Feeds

Fed skewers Google over Tweetbookish Gmail mod

The Buzz on private envelope pushing

The Power of One Infographic

An outgoing commissioner with the US Federal Trade Commission has laid into Google for the privacy-envelope-pushing launch of Google Buzz, that web-based thingy that turned Gmail into a Tweetbookish social networking service.

"I am especially concerned that technology companies are learning harmful lessons from each other's attempts to push the privacy envelope," Pamela Jones Harbour said during an FTC privacy workshop, as reported by PC World.

"Even the most respected and popular online companies, the ones who claim to respect privacy, continue to launch products where the guiding privacy policy seems to be, 'Throw it up against the wall and see if it sticks.'" Her comments seemed to be aimed at Microsoft and Facebook as well as the Mountain View Chocolate Factory.

She characterized Google's Buzz launch as "irresponsible conduct".

Like Facebook or Twitter, Buzz is a way of sharing personal information, media and links with others across the web in what it so often called "real-time". But it's not a standalone, opt-in service. It's integrated with Gmail, tapping users' existing email and chat contacts.

When it was unveiled in February and immediately pushed out to an estimated 32.1 million Gmail users, Buzz automatically identified users' most frequent Gmail contacts as people they'd like "to follow" - ie people they'd like to receive posts from - and by default, it exposed these contacts to world+dog. You did have the option of hiding the list from the public view, but many howled that the checkbox that let you do so was far from prominently displayed.

"Google consistently tells the public to 'just trust us,'" Jones Harbour said. "But based on my observations, I do not believe consumer privacy played any significant role in the release of Buzz."

She called Buzz a "material change" in the user's relationship with Gmail. "When users created Gmail accounts, they signed up for e-mail services," she said. "Their expectations did not include social networking."

Google later agreed to move the checkbox to a more prominent position. And then it rejiggered the way it handles user contacts. Rather than automatically identifying email and chat contacts for following, it now "suggests" people to follow, giving the user a chance to make changes. It should be noted, however, that "suggestions" are checked by default. To change them, you must uncheck them.

Then, with a third set of changes, the company added a Buzz tab to a user's central Gmail "settings" that lets them disable Buzz entirely. But the fact of the matter is that most users will simply approve Buzz - and approve the default settings.

Google apologized for the setting at launch, and its general stance seems to be that it didn't realize that users would be upset, pointing out that it failed to test the service with users outside the company prior to launch.

But we would argue that Google knew exactly what it was doing. The company was, as Jones Harbour said, pushing the outside of the privacy envelope. It didn't test the service with outsiders because it exposed as much user data as possible - knowing that it may have to backtrack if there were complaints.

Like Facebook, Google's primary aim is to expose user data. That's why it integrated the service with Gmail in the first place. In taking such steps it may face short term criticism, but in the long term it comes out ahead.

"I realize that companies continue to take a testing-the-water approach to privacy because no regulatory agency has sent a clear message that this behavior is unacceptable," Jones Harbour said. "I would like to see the commission take the position of intolerance toward companies that push the privacy envelope, then backtrack and modify their offerings after facing consumer and regulator backlash."

Privacy watchdog EPIC has filed a complaint with the FTC over Buzz, saying it violated user expectations, diminished user privacy and contradicted Google's privacy policy. It even questions whether Buzz violated federal wiretap law. ®

The Power of One Brief: Top reasons to choose HP BladeSystem

More from The Register

next story
That AMAZING Windows comeback: Wow – 0.5% growth in 2015
Whoooah, my face is going all floppy with the speed
Think Google Glass is creepy? Wait until it READS YOUR MIND
Startup penetrates the mind of Glassholes
Linux turns the crank on code for cars
Got a feel for your automobile
Google policy wonk patronises Brits over EU search biz probe
Downgrading rivals? Whetstone: 'I just don't think it's really true'
Victim of Tor-hidden revenge smut site sues Tor Project developers
But EFF lawyer says deep-web team 'no more liable' than web server makers
Chrome Remote Desktop adds Linux to supported OS list
Drive Debian from the confines of a Chromebook
prev story

Whitepapers

Seven Steps to Software Security
Seven practical steps you can begin to take today to secure your applications and prevent the damages a successful cyber-attack can cause.
Top 8 considerations to enable and simplify mobility
In this whitepaper learn how to successfully add mobile capabilities simply and cost effectively.
Eight steps to building an HP BladeSystem
Building your ideal BladeSystem infrastructure solution begins with eight simple steps, outlined in this whitepaper.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.
Build a Business Case: Developing Custom Apps
In this whitepaper learn how to maximize the value of custom applications by accelerating and simplifying their development.