Originally posted on PC Mag by Matthew Humphries on August 31, 2018.

Google is an advertising company first and foremost. It’s easy to forget that when we’re used to seeing Google-branded smartphones, the Chrome web browser, Gmail, Android, and Chrome OS. But they all exist as a side-effect of Google wanting us to use the internet more and therefore see more advertising. Now it seems, the company may have gone a step too far with regards to tracking what that advertising leads to.

As Bloomberg reports, Google apparently struck a deal with Mastercard which cost millions of dollars in return for access to customer offline spending habits. What this allowed Google to do was link up offline spending habits with online advertising views and clicks for the past 12 months.

It meant Google could effectively go back to advertisers and show them how their adverts on Google’s network led to purchases in retail locations. This was presented to advertisers as a tool for tracking the spending. That’s not information the majority of people would be comfortable with Google having access to, let alone advertisers, especially when it was scraped from what should be a trusted source: your credit card company.

The deal on its own is bad enough, but nobody outside of the two companies apparently knew about it. Customers were not informed their offline spending habits were being shared with Google. The only reason we know about is is because four people “with knowledge of the deal” decided to speak publicly about it with Bloomberg.

Google isn’t commenting about the deal struck with Mastercard, but has commented on the tool used to share the data in a bid to calm fears about privacy. A Google spokeswoman explained, “Before we launched this beta product last year, we built a new, double-blind encryption technology that prevents both Google and our partners from viewing our respective users’ personally identifiable information … We do not have access to any personal information from our partners’ credit and debit cards, nor do we share any personal information with our partners.”

To me, that reads as “yes, we did do a deal to access this offline spending data, but don’t worry, it’s all anonymous.”

Mastercard pointed out merchants must give permission for this data to be shared, with a spokesman stating, “No individual transaction or personal data is provided … We do not provide insights that track, serve up ads to, or even measure ad effectiveness relating to, individual consumers.”

Earlier this year, Google made it easier to control the settings for your Google account, and this is your best defense against offline spending tracking. If you opt out of ad tracking in the “Web and App Activity” console, then offline purchases “should” be immune to the tracking.


If you are concerned about the security of your purchase information, we are here to help. The Hannon Law Firm is actively investigating this matter and would welcome the opportunity to talk to you about your concerns and experience. Contact us by calling 303-861-8800, or by filling out the contact form below.