Privacy groups cheer FTC's action over Google Buzz
Privacy advocates cheered on Wednesday in response to the Federal Trade Commission's crackdown on Google over privacy violations it called deceptive and potentially illegal resulting from the bungled launch of the Buzz social networking and microblogging service.
The only thing that tempered the joy of privacy watchdogs over the slap from the FTC was a desire for a stiffer punishment for Google.
Google deserves what the complaint settlement doles out and more, after trampling roughshod over the privacy of millions of Gmail users with the launch of Buzz in February 2010, according to watchdog groups.
At the time, the outcry was instantaneous, as horrified Gmail users realized that they had been opted into Buzz by default, which meant that sensitive information, such as the people they interacted with the most on Gmail, was shared with other users without their consent.
The government's intervention is more than warranted and should go further, after a privacy faux pas of such proportions, according to Consumer Watchdog.
"We appreciate this landmark privacy decision by the FTC, but Google needs to be punished and feel pain on its bottom line," said John M. Simpson, director of Consumer Watchdog's Privacy Project, in a statement. "Nothing will completely stop Google from invading users' privacy until it gets hit where it hurts, its bank accounts."
The Association for Competitive Technology sounded a similar note. "The FTC was right to take up the case against Google for its transgressions. Unfortunately, today's proposed settlement doesn't go far enough to punish or deter," said the group's Executive Director Morgan Reed in a statement.
The FTC charged Google with using deceptive tactics and violating its own privacy promises to consumers, and the proposed settlement, announced Wednesday, bars Google from future privacy misrepresentations, requires the company to implement a comprehensive privacy program and requires independent privacy audits for the next 20 years.
This is the first time an FTC settlement order has required that a company implement a comprehensive privacy program to protect consumers' information.
"The terms of this agreement are strong medicine for Google and will have a far-reaching effect on how industry develops and implements new technologies and services that make personal information public," said Center for Democracy and Technology President Leslie Harris in a statement. "We expect industry to quickly adopt the new requirement for opt-in consent before launching any new service that will publicly disclose personal information."
The Electronic Privacy Information Center, which filed the original complaint that prompted the FTC to take action, also praised the FTC's decision to tackle Google over Buzz. "The FTC settlement with Google is far-reaching. It is the most significant privacy decision by the Commission to date. For Internet users, it should lead to higher privacy standards and better protection for personal data," EPIC said in a statement.
People now have until May 2 to comment on the proposed settlement before the FTC decides whether to make it final. Comments can be submitted online at the FTC's website or via regular mail to: Federal Trade Commission, Office of the Secretary, Room H-113 (Annex D), 600 Pennsylvania Avenue, N.W., Washington, DC 20580.
Previously, Google agreed to settle a class action lawsuit over Buzz which includes the payment of US$8.5 million into a fund for organizations focused on Internet privacy education and policy.
In addition to the Buzz fiasco, Google is in hot water with governments and privacy watchdogs over its collection of Wi-Fi traffic data, including people's e-mail messages and website passwords, through its Street View cars, something Google has claimed it wasn't aware of and has apologized for and stopped doing.
Google on Wednesday also apologized for Buzz. "The launch of Google Buzz fell short of our usual standards for transparency and user control--letting our users and Google down," wrote Alma Whitten, Google's Director of Privacy, Product & Engineering, in a blog post.