Loading ...
Sorry, an error occurred while loading the content.

ISPLA News Brief's: FTC Charges Google with Deceptive Privacy Practices-EU Implications Also!

Expand Messages
  • Peter Psarouthakis
    FTC Charges Deceptive Privacy Practices in Google s Rollout of Its Buzz Social Network: Google Agrees to Implement Comprehensive Privacy Program to Protect
    Message 1 of 1 , Apr 2, 2011
      FTC Charges Deceptive Privacy Practices in Google's Rollout of Its Buzz Social Network: Google Agrees to Implement Comprehensive Privacy Program to Protect Consumer Data

      Google Inc. agreed to settle Federal Trade Commission charges that it used deceptive tactics and violated its own privacy promises to consumers when it launched its social network, Google Buzz, in 2010The proposed settlement bars the company from future privacy misrepresentations, requires it to implement a comprehensive privacy program, and calls for regular, independent privacy audits for the next 20 years. This is the first time an FTC settlement order has required a company to implement a comprehensive privacy program to protect the privacy of consumers’ information. In addition, this is the first time the FTC has alleged violations of the substantive privacy requirements of the U.S.-EU Safe Harbor Framework, which provides a method for U.S. companies to transfer personal data lawfully from the European Union to the United States.

      In response to the Buzz launch, Google received thousands of complaints from consumers who were concerned about public disclosure of their email contacts which included, in some cases, ex-spouses, patients, students, employers, or competitors. According to the FTC complaint, Google made certain changes to the Buzz product in response to those complaints. The FTC complaint charges that Google violated its privacy policies by using information provided for Gmail for another purpose - social networking - without obtaining consumers’ permission in advance.

      The FTC charged that Google failed to disclose adequately that consumers’ frequent email contacts would become public by default. Finally, the agency alleges that Google misrepresented that it was treating personal information from the European Union in accordance with the U.S.-EU Safe Harbor privacy framework. The framework is a voluntary program administered by the U.S. Department of Commerce in consultation with the European Commission. To participate, a company must self-certify annually to the Department of Commerce that it complies with a defined set of privacy principles. The complaint alleges that Google’s assertion that it adhered to the Safe Harbor principles was false because the company failed to give consumers notice and choice before using their information for a purpose different from that for which it was collected.

      Google’s data practices in connection with its launch of Google Buzz were the subject of a complaint filed with the FTC by the Electronic Privacy Information Center shortly after the service was launched.

      A more detailed account of this FTC settlement is posted in the "Current Legislative News" section at www.ISPLA.org with links to the FTC complaint/settlement and a statement by Commissioner J. Thomas Rosch.

      Bruce Hulme
      ISPLA Director of Government Affairs

      "Your proactive voice from State Capitols to the Nation's Capitol"

      Supplemental Information

      Right on the heels of the FTC's recent complaint against "Google Buzz", the EU's problems with Google's "Street View", comes their latest potential privacy issue -- Face View....

      Expect to hear more about "Opt-In" rather than "Opt-Out" provisions for protecting consumers as Congress and regulators address concerns of privacy advocates.

      Below are some points made by Google and CNN which have been reported by numerous media outlets the past two days.

      Bruce Hulme

      ISPLA Director of Government Affairs


      CNN, recently reported that Google is "introducing a mobile application" that will recognize the face of the user and store such data. Google has now indicated to the media the following:

      "We are NOT 'introducing a mobile application' (as the CNN piece claims) and as we’ve said for over a year, we would NOT add face recognition to any app like Goggles unless there was a strong privacy model in place. A number of items "reported" in the story, such as a potential app connecting phone numbers, email addresses and other information with a person’s face, are purely speculative and are inventions of the reporter."

      We hope that this situation will encourage CNN to improve their research department and report more responsibly in the future.

      CNN has released a statement, in which they stand by their report and claim to have a recording of a Google staffer discussing the app intentions:

      "Google’s claims do not fit the facts of the situation. This interview was prearranged – on the record – and staffed by a Google PR rep, who raised no objections at the time and did not deny what the engineer said. Additionally, we have an audio recording of the interview, as does Google. We stand firmly behind Mark’s (Mark Milian)reporting." said CNN's spokesperson.

      The Financial Times reported last year that Google was "tiptoeing around sensitive issues like facial recognition because of a string of privacy concerns including its Google Street view cameras and other concerns." "Facial recognition is a good example . . . anything we did in that area would be highly, highly planned, discussed and reviewed...When you go through these things, you review your management procedures." according to Google.

      [Non-text portions of this message have been removed]
    Your message has been successfully submitted and would be delivered to recipients shortly.