A privacy advocacy group has filed a lawsuit against Google to stop them from harvesting personal information of people who use their services. The Electronic Privacy Information Center (EPIC) filed the complaint against the Federal Trade Commission (FTC) for not doing enough to protect users from privacy violations and for not fulfilling the requirements of a previous settlement against Google.
If you do not already know, let me fill you in: Two year ago, February 2010, Google launched a social networking tool called Google Buzz. This was the first desperate attempt by Google to try to get their foot in the door of social networking (before they launched their other big mistake called Google Plus). When Google introduced the tool into Gmail, its free online email service, it was completely mandatory. It did not allow for any sort of opt-in process and many people were kept in the dark about what exactly was happening to their personal email information.
Regardless of whether users wanted the Buzz tool or not, it was implemented anyhow. Once the Buzz tool was activated, it immediately gathered together a list of “followers” (kinda like Facebook friends). The “followers” of an individual were determined by a Google algorithm, which chose people to populate the Buzz list with persons who you most frequently interacted with in email exchanges. Google failed to inform people that their email contact list would be used in this way.
Once their “followers” and “following” lists were compiled, Google made those lists available to the general public. Google did not explicitly inform people that their information would be freely available on the web. This was a deep invasion of privacy and break of trust by Google. The contact list of users is incredibly sensitive and the world should not have to see who you are conversing with if you do not want that information out.
Many people said that this Google Buzz tool exposed people to danger. There are some American government officials who’ve used Gmail and their information was jeopardized. Google also made vulnerable human rights activists from repressive countries because all their contacts were exposed. CNET writer Molly Wood had this to say about Google Buzz:
“But I do have an expectation of privacy when it comes to my e-mail, and I think that even in this age of social-networking TMI, most people still think of e-mail as a safe place for speaking privately with friends and family. And for Google to come along and broadcast that network to the world without asking first—and force you to turn it off after the fact—is, I think, both shocking and unacceptable.”
The repurposing of data Google has of you is not only deceptive but dangerous too. Soon after this launch of the Google Buzz tool, there was intense backlash against it and media scrutiny came from all places. This eventually resulted in EPIC filing a complaint with the FTC and a full investigation of Google soon after commenced. Just last fall, the Commission reached a settlement with Google, as a result, the company agreed to a consent order that prohibits Google from misrepresenting its privacy practices. In addition, Google agreed to file regular reports with the Commission. Google is now required to gain consent from users before Google can disclose private data, to comply with a strict privacy program, and is subject to a 20 year audit. Lastly, Google agreed to pay $8.5 million to settle privacy violation lawsuits.
Now, EPIC has filed another complaint against Google because of Google’s plans to consolidate all the information it has of users from all its services and for changing its privacy policies, which takes full effect starting next month. EPIC has a problem with Google changing its privacy policies and business practice just after they agreed to a consent order with the FTC this past October 2011. The advocacy group contends that this is a blatant violation of the settlement and is asking the FTC to investigate Google again.
EPIC’s lawyers said that Google is exposing its users to “grave risk” and that the FTC is required to enforce the consent order but have so far failed to so do. They went on to say,
“At a minimum, a comprehensive privacy program required by the consent order, which arose from the company’s attempt to combine user data from two discrete services, cannot permit the company to now engage in the same prohibited practice…Google ads are targeted to individual users based on information Google gathers about individual users…will make it possible for advertisers to gain access to personal information which was previously unavailable to them”
The complaint was launched yesterday, Wednesday, February 8th, 2012. The FTC has acknowledged the filing by EPIC but declined to comment specifically. They did have this to say though,
“The FTC takes compliance with our consent orders very seriously and always looks carefully at any evidence that they are being violated,” says spokeswoman Cecelia Prewett.
The FTC has the authority to levy fines of as much as $16,000 a day for each violation of consent orders. The case is Electronic Privacy Information Center v. Federal Trade Commission, U.S. District Court, District of Columbia (Washington). I will definitely continue to keep an eye on this one – you should too.
To read the complaint EPIC filed against Google regarding Google Buzz, click here (PDF file)
To read the complaint EPIC filed yesterday, click here (PDF file)
googleexposed 