Under pressure, Google cracks down on platform privacy and safety

Key Points
  • This week, Google announced several new policies to crack down on platform privacy and safety, including outright bans.
  • Chrome extension changes will affect third party developers.
  • The move comes amid pressure by stakeholders to protect users concerned with Google's wide use of data and lack of transparency.
Google CEO Sundar Pichai speaks during the GDC Game Developers Conference on March 19, 2019 in San Francisco, California. Google announced Stadia, a new streaming service that allows players to play games online without consoles or computers.
Justin Sullivan | Getty Images

This week, Google issued several new policies meant to improve user privacy and safety, from restricting third-party data collection to banning apps that help users buy marijuana.

The moves come as Google faces backlash from advertisers for failing to monitor certain types of content, especially with its YouTube subsidiary, whose issues with some of its largest advertisers have only recently come to light.

The company also faces looming regulation from Washington, whose tensions with Silicon Valley have grown over the last year. This week, presidential candidate Senator Elizabeth Warren, who has been increasingly vocal about her concern over the scale of Google and Facebook, sponsored billboards that read "Break Up Big Tech" in their own backyard in San Francisco and Oakland. On Friday night, several publications reported that the Department of Justice is beginning to prepare an antitrust investigation against the company.

Privacy was also the resounding theme of Google's annual developer conference Google I/O in May, as executives tried repeatedly to assure the audience that they care about privacy and issuing new policies for products like Google Nest. During that same keynote, a plane hovered over the Mountain View conference venue with a banner that read "Google control is not privacy."

"To make this ecosystem successful, people need to be confident their data is secure, and developers need clear rules of the road," Google Fellow and VP of Engineering Ben Smith wrote in an announcement Thursday.

Here's a rundown:

Chrome extension crackdown: On Thursday, the company announced new policies for its Chrome browser, requiring third-party Chrome extensions to only request access to "the least amount of data" needed to implement their features. In the past, it was only an encouragement and not a requirement. There are more than 180,000 extensions in Chrome Web Store, according to the company.

Google also said it will require more extensions to post their own privacy and data use policies. In the past, the company only required extensions that handle personal or sensitive user data to post a privacy policy, but now it will require extensions that handle "user-provided content" and personal communications.

Both changes will go into effect starting this summer.

Restricting access to info in Drive and Gmail: In the same announcement, Google said it will tighten restrictions on how developers can access Google Drive, which allows users to store and sync files across devices. The change, which will kick in early next year, will force third-parties to limit the apps they can access data from.

Starting June 25, the company will make widely available to G Suite customers a new privacy feature called "Confidential Mode," which aims to keep sensitive information from unauthorized access. Google announced the feature in April amid reports that users' email content was being collected.

Weed whacking. Also this week, Google said it has banned and will continue to ban apps that facilitate the sale of marijuana or related products, deeming it "Inappropriate Content" that compromises user safety. Existing apps will have 30 days from their launch to comply with the policy.

Just enough crackdown

The changes with Drive and Chrome extensions came as part of what the company called "Project Strobe," which was born last year to review third-party developers access to Google and Android data. That effort prompted the shut down of Google's social network Google Plus — the company's hopeful competitor to Facebook —after it discovered a security vulnerability that exposed the private data of up to 500,000 users.

With the exception of Chrome developers potentially jumping ship to a competing web browser like Mozilla's Firefox, the latest privacy changes aren't likely to materially affect Google.

And that's the point. These policies will make Google look like it is trying hard to care for users' data, yet provide few specifics -- for instance, a term like "the least amount of data" is open to interpretation.

In April, Google parent company Alphabet had more than $70 billion in market cap wiped out after a rare earnings miss that was largely due to YouTube's slower-than-expected growth. While executives declined to provide details, analysts believed it was partly a result of the company's algorithm changes designed to clean the platform of harmful content.

But this week's policy changes require less spending and are lower risk. If anything, they are likely to affect third parties and smaller ecosystem partners who will need to adjust to Google's broad restrictions.

WATCH NOW: Google slow to respond to breach

Google's treatment of data privacy breach 'suboptimal,' says Jim Cramer
Google's treatment of data privacy breach 'suboptimal,' says Jim Cramer