a part as
compensation.
As what can be observed, a huge cost would be incurred to implement this
recommendation. However, this is an investment opportunity for the company. First of all, the
cost incurred can be returned through the payment of the new service offered. Google can
account everything and set up a way for them to earn while having a return on their investment.
Also, a new market could open since some people might not be using their services because of
privacy concerns. This way, they can open their services to a particular market that they were
not able to cater before. Lastly, it is also beneficial because it is a way for Google to show that
they are respecting their users' total privacy. Google currently has privacy policies that state
what the users are getting into when they use their services, however, currently when people
need to use their services; they have no option but to abide by Google's privacy stipulations.
Allowing this new service is a way to publicize that they are willing to compromise with the users
without losing their business as well. It will also more clearly express the importance of Google's
privacy policies and emphasize the risk of using their services for free while also providing them
with a way to protect their privacy.
 LEARNINGS AND TAKE-AWAYS

Google is expanding vastly and is gaining massive access to the digital world. Such
expansion ranges from developing Android, founding Google Drive to acquiring Motorola. This
enormous expansion has enabled Google to provide better services to its users providing them
more accessibility and convenience. Despite its steady development, Google continues to be in
a hot seat because it was found out that their operations involve issues threatening computer
ethics.
 According to Hall (2011), Computer Ethics pertains to the analysis and social impact of
computer technology and the corresponding formulation and justification of policies for the
ethical use of such technology. It primarily involves ethical issues of computer crime, working
conditions, privacy and more. Google has been struggling between balancing ethics involving
user’s privacy and providing competitive quality services.
Although Google is initializing practices that help employees and society, user privacy
should also be considered of great concern. Not only does it interest computer ethics, but its
proper treatment also reflects how Google put importance to their stakeholders, in particular,
their users. Privacy is freedom from unauthorized intrusion (Merriam-Webster). It includes user
location to name a few. Moreover, user location being tracked by Google is one of the dilemmas
Google is facing today. Because of cases like this, Google is heavily criticized for its practice of
keeping and storing its user’s data for future reference violating user’s internet privacy. Worse,
users even claim that much of data Google collects is not overtly known to them.
The problem focused on the discussion is on how Google can maintain user information
confidentiality to protect against cyber attacks while continuing its profitable operations that
require keeping user information without violating privacy rights.
An alternative course of action is for Google to impose an automatic deletion of data to
strengthen users’ privacy. Google should only collect limited data, including implied data, that
are entered voluntarily by users and these data collected should be subjected to a time
restriction that depends on the data's purpose. Personal data should be kept until the user
voluntarily deletes the data. Afterward, Google should also delete all copies of the deleted data
on their database to safeguard user privacy. With this course of action, users as owners of the
information they provide have greater control over data. However, the time limit imposed on
Google’s data collection could potentially constrain other necessary data.
Another proposed alternative is to impose charges to users who do not want to expose
their privacy to Google. Data collection had become an indispensable part of Google’s
operations to keep their business profitable and competitive. Suggestively, those users who do
not agree with Google’s privacy policies should be charged a certain amount for using Google’s
free services. The recommended course of action is the second one --which is to impose
charges to users who do not agree with Google’s privacy policies. This action is the best for it
serves the interest of Google and its users. Although there are costs to be incurred by Google to
adapt for the shift, benefits would still outweigh the costs. Benefits such as customer loyalty and
trust appear to be a promising return on investment.
 Throughout the entire case analysis, the proponents have realized essential points that
are meant to be appreciated not only through this paper but in real-life as well.
One of which is that Google users should be cautious with the personal information they
provide. The internet is an open-field of vast information accessible to all. Different users with
different motives come and go. Bad guys exist not only in the real world also in the virtual world
—the internet. The information provided maybe stolen from Google’s database and may lead to
computer fraud like identity theft, posing, phreaking, and all others. If these hackers gain access
to users’ personal information, these evil-brains may use this to ruin other person's life. By
gaining access to users’ social media accounts and obtaining credit card numbers, all these
could potentially cost not only happiness but also a life. While this may seem as an overreacting
common point, this is often neglected by internet users.
In connection with this the proponents have also realized that due to laziness or
busyness, users often disregard reading significant privacy policies, terms, and agreements. In
fact, of all internet users claiming to have read privacy policies, approximately 20 percent do
(Galeon, 2018). All these conditions are crucial for users to be informed on how Google will use
and store the information they provide. Users should always read and be informed of the privacy
policies as there may be company practices which users may not like. Misleading claims which
are overtly provided in the privacy policy should be a liability to the neglecting user. The
proponents have realized that concerns, as to breach of privacy, would be lessened if users
have read the privacy policies provided in the first place. Informed users enjoy Google better
than those who opt to regret later. Such an occasion does not only apply to Google, but to life
realities, users face every day.
Another takeaway, the proponents would like to point out is that the government should
firmly monitor Google’s operations to provide security to its users and to make sure that they
keep to their words. The government serves the people who live relying heavily on information.
Moreover, Google has become one of the most readily-accessible sources of information. The
government must safeguard the interest of the public by imposing laws that would protect the
integrity of shared data. By doing so, Google will not be tempted to sell its users' information for
their gain. Or else, not only trust will be lost but their business as well. Since the internet and
Google work globally, international internet policy would also be ideal. It will foster not only
information integrity but also unity across borders.
Lastly, the proponents would like to point out that Google should focus on strengthening
maximum security to their system. Google’s expansion allowed them to hold extremely
confidential and valuable information about their users thus making them highly susceptible to
hacking and all other cyber attacks. Along with this is the responsibility to take care of the trust
entrusted to them by the users. These patrons should feel secure that their data and information
are kept private and personal. After all, Google’s existence depends on their satisfied users.
Protecting user privacy is a two-way process. Both Google and user must work hand-in-
hand to protect the integrity of data being shared. It is more of a cooperative effort. It is not
enough that only Google adjusts, users must also conform to the change. The willing parties
must reach a consensus to be able to achieve two ends in a single mean.

References:

Donner, M. (2016). How does Google collect data? Retrieved from https://www.quora.com/How-
does-Google-collect-data

Galeon, D. (2018). We know you do not really read privacy policies. This can do it for you.
Retrieved from https://www.google.com.ph/amp/s/futurism.com/ai-reads-your-privacy-
policies/amp
Hall, J. A. (2011). Accounting Information Systems (7th ed.). USA: Edwards Brothers.

Haselton, T. (2017). How to find out what Google knows about you and limit the data it collects.
Retrieved from https://www.google.com.ph/amp/s/www.cnbc.com/amp/2017/11/20/what-
does-google-know-about-me.html

Jordan, K. (2012). Do Gmail accounts ever expire? Retrieved from http://www.ask-

kalena.com/q-and-a/q-and-a-do-gmail-accounts-ever-expire/

Retrieved from https://expandedramblings.com/index.php/email-statistics/

Retrieved from https://www.ipsos.com/ipsos-mori/en-uk/cyber-security-breaches-survey-2018

Sutton, K. (2018). Google is collecting your data-even when your phone isn’t use. Retrieved
from https://www.google.com.ph/amp/s/www.adweek.com/digital/google-is-collecting-
your-data-even-when-your-phone-isnt-in-use/amp/