I TAKE IT THAT MEANS GOOGLE CAN GET MORE VALUE OUT OF YOUR DATA FOR THEMSELVES: Google will offer checking accounts, says it won’t sell the data.
The Google empire is enormous and ubiquitous, covering basically the entire Internet in one way or another. There is, however, one lucrative business the company does not yet have a foothold in: banking. And now it has plans to change that.
Google is working to launch consumer checking accounts next year, The Wall Street Journal first reported this morning. The project, code-named Cache because apparently nobody can resist a pun, is expected to launch next year, sources told the Journal. CNBC, also citing “sources familiar,” confirmed the WSJ’s reporting.
Google: Not a bank
The accounts will be run in partnership with Citibank and a credit union based out of Stanford University. Google executive Caesar Sengupta told the WSJ that the accounts will carry branding from the banks, not from Google, which will also “leave the financial plumbing and compliance” to the banks.
Google and its partners are still hammering out the details of these accounts, including whether or when accounts might incur fees. (Many banks that offer checking accounts waive monthly fees for customers who maintain a certain average balance or who use direct deposit.)
“Our approach is going to be to partner deeply with banks and the financial system,” Sengupta told the WSJ. “It may be the slightly longer path, but it’s more sustainable.”
Banks are subject to fairly strict regulatory standards. An institution offering a checking account must comply with a lengthy list of federal laws, as well as any relevant state laws that might apply.
Ididn’t decide to blow the whistle on Google’s deal, known internally as the Nightingale Project, glibly. The decision came to me slowly, creeping on me through my day-to-day work as one of about 250 people in Google and Ascension working on the project.
When I first joined Nightingale I was excited to be at the forefront of medical innovation. Google has staked its claim to be a major player in the healthcare sector, using its phenomenal artificial intelligence (AI) and machine learning tools to predict patterns of illness in ways that might some day lead to new treatments and, who knows, even cures.
Here I was working with senior management teams on both sides, Google and Ascension, creating the future. That chimed with my overall conviction that technology really does have the potential to change healthcare for the better.
But over time I grew increasingly concerned about the security and privacy aspects of the deal. It became obvious that many around me in the Nightingale team also shared those anxieties.
After a while I reached a point that I suspect is familiar to most whistleblowers, where what I was witnessing was too important for me to remain silent. Two simple questions kept hounding me: did patients know about the transfer of their data to the tech giant? Should they be informed and given a chance to opt in or out?
The answer to the first question quickly became apparent: no. The answer to the second I became increasingly convinced about: yes. Put the two together, and how could I say nothing?
So much is at stake. Data security is important in any field, but when that data relates to the personal details of an individual’s health, it is of the utmost importance as this is the last frontier of data privacy.
Google’s plan to buy Fitbit took chutzpah from the start. The company was already being investigated by Congress, state attorneys general, and federal antitrust regulators, a reflection of growing alarm over a conglomerate whose dominant market share is built on unrivaled access to personal data. Now it was announcing a $2.2 billion acquisition of a firm with troves of the most intimate details of its users’ physical health, from their heart rate to their exercise routines to how many hours they sleep at night. Fitbit was apparently worried enough about the threat of the deal being blocked that it negotiated a $250 million breakup fee in case of “a failure to obtain Antitrust Approvals.”
A week later, almost on cue, Makan Delrahim, the top antitrust official at the Department of Justice, suggested at a conference at Harvard that federal enforcers might start treating data privacy as a relevant issue in evaluating mergers. “It would be a grave mistake to believe that privacy concerns can never play a role in antitrust analysis,” he said. So there was some reason to wonder whether the Google-Fitbit deal would be the first casualty of the growing antitrust techlash.
And that was all before the Wall Street Journal reported this week on Google’s Project Nightingale, a mostly secret deal with one of the country’s largest nonprofit hospital networks granting Google free access to tens of millions of complete, nonanonymized patient records, which it is using to train an AI platform that will be able to customize patient care. (This is apparently legal, somehow, under the Health Insurance Portability and Accountability Act, or HIPAA.)
Is it? Is it really?