Google is moving toward a policy of retaining as little customer information as possible so that only the necessary data can be shared with law enforcement agencies based on their legal requests, according to the company's chief privacy officer Keith Enright.
“We maintain that the privacy commitment that we make to our users is of paramount concern for us, so we do not want to overshare. When we do share (data), we want it to be limited to the requirements that are imposed by the jurisdiction in which our services are operating,” Enright said at a select media briefing.
Enright said they will cooperate with law enforcement agencies "when appropriate and legally required," but only on a case-by-case basis.
Enright's remarks come at a time when the Indian government has asked virtual private network (VPN) service providers to keep a log of their customers' data for at least five years, including their names, e-mail addresses, and the reason for which the VPN service was hired, among other details.
While privacy and data protection laws, as well as storage laws, are being developed by more countries across geographies, they also pose a risk of being divergent.
"It may result in the inability to provide services in one jurisdiction that people in another jurisdiction enjoy." Some of this fragmentation, some of these laws, could have unintended policy consequences, such as eroding our ability to protect and secure data, eroding individual privacy if there are data sharing requirements that do not allow for appropriate safeguards," Keith said.
Google is working to ensure privacy by creating a future in which publishers and advertisers can continue to be successful and monetize without tracking individual users across sites to show them relevant advertisements.