Google Settles Data Privacy Complaint With FTC on ‘Buzz’ Social Network
Google Inc. (GOOG) agreed to settle U.S. Federal Trade Commission claims that it used deceptive tactics and violated its own privacy policies when it introduced the Buzz social-networking service last year.
The proposed settlement bars Google from misrepresenting how it handles information, obliges the company to follow policies that protect consumer data in new products and requires periodic reviews to ensure the policies are followed, the FTC said in a statement today.
“When companies make privacy pledges, they need to honor them,” Jon Leibowitz, the commission’s chairman, said in the statement. “This is a tough settlement that ensures that Google will honor its commitments to consumers and build strong privacy protections into all of its operations.”
Google is grappling with increased government scrutiny from regulators around the world who say it doesn’t do enough to safeguard users’ information. They also say the company may use its dominance of Web search to thwart competition. The proposed settlement, which doesn’t call for a fine, will be in effect for 20 years, and covers future situations such as Google’s collection of Wi-Fi data, FTC deputy director Jessica Rich said on a conference call.
The settlement stems from a Feb. 16, 2010, complaint filed by the Electronic Privacy Information Center, a Washington-based advocacy group. The center asked the FTC to investigate whether consumers were harmed when users of Google’s Gmail service found private e-mail contact information automatically displayed to other users when they enrolled in Buzz. Ten lawmakers sent a letter to the FTC on March 25, 2010, urging the commission to carefully look into the group’s complaint.
“The FTC action is far-reaching,” the center’s Executive Director Marc Rotenberg said by e-mail. “This is the most significant privacy decision by the commission to date. For Internet users, it should lead to higher privacy standards and better protection for personal data.”
Google said it agreed to an independent review of privacy procedures every two years and will ask users to give “affirmative consent before we change how we share their personal information.”
“We don’t always get everything right.” Google said in a blog posting today. “The launch of Google Buzz fell short of our usual standards for transparency and user control.”
Colin Gillis, an analyst at BGC Partners LP in New York said Google wants to avoid the regulatory issues that affected Microsoft Corp. and slowed down that company’s ability to be innovative. He rates Google a “hold” and doesn’t own the stock.
“They have government issues across the world,” Gillis said. “Their non-operational risks continue to build and they need to start to reduce these.”
In January, the company announced that Chief Executive Officer Eric Schmidt would step down from his position and become executive chairman and focus on external relationships, including outreach to governments.
Google introduced Buzz on Feb. 9, 2010. The service was linked to a user’s Gmail account “so you don’t have to peck out an entirely new set of friends from scratch -- it just works,” Google wrote in an official blog post at the time.
Users weren’t explicitly warned that their e-mail lists would be automatically visible to the public, the privacy group wrote in its complaint.
“Gmail contact lists routinely include deeply personal information, including the names and e-mail addresses of estranged spouses, current lovers, attorneys and doctors,” the center said in its complaint.
Users could hide their lists only by clicking through several links to un-check a box labeled “Display the list of people I’m following and people following me,” the group said. It called on the FTC to take action under Section 5 of the FTC act, which allows the agency to enforce against unfair and deceptive trade practices.
Google’s fix allows users to opt in and control how much information they share. Google said on Feb. 13, 2010, it would no longer automatically build a Buzz network out of a customer’s most frequently used contacts and wouldn’t link Buzz to customer albums on a photo-sharing website called Picasa, which is also controlled by Google.
In November, Google settled a group lawsuit brought by Gmail users who claimed the exposure in Buzz’s opening invaded their privacy. Under that settlement, Google agreed to create an $8.5 million fund to help finance organizations focused on Internet privacy education and policy, and agreed to further educate users about the privacy aspects of Buzz.
The Electronic Privacy Information Center and other consumer watchdog groups, including the American Library Association and the Consumer Federation of America, have also pointed to privacy issues regarding Facebook Inc. The world’s largest social-networking site has more than 500-million users and surpassed Google in weekly hits last year to become the most visited website in the U.S., according to research firm Hitwise.
The FTC’s Rich, deputy director of the commission’s Bureau of Consumer Protection, said that the agency has other privacy actions in the pipeline she declined to identify.
“While this order technically applies only to Google, we think many of the provisions are good business practices we expect to see widely followed across the industry,” she said.
Google rose 11 cents to $584.84 in Nasdaq Stock Market trading. The shares have fallen 2 percent this year.
To contact the editor responsible for this story: David E. Rovella at firstname.lastname@example.org