Proton

In the public eye, Google presents itself as a champion of privacy. “Privacy is at the heart of everything we do,” its CEO said(new window).

But behind closed doors, Google is telling a different story to policymakers and actively fighting against privacy laws that would protect you from online surveillance.

We’ve identified numerous examples of Google’s multi-million-dollar lobbying efforts around the world to try to prevent elected officials from protecting your data. From the United States to Europe and beyond, lawmakers increasingly want to respond to public demands for regulations against rampant data exploitation by Big Tech. Google’s lobbyists are there, trying to stop them.

Just as the world’s largest environmental polluters have resorted to “greenwashing” to portray themselves as eco-conscious, Google and other Big Tech companies have used “privacy washing” to avoid scrutiny of their business models.

A simple review of Google’s lobbying efforts shows the hypocrisy behind its marketing.

Here’s Google’s true position on privacy

Google spends massive amounts of money to influence elected officials. Since 2019, Alphabet and its subsidiaries have spent more than $125 million on federal lobbying, campaign contributions, and trade associations, according to lobbying reports(new window) and other records.

One of the issues it cares about is privacy — but not protecting it. 

Google’s view is that “requiring individuals to control every aspect of data processing can create a complex experience that diverts attention from the most important controls without corresponding benefits”, according to its policy statement(new window).

This is not privacy. If a company is using your data in ways that are too complicated for you to understand and consent to, then it should never have access to your data in the first place.

Google wants regulators to let companies themselves decide what’s good for you and for society. “Organizations must … take responsibility for using data in a way that provides value to individuals and society and minimizes the risk of harm based on the use of personal information.”

But Big Tech has had this responsibility for decades. The companies’ failures are the reason people are now calling on regulators to protect them from Big Tech. 

Pre-empting democracy in the United States

In 2018, California passed the United States’ first online privacy law(new window), giving residents the right to know what data big companies collect about them, to see how they use it, and to delete it upon request. The law took effect Jan. 1, 2020. 

It’s the most sweeping general privacy law in the US to date, and that made Google worried.

Before the law kicked in, Google tried to push for last-minute changes that would have exempted its business model from certain requirements. The proposed amendment reportedly sought to allow Google and other companies “to continue collecting user data for targeted advertising, and in some cases, the right to do so even if users opt out”, Bloomberg reported(new window) at the time.

Although that attempt failed(new window), Google and other Big Tech companies appear to have learned not to wait for democracy to run its course. Instead, hundreds of lobbyists have blitzed other state capitals promoting their own watered-down privacy laws. Fifteen state laws(new window) have already been passed or are in the works. Big Tech is hoping to pre-empt stronger privacy rules and undercut the momentum for a federal regulation with teeth. 

“It’s been this coordinated national push to advance really weak privacy bills. We’ve definitely felt outnumbered,” an ACLU representative told The Markup(new window).

Overwhelming European lawmakers

When it comes to privacy laws, the European Union is a pioneer. So it’s easy to see why Big Tech has spent so much money (about $30 million in 2021(new window)) lobbying European lawmakers to protect their most cherished surveillance practices. Google has been among the most aggressive. 

Since the GDPR(new window) took effect in 2018, the European Parliament has sought to expand consumer protections through additional regulations — in particular the Digital Markets Act(new window), Digital Services Act(new window), and ePrivacy Regulation(new window)

Google has worked to water down or slow each of these. Lobbying against the Digital Markets Act was so intense that an EU diplomat complained(new window) their Twitter feed had been overwhelmed with targeted advertising promoting Google’s talking points. And Google took credit(new window) for stalling the ePrivacy Regulation, which would crack down on tracking cookies.

Perhaps the company’s biggest win was in the Digital Services Act. Three years ago, a European Parliament committee recommended(new window) tough measures against targeted advertising, “including a phase-out leading to a prohibition”. 

Google and tech industry allies responded with a massive lobbying campaign(new window) to convince lawmakers banning targeted ads would hurt the global economy. The gambit worked, and the draft law no longer threatens Google’s advertising.

The plan to become ungovernable

The United States and Europe aren’t the only countries taking aim at the surveillance economy in defense of their citizens. Google and other Big Tech companies want to prevent any disruptions to their business model. And they’ve identified a clever way to throw sand in the gears of any future regulations.

Big Tech companies, including Google and Apple, have sent trade advisers (i.e., lobbyists) to meet with diplomats negotiating the Indo-Pacific Economic Framework, a trade agreement involving 14 countries along the Pacific Ocean, including the United States, India, Japan, South Korea, Indonesia, and Australia. 

Their strategy is to add a clause to the treaty that would make it more difficult for member countries to pass laws limiting their market dominance and allowing new privacy-focused business models to compete for customers. We explained how they are trying to do this(new window) in a previous article. 

Taken together, Google’s lobbying activities reveal the company’s true intentions have nothing to do with protecting your privacy. Any claims otherwise are simply privacy washing.

Google won’t protect your privacy, but you can

Google will never offer true privacy. The reason the company is so successful is because its targeted advertising product is extremely effective. It is based on knowing you intimately and showing you personalized ads at the moment you’re most receptive to them. This business model earned Google nearly $60 billion in profit in 2022. 

As long as their profit margins depend on collecting your personal data, privacy will never be “at the heart of everything” Google does.

But regulations aren’t the only way to force privacy onto the internet. We as internet users have power through our choices. The best way to take back control of your online data is to use services that make privacy the default — learning how to deGoogle your life.

Take action now: DeGoogle your life for $1

It’s easier to opt out of Google than most people think. The first step is to take back control of your email, which functions as your digital identity for account creation, purchase receipts, travel plans, and more. Gmail is at the heart of Google’s surveillance system because it links all your online activities back to you, especially if you’re logged into your Google Account while searching or browsing.

Proton makes it easy to switch. And our business model is designed to incentivize us to give you more privacy, not less. Proton offers services for free, but you can upgrade for more storage and extra features. This lets you pay with money instead of with intimate details about your life. 

We believe the future of the internet is private. People must evaluate companies based on their actions, not just their marketing statements. Privacy washing is just one more obstacle to a better internet where privacy and freedom are the default.

Related articles

The cover image for a Proton Pass blog comparing SAML and OAuth as protocols for business protection
en
SAML and OAuth help your workers access your network securely, but what's the difference? Here's what you need to know.
Proton Lifetime Fundraiser 7th edition
en
Learn how to join our 2024 Lifetime Account Charity Fundraiser, your chance to win our most exclusive plan and fight for a better internet.
The cover image for a Proton Pass blog about zero trust security showing a dial marked 'zero trust' turned all the way to the right
en
Cybersecurity for businesses is harder than ever: find out how zero trust security can prevent data breaches within your business.
How to protect your inbox from an email extractor
en
Learn how an email extractor works, why your email address is valuable, how to protect your inbox, and what to do if your email address is exposed.
How to whitelist an email address and keep important messages in your inbox
en
Find out what email whitelisting is, why it’s useful, how to whitelist email addresses on different platforms, and how Proton Mail can help.
The cover image for Proton blog about cyberthreats businesses will face in 2025, showing a webpage, a mask, and an error message hanging on a fishing hook
en
Thousands of businesses of all sizes were impacted by cybercrime in 2024. Here are the top cybersecurity threats we expect companies to face in 2025—and how Proton Pass can protect your business.