Information & Ethics Committee on Oct. 23rd, 2018

Thank you very much, Mr. Chair and members of the committee. Thank you for the invitation to appear today to speak again about these important topics.

At Google we believe in ensuring that our users have choice, transparency and control. These values are built into every product we make. We build products for everyone and make most of them free.

Privacy is also for everyone, and should be simple to understand and control. At Google we combine cutting-edge technology with data to build products and services that improve people's lives, help grow the economy, and make the web safer. With partners, we are working to tackle big challenges and enable scientific breakthroughs.

We understand that our users trust us to share information about them so that we can build better products and serve and improve their lives, but we also know that with that comes great responsibility. That's why we do so with strong privacy and security practices.

Before I provide an update on important work that's happened on our end since I appeared before this committee in May, I want to briefly outline the four key pillars that underpin how Google thinks about protecting user data—transparency, control, data portability and security.

First, on transparency, our approach to privacy stems directly from our founding mission, which is to organize the world's information and make it universally accessible and useful. That's why we build for everyone. Providing most of our products for free is a key part of meeting that mission. Ads help us make that happen. With advertising, as with all our products, users expect us to keep their personal information confidential and under their control.

We do not sell personal information. This is really important. I want to repeat that point: We do not sell personal information. We strive to be up front about the data we collect, why we collect it, and how we use it. This starts with intuitive product design, ensuring that our privacy policy is clear and concise, and making privacy controls immediately accessible from the privacy policy. We also look for ways to add transparency into our products directly so that users can understand the privacy implications of their choices in context, from how you share documents in Google Drive to understanding why you are seeing certain ads.

Second, with regard to user control, our privacy tools are built for everyone. Different people have different ideas about privacy, so we must build with that in mind. Our “My Account” centre puts these privacy and security settings in a single place, making it easy to find and set preferences.

I want to call attention to our security checkup and privacy checkup tools that we regularly promote to users. These tools help users identify and control the apps that have access to their Google account data and guide users to review and change their security and privacy settings, such as deleting their Google activity, disabling personalized ads, or downloading a copy of their information.

Third, we believe portability is a key way to drive innovation, facilitate competition and best serve our users. That's why we've been working on it for over a decade. If a user wants to try out or even switch to another product or service, they should be able to do so as easily as possible and not be locked in to a service. In 2011 we launched Google Takeout, allowing users to download their data from Google and use it with a different service. We announced an important update to that service this year. That's the data transfer project, which we developed and are now working on with leading partners in the industry to facilitate that transfer between services.

Fourth, security considerations are paramount in all of these efforts. Securing the infrastructure that provides Google services is critical in light of the growing and sophisticated nature of many threats directed at our services and users. Google products are built at their core with strong security protections, including continuous efforts to block a range of security threats. We make technology like safe browsing available for free to other technology providers. This helps to protect Internet users on and off of Google services.

With that in mind, our privacy work is never finished. We try to learn from our mistakes and don't take our success for granted. Our goal is to be the best in class and continually raise the bar for ourselves and industry.

This committee's current inquiry stems from the breach of personal information that was associated with Cambridge Analytica, a breach that Facebook first reported earlier this year. When this news broke, Google proactively embarked on an analysis of our products and services to further improve the privacy of our products, particularly in relation to developer access to our data. This effort, “Project Strobe”, as it's known internally at Google, has so far resulted in several important insights and actions about our platforms. More will be coming. We announced some earlier this month, but in the interest of updating this committee on what's happened since we last spoke, let me offer a quick overview of actions that we've recently taken.

The first update is with regard to app permissions. We announced an update earlier this month outlining how consumers will now get more fine-grained control over what account data they choose to share with each app.

We launched more granular Google account permissions that will show in individual dialogue boxes when you download an app and when that app is updated.

People want fine-grained controls over the data they share with apps, so instead of seeing all requested permissions on a single screen, these apps will have to show you each requested permission, one at a time, within its own dialogue box. For example, if a developer requests access to both calendar entries and Drive documents, you will be able to choose to share one but not the other.

The second update concerns Gmail. We understand that when users grant apps access to their Gmail, they do so with certain use cases in mind. We're limiting the types of apps that can request access to Gmail to those that directly enhance email functionality, such as mail merge services or send-delay products.

Moreover, these apps will need to agree to new rules on handling Gmail data and will be subject to security assessments. People can always review and control which apps have access to their Google account data, including Gmail, within our security checkup tool.

The third update concerns restricting apps that can request call log and SMS permissions on Android devices. When users grant SMS, contacts and phone permissions to Android apps, they do so with certain use cases in mind.

We now limit apps' ability to receive call log and SMS permissions on Android devices and are no longer making contact interaction data available via the Android contacts API. Many third party apps, services and websites build on top of our various services to improve everyone's phones, working life and online experience. We strongly support this active ecosystem, but we understand that its success depends on users knowing that their data is secure and on providing clear tools and guidelines for developers.

From the unbundling of the permissions that are shown to users when they are deciding to give access to their sensitive data to limiting developer access to Gmail to requiring developers to undertake security enhancements, we continue to make the securing of data a top priority while supporting a wide range of useful apps.

When it comes to protecting their data and giving them more control over their data, Canadian consumers are counting on us and Canadian businesses are counting on us. Google's search tools help Canadians find information, answers and even jobs, and our advertising products help Canadian businesses connect with consumers and customers around the globe.

This brings me to one more update since I last appeared before this committee. In September, Deloitte released a report looking at the economic impact of Google Search and Google Ads on Canadian businesses. Deloitte estimates that our ads services supported between $10.4 billion and $18.5 billion in economic activity by those businesses and partners, which translates to the equivalent of 112,000 to 200,000 full-time jobs. The Android ecosystem in Canada helped generate $1.5 billion in revenue within Canada's app economy, supporting 69,000 jobs.

The web is at the heart of economic growth, both here in Canada and globally. That's why Google invests in building products and services that help businesses, entrepreneurs, non-profits, developers, creators and students succeed online. Hundreds of thousands of Canadians are using Google's tools to grow global audiences and enterprises, and we're proud to support Canadian businesses in making the most of the web.

We at Google remain committed to continuing to develop products and programs to bring this opportunity to everyone.

Our privacy and security work is never finished. We will continue to do this, and we stand ready to do our part and to help build a better ecosystem for Canadians and Canadian businesses.

Thank you again for the opportunity to be here today. I look forward to continuing to work with you on these important issues, and I welcome any questions you may have.

I can't give you an exact number for that. There is transparency around the data that's associated with you individually, in your “My Account”, the specific data that most Canadians are interested in—

Yes.

I don't have an exact number for you.

Yes, I can get you that number.

Yes.

Google Home is an extension of the services you already use. Many of your interactions with Google Home are similar to what you've already been doing on your desktop or laptop—

Not specifically.

If you do a search for music, that comes in under whether you have a Google Play subscription and—

I'm afraid I don't have the answer for you.

I know there's a specific.... If you're doing a voice search in your My Account, it will now tell you what the voice search was and give you a recording of it.

Yes. In your My Account, you can select by type of information or by service that you want that data to stop being collected and you want the record to be erased.

Yes.

Yes.