Privacy and Security FAQ
What kind of security measures does Google take to protect data that it receives when I use Google Books?
We take many measures to protect against unauthorized access to data. These include physical and technical security measures to guard systems where we store personal data as well as internal restrictions on who can access the data. We also conduct internal reviews of our practices in order to maintain security. The security measures taken to protect users private data are substantially similar to the measures we take to protect intellectual property, such as the copyrighted books available in Google Books.
What is Google going to do to ensure reader privacy if the settlement is approved?
Users will also have choices about the kinds of information that Google receives when they use the service. Most of the new ways of reading books online that the settlement makes possible will not require any kind of registration or account with Google. For example, people who use institutional subscriptions, such as students at subscribing schools, will not have to register with Google to read the millions of books available through the subscription. They only need to confirm their identity to the school’s system – not ours. And of course, regular users of Google Books do not need to set up an account to get the benefits of the settlement. They will be able to see much larger portions of books – often 20% of the book, instead of the current three short snippets – without having an account or giving personal information to Google.
Will Google give data about individual users to the Book Rights Registry?
No. Google is not required under the settlement agreement to provide individual user data to the Registry, and will not be providing it. In fact, the settlement specifies that in circumstances where the Registry seeks this data, it should use legal processes to do so. The Registry will receive aggregate usage data that is needed for the allocation of revenues under the settlement agreement; however, this will not include information specific to individual users.
Will Google be selling data on what users read to other parties?
Will users have to get a Google account to use Google Books? What about students at colleges or universities?
Users of Google Books will not be required to have a Google account. Anyone can freely search Google Books and preview up to 20% of most books without logging into Google. For the institutional subscription, Google will conform to common practices adopted within the industry to protect user privacy: users will be authenticated either using the student's or the institution's IP address, or using other methods such as Shiboleth -- a technology that lets Google confirm that a user is part of a subscribing institution without knowing who that user is. For the Public Access Service terminals, authentication will be based upon IP and Google will not have information about the individual user.
If someone uses a free public access terminal in a public library, what data will you keep about them and what they read?
Unless that person chooses to log in to use a Google account, we will not have any information that would uniquely identify them when they access Google Books from a public access terminal in a public library.
Why weren't privacy provisions included in the settlement?