"Privacy Washing": Why Big Tech doesn't truly care about your privacy!
Welcome to the age of "Privacy Washing": Big techs like Google and Microsoft now appear privacy-focused, but this is a facade. What is "Privacy Washing", and why is it happening? We explain below.
What is “Privacy Washing”?
”Privacy Washing” is a marketing tactic commonly used by big tech companies that want to make you believe they respect your data and your privacy. But in reality, they don’t truly protect user data or respect user privacy as claimed. Companies like Google, Meta, Microsoft, and Apple have perfected their marketing strategies to appear very privacy-focused by claiming they’re putting the users first and giving them “Control” of their settings. But, if you look at the fine print, it often turns out these tech companies only give you minor choices to adapt how deeply your data is being mined, used and abused. Even if you set all privacy settings to maximum (which you need to do manually), these companies are still able to collect your data. This is “Privacy Washing”.
Why is “Privacy Washing” happening?
”Privacy Washing” is adopted by companies for many reasons, from the push for stricter data regulations to protect people who use online platforms, to internet users becoming more aware of how their data is abused for profit by tech giants. Below we explore some of the most common reasons companies “privacy wash” as a marketing strategy.
Stricter regulations regarding data protection
With the increase in data protection policies by lawmakers around the world, for example the EU’s GDPR, tech giants like Meta and Google cannot collect and process user data like they used to. Because there are regulations in place, these companies are forced to give more (but still limited) choice to the user via the privacy settings. These forced updates are portrayed as amazing improvements to the users, even though the tech companies would prefer to still use and abuse all data possible. And even though there are regulations in place, companies still find loopholes to collect and process user data.
Big Tech scandals & increased awareness
In recent years, many scandals and data breaches of big tech organizations have come to light, and slowly people around the world have realized that their online activity is not as protected and not as private as tech giants want us to believe. These scandals not only have negative effects for the companies involved through loss of reputation, users, and profit, but they also push people to switch services and change their online behaviors. Perfect examples of this can be seen with the “DeGoogle movement” or the “Choose European movement”.
Companies like Google, Microsoft, and Meta have become master manipulators and experts at “Privacy Washing” due to the increasing interest for online privacy and data protection. This is understandable as they need to keep up with the user demand for better data protection and privacy. While some people are informed enough to know what really happens when they use products of Big Tech companies, “Privacy Washing” campaigns can be very convincing to the average internet user.
Your data are too profitable
Like oil and gas companies are often called out for “greenwashing”, the same is true for big tech companies with “Privacy Washing”. For companies like Facebook and Google, the goal is to pose as privacy defenders, yet these two are prime examples of the opposite as they continue to make most of their profits from the ad-based business model. By tracking, and collecting as much user data as possible and selling it to advertising companies who then target you with ads, these companies make billions every year. But if a company’s main source of revenue is from advertising, it’s by no means privacy-friendly for the user. This is why popular services like Facebook and Google are ‘free’ to use. They can simply generate far more profit off your data compared to what they could make by charging you a fee to use their services.
Google “Privacy Washing”
Alphabet’s 2024 earnings report shows that their top revenue source in 2024 came from advertising revenue. Approximately $264.59 billion of the total $350 billion was generated through ads. So it’s clear that Alphabet’s Google makes its billions through advertising, collecting and tracking everything you do online, and selling your data.
Yet, as long as Google’s biggest source of revenue comes from advertising, it is extremely unlikely it would stop collecting user data and selling it. Instead, it will continue to introduce more tracking, for example, digital fingerprinting or adding Gemini AI into Gmail. At the same time, Google will use “Privacy Washing” campaigns to convince its users that they would be in control of their privacy.
A prime example of “Privacy Washing” is Google’s Sundar Pichai’s opinion piece in The New York Times where he writes a very emotional, heartfelt story giving examples of how Google’s products are changing to give users more options, and even goes as far to say:
“Our mission compels us to take the same approach to privacy. For us, that means privacy cannot be a luxury good offered only to people who can afford to buy premium products and services.”
”Privacy must be equally available to everyone in the world.”
In the case of Google, privacy is not given or equally available to everyone in the world, and as long as the Silicon Valley tech giant makes its revenue off advertising, privacy and data protection can’t be the company’s main concern. For many people, who aren’t aware of what Google really does, reading such an opinion piece would give the impression that Google really cares and is doing its part to help protect user data – this is only backed up more by the fact that it appeared in The New York Times.
