Of all the schemes Google has dreamt up over the years, Street View has got to be one of the most controversial.

For those not familiar with the idea, Google are taking photos of every street in pretty much the whole world, and integrating it with Google Maps. Naturally, several privacy groups are up in arms at the idea, even though Google have agreed to blur faces and remove people if they request it.

But blurring isn’t Google’s only problem. In what may become a test case, a couple in Pennsylvania are suing Google for publishing pictures of their house, as it is on a private road.

In a statement to court, Google said complete privacy does not exist, but have since said that their remarks have been taken out of context. Google clarified this to me in the following statement:

“There’s been some misinterpretation concerning our response to the Street View suit… It should not be interpreted as a blanket statement on our views towards privacy. To be clear, Google respects an individual’s right to privacy. We have privacy protections built into all of our products. For example, we blur faces in Street View and we offer easy-to-use removal tools so users can decide for themselves whether or not they want a given image to appear in Street View. It is unfortunate the parties involved opted to pursue litigation instead of making use of these tools.”

This problem will be far greater for Street View in the UK due to the very high number of private roads. There are around 40,000 in the UK, according to Private Roads Services. Although it’s hard to quantify the number of public roads in the UK, I estimate there are around 100,000 streets in London (according to a quick calculation counting the entries in the London street atlas).

Google said its policy was to not photograph private roads, and that its drivers were trained to look out for them. Which I think means not driving past a sign saying “private road”. But a spokesman admitted that mistakes have been made, and they would be more careful in future. “We made the error of photographing the approach road to a military base in the US,” said the spokesman. “We learnt from that.”

It has been a week of regulatory decisions on internet privacy issues.

The UK’s Office of the Information Commissioner has given the go-ahead for Phorm, the targeted advertising company to start trials with BT. While the ICO statement of this is not exactly a ringing endorsement of the service, it doesn’t raise any insurmountable concerns. Phorm is still under close scrutiny, but for now, allowed to go ahead.

At the same time, the Article 29 Working Party has finally published its opinion on data protection issues related to search engines, going much further than some observers expected. Search engines are to be required to delete search logs after only six months compared with 18 currently for Google and 13 for Microsoft and Yahoo.

There is still much puzzling over the exact interpretation of the dense document, but under some of the strictest readings it suggests that even the search terms you type into a search engine are personal information and should not be used without your permission for other purposes. In other words, they shouldn’t be used to send you targeted ads, an interpretation that would entirely undermine Google’s business model.

It seems unlikely that the rules will be taken to this extreme, but it is clear there is a clash coming between Google and the European regulators on the recommendations. Google maintains it needs server logs for 18 months – some European regulators say even 6 months are too much. After a year and a half of talking, neither side has convinced the other. It doesn’t bode well for finding a compromise from here.

The Phorm and Google cases show that regulators have fallen out of sync with public opinion on these matters. For internet users, Phorm is the easier to hate, because noone really likes advertising. Google, on the other hand, provides a useful service and is forgiven for much.

The regulators, however, appear to see Google as the more problematic of the two. It is OK to target people with ads as long as it is done anonymously, without identifying people. What is not OK is having a lot of personal details sitting on company servers, however unobtrusively they may have been collected and used.

Any company hoping to launch targeted advertising services should be watching the fate of UK start-up Phorm with great interest. In particular, they should take note of what this says about the public’s double standards on privacy.

Phorm is trying to build a new ad platform, serving ads targeted around users’ internet habits and interests. It is hoping to make this acceptable to the general public with reassurances that no personally identifiable information is kept or stored as part of the process.

According to Phorm, the system will know it is serving an ad to a 30-35 year old male looking for a new car insurance deal. It will not know who you are, however.  You are just a random number. It will not even keep your IP address.

Phorm has consulted with every possible stakeholder to assure people the system is privacy-friendly - like the UK Home Office and the UK Information Commissioner - and it has had its privacy system audited by Ernst & Young and 80/20 Thinking, a privacy consultancy. It is inviting anyone with an interest to do their own inspection.

But none of this has really helped with public perception. There has been a blogosphere furore, and Phorm has been branded a spyware company in the press. A UK think tank this week sent an open letter to the Information Commissioner’s office, asserting that Phorm was possibly illegal.

As was seen in Facebook’s Beacon experiment, people are strongly against the idea of targeted advertising. Given any choice in the matter, it seems, they will campaign hard against it.

The attitude is, however, inconsistent with our tolerance for all kinds of other, less overt data collection and targeting. Where people are not explicitly told about targeting they are generally too lazy to protest.

Every Google search is stored for 18 months, complete with IP address and cookie information from a personal computer. There is much more of a profile kept on Google’s servers than on Phorm, yet, even after the issue was raised a year and a half ago by European privacy regulators as a problem, users have not abandoned the search engine in droves. It appears to be too convenient to boycott.

Millions of us carry store loyalty cards that allow supermarkets to closely profile our shopping habits. This is linked to our name and address – but that doesn’t bother any more than a handful of people.

In fact, we hand over our personal information constantly to any number of companies, from signing end-user licensing agreements to use software, to filling in forms to extend warranties on our household goods.

The companies to which we give this data use it for their own targeting – and are notoriously bad at protecting it. Several recent studies have shown that only a minority of companies have adequate data safeguards. Many don’t even know what data they have in their files and couldn’t say if any of it had leaked or been hacked. Big data losses such as the TJX incident are just the tip of the iceberg.

This is not causing major uproar.  However, if a company declares its intention to target us, albeit in as secure a way as possible, we feel outrage. Phorm is in danger of becoming a scapegoat for a general frustration about an information society we no longer feel in control of.

It is a shame, because the company was at least trying to move privacy technology forward to some extent. It may not have gone far enough, but it is a start. Stamping the business out before it has even started will not stop attempts to target advertising, but may simply drive it underground. The lesson from all this seems to be:  if you want to target, just don’t tell anyone you are doing it. They probably won’t notice.