We need to know more, watchdog tells Google

Google, the internet services giant, must explain further how it plans to use customers' personal information under its new privacy policy, Hong Kong's privacy watchdog said yesterday. The Office of the Privacy Commissioner for Personal Data has joined counterparts around the world in opposing the scheme Google launched in March. Privacy Commissioner Allan Chiang Yam-wang told the media yesterday his office was still urging Google to provide more information about the policy, which combines more than 60 privacy policies for its different services under one umbrella policy.

That created concerns that personal information would be shared among different services, with users given no opt-out.

Chiang said Google recently explained that users' information would not be combined across multiple accounts, even when Google knew that the accounts were registered to the same person.

This means data gleaned from a Gmail account, for example, would not be linked to the same user's account on the video-sharing service YouTube, or to their Android smartphones.

'If they [users] are still concerned about Google mixing up information about their personal and work affairs, they should consider creating multiple accounts to manage different activities,' Chiang said.

However, he said Google had not given the commission details about which information on various electronic devices - such as smartphones or tablet computers using the Android operating system - would be accessed and shared by Google.

Android users were the most affected group because they had to log on to a Google account to buy applications from the application store, Chiang said. He thinks Google should provide more details to this group of users about how the privacy policy change affects them.

The chairman of the Hong Kong Internet Society, Charles Mok, said the lack of clarification may allow Google and application developers to keep and share information such as the locations and personal preferences of Android users.

To prevent that, Mok said, 'before downloading or using any applications, users have to think twice about whether they really need to do so. They should learn what privacy or rights they may have to give up if they download and use such applications.'

Chiang said if Android users were concerned that Google would use information about their location and web-use history, they should consider disabling options that identified their location.

The commission would continue to co-operate with counterparts around the world in following up the inquiry with Google, Chiang said. His office will watch closely a French investigation into the legality of Google's move to aggregate users' personal data across various services. France's information technology watchdog, CNIL, is pursuing the matter on behalf of the European Union's data protection authorities.

Meanwhile, the commission has completed its inquiries with Sony about the global hacking of Sony's PlayStation Network in April last year, which could have compromised the credit card details of local consumers, Chiang said.

Sony's investigative report found no evidence that the hackers gained credit card data of PlayStation Network customers, or even tried to gain such information, the commissioner said.

The commission would not pursue any further inquiries with Sony on the matter, the commissioner said, since no complaints were received about the abuse of customers' personal information as a result of the data breach.