Google adheres to the U.S. Safe Harbor principles on the protection of privacy.
Google follows 5 principles which dictate its privacy policy:
- Use private information only to improve user experience and to design new useful services.
- Comply with all applicable laws regarding the protection of privacy. Develop tools that allow users to access and manage their personal information knowingly. The Google Dashboard is a simple web page that groups all the tools needed to manage personal data for each application and service. The details of the privacy rules that apply are summarized on the same page.
- Notify a user explicitly when data is collected and explain what kind of use is made of that data.
- Never take personal data hostage and allow users to adjust the level of privacy according to their needs.
- Manage data in a responsible way by consulting the user and developer communities and by consulting external experts.
A detailed description of the use that is made of personal data is provided in a document entitled Privacy Rules.
When Google intends to use personal data for purposes other than those specified in this document, it will seek explicit permission from the user. The user may then choose to refuse such use.
Let's look at the key elements of the Privacy Rules.
Data such as the username, the password, mail address, or credit card number (in encrypted form, obviously) is collected for the sole purpose of improving the quality of service.
C ookies are small files, stored locally on a desktop computer, which contain strings of characters, transmitted by a web server. They are used, for instance, to uniquely identify a user session. Google's goal, here as well, is to improve quality of service by storing for each user his or her preferences or search habits.
To ensure strict privacy, data is both encrypted and stored on servers in a non-contiguous manner. For even greater security, file names are randomized. For instance, it is totally impossible to reconstruct all files belonging to one user.
To prevent hacking, the Google security team works in close collaboration with companies specializing in security to continuously optimize its infrastructures. Most of Google's software infrastructure is not standard but was developed specifically by Google for its own purposes. On the software side, each server is equipped with the strict minimum that is necessary to perform the tasks to which it is dedicated.