At the outset of the merger, the Electronic Privacy Information Center (EPIC), the Center for Digital Democracy, and the U.S. Public Interest Research Group filed a complaint, claiming "Google's proposed acquisition of DoubleClick will give one company access to more information about the Internet activities of consumers than any other company in the world," and that "Google will operate with virtually no legal obligation to ensure the privacy, security and accuracy of the personal data that it collects."
But the FTC has rejected those concerns, stating that they are not unique to Google and Doubleclick. "At the outset, we note that some have urged the Commission to oppose Googles proposed acquisition of DoubleClick based on the theory that the combination of their respective data sets of consumer information could be exploited in a way that threatens consumers privacy," the commissioners wrote in their decision. "Of course, the consumer privacy issues presented by behavioral advertising are not unique to Google and DoubleClick. To the contrary, these issues extend to the entire online advertising marketplace."
The persistent growth of targeted online advertising and other, less savory methods and reasons for capturing identifying information today place the burden of privacy squarely on the shoulders of consumers. Personal data is freely given up by consumers, often, just as the price of entry into many commercial Web sites. As Scott McNealy, Sun Microsystem's chairman, once said: "Privacy is dead, get over it."
There are measures that users can take to cover some of their tracks. Web proxy servers, secure browsing sites, ad filtering tools, and "cookie busters" can all help users reduce the exposure of their identity and Web behaviors to potential aggregators of such information. EPIC provides links to a collection of privacy tools on its Web site. But the question is whether such measures are worth the effort. Should users just stop worrying and learn to love the Google- DoubleClick world?
Privacy concerns come from all corners for Internet users today, from the proliferation of spyware that captures user behavior (or even personal data) and sends it back surreptitiously to a remote computer, to the seemingly more benign behaviors of ad targeting like Google's AdSense. But the power of a united Google and DoubleClick is the kind of information that they can bring together from a combination of services that can tie your personal identity to where you travel on the Web through cookies.
Cookies, used to pass session data back and forth between a Web browser and a server, containing stored information that can be used to track movements within a site or pass back other information. Odds are, if you've visited a display-advertisment driven Web site, you've got a DoubleClick cookie on your system. And users of Google's search, GMail, and other services will find Google's tracking cookies as well.
A lightning rod for privacy advocates.
There's no doubt that the type of tracking done by online advertisers in general poses privacy concerns. But the Google-DoubleClick merger creates a uniquely large single lightning rod for privacy activists to get up in arms over. While the FTC's decision is not the final hurdle left for the merger to overcome, it now seems certain that it will proceed with much less restriction than advocates and some legislators had hoped.
"What Google [and the FTC are] claiming," said Jeff Chester, director of the the Center for Digital Democracy, "is that there are no specific privacy concerns intrinsic to the Google and DoubleClick merger, which frankly is absurd on the face of it when you're merging the two number ones, for the search and online advertising industries, with a vast apparatus for data collection and targeting and profiling across the globe." Chester calls Google an "ever-growing behemoth," and fears Google will use DoubleClick's existing ad tracking capabilities to further triangulate Internet users in the name of better targeted advertising.