‘We go to great lengths to protect user privacy’
All eyes were on Google yesterday, as chief executive Sundar Pichai took questions before US Congress in its latest hearing into data misuse, near the end of what has been a tough year for the tech giant.
Just this week, the Alphabet-owned company announced that a second security bug had been found in the soon-to-be-defunct platform Google+ after a software update exposed the personal information of more than 52 million users.
Claims of political bias, largely toward conservatives, reports of sexual harassment, and allegedly ditched plans to create a censored search engine in China have equally overshadowed the conglomerate’s quest to consolidate its internet domination.
Access to user location information via Android devices was also one of the major concerns put forward by the House Judiciary Committee, Transparency & Accountability: Examining Google and its Data Collection, Use and Filtering Practices, following an investigation by The New York Times on the tracking ability of smartphone apps.
“We go to great lengths to protect user privacy and we give them transparency, choice, and control,” Pichai told Congress.
“It’s really important for us that average users are able to understand our terms and services.”
In 2015, Google introduced its Privacy Checkup feature – a way for users to easily manage their account settings and see what personal data was held across the company’s multiple services.
160 million users had gone through this process within the last 28 days, Pichai said, explaining how he believed Android owners had sufficient ability to opt out of any data collected by Google.
But lawmakers, who repeatedly mistook Google as the creator of the iPhone, were not satisfied with how the company planned to build trust with consumers at a time of particular aversion to Big Tech.
The organization, after all, had failed to disclose that 500,000 Google+ users had been impacted by a bug that was patched on the social media site in October.
“Building software inevitably has bugs associated as part of the process,” Pichai said in response to accusations that his company was in violation of security reporting standards. No case of data misuse regarding Google+ has been filed, either in the US or Europe.
“We actually undertake a lot of efforts to find bugs, route them out, and we fix it.”
It should come as no surprise to hear that Google puts security of the forefront of its endeavors. The company’s bug bounty program, considered one of the world’s best, doled out nearly $3 million to researchers in 2017 alone.
“We constantly make our systems better and the biggest area of risk that we see for our users is around security, their account gets hacked or something, and that’s why we work hard,” Pichai said.
Plans for Google to expand its internal security prowess are on horizon as well, with Pichai telling Congress that the company would welcome the opportunity at assisting on election security ahead of the 2020 Presidential election and a long-anticipated bill on the very subject.
At the beginning of the year, Google parent company Alphabet affirmed its intentions of entering the cybersecurity market with the creation of Chronicle – a firm “dedicated to helping companies find and stop cyber-attacks before they cause harm."
Chronicle, which hasn’t seen much movement as of yet, would likely carve a large chunk out of the sector, providing security analytics off the back of Google’s machine learning infrastructure.
The new business division joins the infamous Project Zero – Google’s elite team of bug hunters tasked at securing the global internet ecosystem.
‘Consistent, global regulations’
From Gmail to the Play store, Google’s experience in keeping its users secure put Pichai in line to answer questions about a potential national data privacy law, as lawmakers begin drafting a US version of the General Data Protection Regulation (GDPR), expected early next year.
Google, now accounting for 90% of all online searches, prefers the model of a data privacy framework, having submitted a proposal to Congress on how regulation should be shaped back in September, before any hearings took place.
“We’ve had quite a bit of experience now working with GDPR and we have done it for many, many months and I think it’s a well thought-out crafted piece of legislation,” Pichai said
“I think there is value for companies to have consistent, global regulations, and I think that’s also important for users as they navigate systems globally. I see value in aligning where we can.”
Pichai’s testimony follows similar grueling sessions between lawmakers and tech executives. Facebook’s chief operating officer Sheryl Sandberg and Twitter CEO Jack Dorsey took the oath before the Senate Intelligence Committee in September.
A seat was left empty for Google during the proceeding.