The Federal Trade Commission today announced a proposed settlement in its case against Google for the privacy violations behind its Buzz social networking product. You may recall, Google launched Buzz by integrating it directly into its email program, immediately disclosing the identities of people a user regularly contacted. Google failed to inform consumers that this was a function of Buzz and did not fully remove those who sought to opt-out of the service.
Google would be required to submit to a third-party audit of its privacy programs every two years, the results of which will not be made public. A lot can happen in two years. After all, in far less time, Google has:
- revealed who you communicate with (Buzz);
- eavesdropped on your home wireless network collecting your passwords, emails, instant messages, and account information (Wi-Spy); and
- begun profiling your children collecting their social security numbers and other personally identifiable information (Doodle for Google drawing contest).
Google’s dominance in online search, advertising and analytics allow it to acquire an extraordinary amount of information if it chooses to violate consumer privacy protections. But while fines of $16,000 for privacy violations aren’t much of a deterrent to a company worth $180 billion, it is a start. The FTC and other agencies will need to take further actions against Google if they hope to discourage it from repeatedly violating consumer privacy.
This matter is a great concern for those in the technology industry because continued bad behavior by a dominant market player, that proceeds unchecked, will inevitably result in an over-sized regulatory response. Broad, industry-wide regulation will be the eventual outcome affecting everyone if Google is never sufficiently punished for thumbing its nose at consumers, privacy regulations, and government authorities.