Don’t be fooled: You’re not in control
Google’s Privacy Tools are the perfect example of “Privacy Washing”. These tools give you the impression that you’re in control and able to protect your data. But in reality, as long as you use Google products you will always be tracked, and your data will get collected. You can only limit the extent of this tracking.
Google’s Privacy Tools
By using Google’s products, you essentially allow it to track you and collect your data. But of course Google would never let you know this, or outright tell you the facts. Instead, it has created a ‘Safety center’ where you can find ‘Privacy controls’. This is a dedicated page that shows you how it lets you change your privacy settings to your liking. The problem with this is that if you do not change and review Google’s privacy and security settings, it tracks and collects as much of your data as possible. And as we know from similar optional choices, for instance from the example when Apple had to display a screen that invites everyone to change the default browser on iPhones due to the European DMA, most people did not change their default settings.
A study conducted by Microsoft’s Research Team looked at how many Word users changed their settings and found out that more than 95% of Microsoft users had not changed any settings. This shows how Microsoft, in this case, could choose the default settings, and the majority of the users wouldn’t touch them; the same is true for many other tech products.
So regarding Google’s privacy settings, yes, it lets you opt out of letting it collect every single YouTube video you’ve ever watched or lets you turn off ad personalization, but this will still not stop Google from showing you ads on YouTube. And even if you disable tracking, which barely anyone does, Google can still collect some data and display ads.
That’s why privacy must be the default. Anything less is “Privacy Washing”.
Google Gemini AI
Google’s decision to introduce Gemini AI into Android users’ WhatsApp, Phone, Messages and Utilities is a risk for user privacy.
Like other tech companies, Google is competing to make Gemini AI, the best and most advanced AI model. But in order to do this, the AI needs to be trained on user data. Now, Google is activating Gemini AI for Android users claiming it would ‘help boost productivity’ and ‘make things easier.’ For example, Google recently made an update allowing Gemini AI access on Android devices to assist in apps like WhatsApp and messages, even if users had previously turned off Gemini App Activity. Another example of “Privacy Washing” is the introduction of Gemini into Gmail, which is marketed as a neat little helper, but is actually a privacy nightmare.
Google Incognito Mode
Google’s Incognito Mode lawsuit is another good example of “Privacy Washing”. A countless number of Google Chrome users around the world were under the impression that when they surfed the web using Incognito Mode, they were browsing it in full privacy. Sadly, this was not true. No browsing activity was saved on the device, but Google was still tracking and saving its users’ data. In 2020, Google users filed a lawsuit against Google, resulting in the big tech agreeing to delete or de-identify $5 billion worth of users’ browsing records that were collected over the years. This again highlights Google’s privacy illusion.
Microsoft “Privacy Washing”
Microsoft is another company that introduces new features and tools to help teams and boost productivity, but in reality these new features are often a privacy risk. More concerning, Microsoft is widely used by governments and companies around the world, but this is slowly changing.
With a push for digital sovereignty in Europe, Microsoft is marketing its Sovereign Cloud.
Microsoft’s Sovereign Cloud
Within Europe, Microsoft was traditionally the go-to provider for governments and companies. Now, with the new trend for digital sovereignty, companies want to adopt sovereign solutions and move away from American-owned providers. In response to this, Microsoft is now marketing the Microsoft Sovereign Cloud as a secure cloud solution for European companies. But similarly to “Privacy Washing”, this is just “sovereign washing”: Even if Microsoft stores its data European data centers, the data can still be accessed by the U.S. government.
Microsoft’s “new Outlook”
In 2022, Microsoft introduced the “new Outlook”, which comes with severe data protection issues. In the new Outlook, users’ login credentials and emails automatically get stored on Microsoft’s cloud servers. This potentially breaches data protection laws causing legal and compliance issues, and it also increases the risk of unauthorized access to confidential data.
”Microsoft Recall"
"Microsoft Recall” is a new AI feature introduced in Windows 11 Copilot. It is another Microsoft feature being sold to boost productivity, but this is not all. The new AI tool works by saving screenshots of the user’s screen every few seconds when changes are made, including sensitive emails and messages. Privacy experts have called on people and businesses to disable Microsoft Recall as it erodes user privacy and confidentiality.
Meta “Privacy Washing”
Meta, the parent company behind the social platforms Facebook and Instagram, has come under a lot of scrutiny over the years due to how it collects, processes, and uses user data. Because of its muddy track record and constant lawsuits, Meta is another tech giant that heavily pushes “Privacy Washing” by marketing new “privacy features” for its products. But like Google, Meta also makes the majority of its profits collecting data and selling advertisements. Below, we briefly cover a few examples of Meta’s “Privacy Washing”.
