5 key points from Google's privacy-policy letter to Congress

Search giant responds to congressional queries about privacy policy in 13-page letter

Google sent a 13-page letter to Congress this week that can be summarized in a single sentence: "We're not being evil."

In a wide-ranging letter addressed to eight U.S. representatives, Google defended the changes it plans to implement in its privacy policies and said that users who want their data kept separate from multiple Google services have nothing to fear as long as they take the correct precautions.

ANALYSIS: Google's new cross-service data sharing: What's the hubbub?

IN OTHER NEWS: Social networking engineers team to make Google searches less "evil"

In the interest of saving you the time of reading the entire 13-page document yourself, we've broken down Google's letter to Congress into five main points that will be most relevant to its defense should it face a congressional inquiry over the next year.

Point No. 1: Google still isn't selling your personal data.

How many times can Google find different ways to tell Congress that it isn't selling users' personal data to interested parties? Let's see: "We are not selling our users' data." "We do not sell users' personally identifiable information." "Google does not sell, trade or rent personally identifiable user information."

You get the idea. While Google has long tracked users and has delivered targeted ads to them based on keywords they use frequently, the company is not, repeat, not selling your information to third-party marketers who can target you with their own ads. So if you're worried about multiple marketing firms learning about your somewhat creepy obsession with My Little Pony, for instance, you don't need to worry about it.

Point No. 2: You're still up the creek if you get reeled in by a phishing scam.

Citing an attempt by hackers to access White House staffers' Gmail accounts last year, Congress has asked Google if it is taking any new security steps to protect all the information that is now shared across Gmail, Google's search engine and YouTube. Google basically responds by saying, "Not really."

Basically, if you compromise your Gmail account by falling for a phishing scandal and you haven't already turned on Google's two-step verification tool, then hackers will potentially have access not just to your Gmail but to your Google account as a whole. In other words, if you're getting ads in your Gmail inbox that are based on frequent searches you've been doing, a smart hacker will likely be able to figure out what you've been searching for. Said hacker will also have access to your Google+ and YouTube accounts as well if you haven't set up separate accounts for each of them.

The lesson here, folks, is to be really, really careful when you sign into your Gmail account because it's not just your Gmail information that hackers could potentially swipe anymore.

Point No. 3: You can still use Google and YouTube for searching without Google knowing that you are the one doing the search.

One of the main objections that critics of Google's new policy has been that many users may not want to see ads in their Gmail inboxes for things they search for on Google's main search engine or on YouTube. But there's a fairly simple way around this, Google says: Sign out of your Gmail account before you do any searching.

"Information is associated with a given user only if the user is signed into their Google Account," writes Google. "If a user maintains two separate Google Accounts -- for example a work account and a personal account -- Google will not use information about one account to personalize the other."

So there you have it: If you don't want Google tracking your every move, log out of your Google account before searching or create more than one Google account.

Point No. 4: Users still have lots of options over how they're tracked across the Web.

In addition to pointing out that users can sign out of their Gmail accounts if they want to search for something anonymously, Google also made note of some other privacy control options that Google users have at their disposal. Among other things, users can turn off their search history, they can use the Ads Preference Manager to block ads that they don't want to see in their searches or in their inbox, they can edit all of the information stored in their Google account with Google Dashboard.

Google also points out that none of users' privacy controls will change once the new privacy rules take effect, so if you have your search engine history turned off today, it won't automatically switch back on once Google integrates data sharing among all its services.

Point No. 5: If you don't love the new integrated Google, you can always leave it.

This is obviously not what Google wants its users to do, but the company does acknowledge that this remains an option for disgruntled Googlers. There are multiple search engines, email clients and social networks out there and no one is forcing you to use Gmail or Google+. If you want to be free of Google altogether you can delete your Google account and remove your data from Google using the company's Data Liberation website.

While no one relishes the thought of packing up all their stuff and moving away from the email address they've been using for years, users who want to keep their data separate and who don't want to go through the hassle of signing out of their accounts before doing every search may be left with no other option.

Follow Brad's Google Reed-er blog for more Google news and opinion.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2012 IDG Communications, Inc.