A handful of representatives also asked Pichai about how transparent Google is when it comes to its data collection practices. The company came under fire earlier this year after The Associated Press revealed that contrary to what a user might reasonably assume, pausing "Location History" tracking on a Google account didn't actually stop the search giant from storing time-stamped location data. Google ended up clarifying the language of its policy.
At the hearing, Pichai said that more than 160 million people had checked their Google privacy settings in the last month, but that Google wanted to make it even easier for "average users" to control their data.
"We always think that there is more to do," Pichai said. "It's an ongoing area of effort."
In regards to data privacy, Rep. Ted Poe (R-Tx.) got rather heated as he asked Pichai whether Google could track his movements if he moved from one side of the room or the other. When Pichai said that he'd need to check the phone's settings to know, Poe interrupted to say that it wasn't a "trick question."
A New York Times investigation on Monday revealed that popular apps like WeatherBug and GasBuddy track users' location with incredible detail and then either send or sell that data to advertisers and retailers, and that Google's Android operating system has more apps that closely track users' location than Apple's iOS. While Poe's line of interrogation didn't quite hit the mark — he was asking specifically about his device, an iPhone, without specifying whether he had any of Google's apps, like Maps, which logs location data, downloaded — his questions and others' made it clear that representatives on both sides of the aisle are concerned about how Google collects and protects user data as well as frustrated by how the company explains its policies.
In that vein, Google's social network snafu also came up multiple times during the testimony.
Google revealed Monday that a security bug allowed the profile information of 52.5 million Google Plus users to be viewable by developers, even if their profiles were set to private. This is the second Google Plus flaw of the year. In October, The Wall Street Journal reported that Google didn't disclose its first one for months because it feared regulatory scrutiny and damage to its reputation.
Pichai acknowledged during his testimony that under the General Data Protection Regulation (GDPR) that came into effect in the European Union earlier this year, companies are required to disclose personal data breaches no later than 72 hours after the company is aware of them. However, Google has previously maintained that its Google Plus issues were not "breaches," since it didn't find evidence that any third parties had accessed or misused the data.
In response to a later question about GDPR, Pichai said that there was "some value for companies to have consistent global regulation," and highlighted how Google published its own framework to guide data privacy legislation earlier this year.
Hate speech and misinformation were another thorny topic that came up several times. Rep Jamie Raskin (D-Md.) in particular cited YouTube videos promoting a conspiracy theory that Hillary Clinton and other politicians and celebrities were drinking children's blood.
"We are constantly undertaking efforts to deal with misinformation," Pichai said, adding that Google is looking to do more.
It's a well-worn struggle for Google, as well as platforms like Twitter and Facebook. These platforms generally want to allow users to post a wide range of content, while curtailing hate speech through Community Guidelines that can be hard to enforce from both a technological and policy perspective.