Meta’s sudden rollout of Meta AI in WhatsApp is another privacy concern. Users were not asked to opt in, and the AI bot cannot be disabled or turned off.
Meta AI
It’s no surprise that Meta is also developing its AI tool, Meta AI. Like Google, Meta trains its AI models on the excessive amounts of personal data it collects. This includes the data of Facebook and Instagram users in the EU, even though this could be in conflict with the GDPR.
Meta AI is being integrated into all Meta products, from a standalone Meta AI app to having the AI bot in WhatsApp and Instagram. And the tech giant is very clever with how it markets its AI integration - it’s portrayed to be personal and helpful. For example, let’s look at this text on the Meta AI website: “Open the Meta AI app and start talking to get tailored answers, advice, and inspiration…” While this may appeal to many, the reality is that by using Meta AI, your data is collected and processed in many different ways often with the user unaware of it.
Another privacy concern is how and where Meta AI is being rolled out. Just think of the surprising release of Meta AI in WhatsApp. Meta users were not asked to opt into the AI bot in WhatsApp, and there is also no way to disable or turn the AI off, which raises the question whether WhatsApp messages are truly private.
If you’re one of many looking to leave WhatsApp, take a look at these private WhatsApp alternatives.
In the past few years, Instagram has also introduced features to improve user privacy, like Instagram Teen Accounts. Last year, Meta introduced these restricted accounts for users under the age of 18 to improve the privacy, well-being, and safety of its teenage users. The introduction of these Teen accounts came after Frances Haugen exposed its research showing the company knew Instagram could worsen body image issues in teenagers. More worryingly, this wasn’t the first time that Meta was exposed for the negative impact it has on teenage users. The roll-out of Meta Teens may help protect teenagers against seeing content that’s explicit, for example, but it does not mean Meta has stopped collecting their data, tracking them, and profiting from their data. This highlights another clever “Privacy Washing” campaign by Meta; these accounts are marketed as the perfect solution for teenagers, but in reality teens are only protected from seeing some content. Their privacy is still not being respected.
Threads
Threads, one of Meta’s latest social media apps, is another app that collects as much user data as possible. Within days of release, the Threads app had already reached 100 million users which raised major concerns among privacy experts because like with other social media users, very few Threads users knew about the huge amounts of information the new trendy social site collected. Some concerning info it collects includes your ethnicity, sexual orientation biometric data and even political opinions which is supposedly justified for ‘product personalization’ reasons. The release of the new app was even put on pause in the EU due to concerns about it not adhering to strict European data privacy regulations.
Apple does “Privacy Washing”, too
It would be unfair not to mention that even reputable Apple is guilty of “Privacy Washing”. Apple was quick to realize that their competitors were not focusing on privacy in the past, even though people were starting to grow increasingly aware of the importance of online privacy, and made privacy a major keyword in its marketing campaigns.
While Apple does offer some good privacy features to protect your data from third parties, it’s another company that has perfected its “Privacy Washing” campaigns.
Apple is marketing itself and its flagship product, the iPhone, as privacy-first. And while Apple is quite good at limiting other tech companies, for instance Meta’s Facebook to track users on iPhones, Apple itself likes to track its users. Apple – just like Meta and Google – uses this data for growing its own products, for instance Apple Music, the App Store, the Safari browser etc. In addition, Apple is also one of the mayor ad businesses worldwide, just think of Apple ads which generates billions of Dollars each year in profits. Yet, this tech giant must be called the “King and Queen of “Privacy Washing”” as Apple does not have the same shady image as Meta and Google, despite it being very similar to these companies when it comes to data collection used for advertisements.
What we learn
There are a lot more “Privacy Washing” cases we could mention, but for the purpose of this article we’ve highlighted the most popular examples.
We learn from today’s “Privacy Washing” tactics that what companies say and do is often not the same.
The power of marketing, especially online, has no limits. For the average internet user, the “Privacy Washing” campaigns mentioned above are very compelling. But what these tech giants say must always be observed with a lot of caution and scepticism.
With that being said, the internet is not doomed, and you can make active changes to protect yourself online and take back your data and your privacy. There are privacy-focused companies, like Tuta who are fighting to make the web a better place and enable everyone to use the internet freely and in full privacy.
For more privacy-focused resources, be sure to check out our privacy guides section on our blog. Rest assured, the privacy tools we recommend won’t pull the wool over your eyes with convincing “Privacy Washing” campaigns.
When it comes to security and protecting your data, don’t settle for less.