“What Google really wants is for everybody to be signed in to their Google accounts all the time,” a Google insider told me in passing last month.
Around the same time, the official Gmail blog put up a 205-word post explaining the latest update to the Gmail app for Apple devices that run on iOS 7.
The app now fully supports background app refresh, which means your Gmail messages will be pre-fetched and synced so they’re right there when you open the app—no more annoying pauses while you wait for your inbox to refresh.
That’s great! But wait, what’s this:
The Gmail app also now supports sign-in across Google iOS apps, including Maps, Drive, YouTube and Chrome. Sign in to one, and you’ll be signed in to all (this also works for signing out). So you won’t have to type in that 27-character password or retrieve your 2-step verification code every time you navigate to another Google app. You may need to re-login after you update the app, but then you’ll be all set.
That sounds convenient. And it is—but not for you, for Google.
To understand why, you need to look back to the last time Google integrated sign-in across services. That’s a good indicator of what Google has planned for its—and your—future.
This approach [of separate privacy policies] is somewhat complicated. It’s also at odds with our efforts to integrate our different products more closely so that we can create a beautifully simple, intuitive user experience across Google.
The real purpose however wasn’t to make your life easier, but to simplify Google’s tracking of it:
Regulators—who Google said in that post had ”been calling for shorter, simpler privacy policies”—quickly realized what the changes meant. European authorities opened an investigation into the new policy, calling it a breach of EU law. More than two years later, many cases remain unresolved. France and Spain have both slapped fines on Google, though the combined €1.05 million ($1.45 million today) is roughly as much as the revenue Google will make in the time it takes you read this article. The investigation is ongoing in another four countries, including Germany.
By unifying its services on the web, Google strengthened its grip on its users data. But it began to lose its hold, again, as smartphones took off. When not using their phones to talk, smartphone users spend 86% of the time in apps, and just 14% in the web browser. So someone might, for instance, be signed in to check Gmail, but be effectively anonymous to Google when watching videos on YouTube.
Keeping you signed in on all apps fills this gap in Google’s knowledge. But just as importantly, it makes a big difference to how the company measures whether ads—the lion’s share of its business—are working.
For example, you may have seen an ad for something on YouTube on your phone, looked it up using the Amazon app on your tablet, and eventually bought it on your computer. Unless you were logged into YouTube when you first saw the ad, Google can’t tell if the sale was a result of the ad, and can’t prove to advertisers—who spend half their mobile budgets with Google—that the money was well spent. It also can’t tell if it’s shown you the same ad over and over again to no effect—information it could use to target ads better.
This is a problem the entire online ad industry faces. But few have as much to lose as Google does, or the clout to push users around. Most companies would be lucky to get one app on your phone’s home screen. Google has a whole mobile operating system, Android. And even people who use Apple rather than Android devices can use a lot of Google apps on them—Google Earth, Drive, Hangouts, Translate, Blogger or even, yes, Google+ (which exists only to serve as the company’s data gathering tool). Hence its move to unify sign-in across them.
This change affects only Apple users who have upgraded to iOS 7, the latest version—but that’s 85% of iOS devices. They no longer have the ability to remain anonymous as they watch videos on YouTube or navigate their cities using Google Maps.
The change seems to have gone unnoticed by privacy campaigners and regulators. Tech blogs have reprinted the press release and a few users appear to have belatedly discovered it by accident, but without noting its full importance.
Google will be watching very closely to see if these voices of dissent grow. In interviews, ad agencies, ad-tech companies, data companies, and back-end login-service providers all tell me that login is the future. Google is best placed to force users to accept that new reality. And it is.