Book Search Help

Privacy and Security FAQ

The following are some questions we've heard about privacy, security and Google's proposed settlement agreement with authors and publishers, which is still subject to approval by the court. We've addressed many of them here, and may update this page as our product plans evolve. For more information, please see the Google Books Privacy Policy.

What kind of security measures does Google take to protect data that it receives when I use Google Books?

We take many measures to protect against unauthorized access to data. These include physical and technical security measures to guard systems where we store personal data as well as internal restrictions on who can access the data. We also conduct internal reviews of our practices in order to maintain security. The security measures taken to protect users private data are substantially similar to the measures we take to protect intellectual property, such as the copyrighted books available in Google Books.

What is Google going to do to ensure reader privacy if the settlement is approved?

Important principles from our Google Privacy Policy would apply to this service, as with every Google service. For example, we will never sell personal information about our users. In fact, we will never share individual users' information at all unless the user tells us to, or in some very unusual circumstances that are spelled out in the Privacy Policy, like emergencies or when we receive valid legal process. The Book Rights Registry created under the settlement won't have access to users' personal information, either.

Users will also have choices about the kinds of information that Google receives when they use the service. Most of the new ways of reading books online that the settlement makes possible will not require any kind of registration or account with Google. For example, people who use institutional subscriptions, such as students at subscribing schools, will not have to register with Google to read the millions of books available through the subscription. They only need to confirm their identity to the school’s system – not ours. And of course, regular users of Google Books do not need to set up an account to get the benefits of the settlement. They will be able to see much larger portions of books – often 20% of the book, instead of the current three short snippets – without having an account or giving personal information to Google.

Will Google give data about individual users to the Book Rights Registry?

No. Google is not required under the settlement agreement to provide individual user data to the Registry, and will not be providing it. In fact, the settlement specifies that in circumstances where the Registry seeks this data, it should use legal processes to do so. The Registry will receive aggregate usage data that is needed for the allocation of revenues under the settlement agreement; however, this will not include information specific to individual users.

Will Google be selling data on what users read to other parties?

No. The Google Privacy Policy is clear that we do not sell users' personal information.

Will users have to get a Google account to use Google Books? What about students at colleges or universities?

Users of Google Books will not be required to have a Google account. Anyone can freely search Google Books and preview up to 20% of most books without logging into Google. For the institutional subscription, Google will conform to common practices adopted within the industry to protect user privacy: users will be authenticated either using the student's or the institution's IP address, or using other methods such as Shiboleth -- a technology that lets Google confirm that a user is part of a subscribing institution without knowing who that user is. For the Public Access Service terminals, authentication will be based upon IP and Google will not have information about the individual user.

If someone uses a free public access terminal in a public library, what data will you keep about them and what they read?

Unless that person chooses to log in to use a Google account, we will not have any information that would uniquely identify them when they access Google Books from a public access terminal in a public library.

Why weren't privacy provisions included in the settlement?

The settlement was a negotiation between the plaintiffs in the lawsuits and Google. It settles the copyright claims that were raised, and addresses the new uses authorized by the copyright holders under the settlement -- including detailed provisions for security of scanned files, and other considerations relevant to the lawsuit. It does not attempt to prescribe Google's product plans beyond the points that related to this authorization -- which is a good thing, both for users and for privacy. For one thing, the product has not yet been designed and developed, which makes detailed privacy policy drafting almost impossible. Also, with a product such as this, it is important to engage in discussions with the broader community and in particular with institutions such as libraries about the appropriate privacy policy for these services. Google has been actively engaging with representatives of the library community and other public interest groups to get input on what should be included. These discussions have been very helpful and we expect to continue to engage in these discussion as we develop our products.