Google Takes Privacy Red Team Public

3 minute read
Josette Rigsby avatar

Google has not had much lucklately winning privacy advocates as fans. The company has been a frequenttarget of privacy complaints and just settled its veryexpensive Safari privacy case with the FTC. Now Google is taking anotherstep to improve its privacy image -- growing its Privacy Red Team.

Google’s New Public Focus on Privacy

new job posting from Google shows the company is expanding its Privacy Red Team. Google is not the first company to create a red team. Red teams, a small group of highly skilled experts, have existed in the security space for decades. These teams usually attempt to find security flaws in networks, hardware or software, but Google is repurposing the concept for privacy.

Based on the job description, Google’s Privacy Red Team identifies, researches and resolves user privacy risks in the company’s products, services and business processes. The advertised Data Privacy Engineer position requires,

an intimate knowledge of the inner workings of modern web browsers and computer networks, enjoy analyzing software designs and implementations from both a privacy and security perspective, and will be recognized experts at discovering and prioritizing subtle, unusual, and emergent security flaws”

It is unclear if the Privacy Red Team is an existing team being expanded or a new group formed to address Google’s continuing issues with privacy. Whatever the case, the search giant is clearly investing in user privacy.

The investment is definitely a good move. The public perception of the company’s attitude toward user privacy has taken a beaten the last few years. Google replaced the privacy policies for its products and services with a single, comprehensive policy as part of a simplification effort in January. The action was an epic failure from a public relations perspective; privacy advocate immediately attacked the new policy because users could not opt out.

Learning Opportunities

Google also recently settled its privacy case with the FTC stemming from its use of cookies in Safari browsers. A Stanford researcher discovered Google was monitoring users that had selected the “do not track” setting, despite language on its help pages that suggested otherwise. The company admitted no wrong, but agreed to pay one of the largest fines in history for a case of this type -- US$ 22.5 million.

What’s Next

Google has a long and bumpy road to travel to find the correct balance between its interests and privacy concerns. The company generates most of its revenue by selling data and ads about its users to its true customers -- advertisers. Marketers always want to know more. Privacy advocates always want to share less. It’s unlikely that both sides will ever be completely satisfied. 

Google must satisfy its customers, but cannot become so invasive collecting data that it alienates its mainstream users. Its massive size also makes it an easy target for attention. Google will need to move cautiously with efforts like its Privacy Red Team to find the most effective balance.