The controversy over the lack of privacy in the initial release of Google Buzz, a social media program, is but one in a series of privacy issues in recent years that have affected companies doing business online.
Buzz, which is embedded into the popular Gmail e-mail program, is the most recent. Buzz lets Gmail users share photos, Web links, status messages, and and photos on the Picasa photo-sharing site with fellow Google Buzz users. Two days after its Feb. 9 release, reacting to privacy concerns, Google made it easier for users to hide lists of followers and followees, and to block specific people from following a user's Buzz updates. On Feb. 13, Google also said it will now "suggest" people for users to "follow" electronically, rather than telling users to "auto-follow" those who are e-mail and chat contacts.
Among the privacy issues that have been raised in recent years with Google and other companies:
- The Electronic Privacy Information has asked the Federal Trade Commission to investigate whether Google's "cloud computing" services, including the Gmail e-mail service, Google Docs and its online photo-sharing service, Picasa, is adequately protecting users' privacy.
The FTC is looking at the privacy and security issues tied to cloud computing — where documents and other data are stored on Web-based servers, in the hands of third parties, as opposed to being on a user's hard drive
Cloud computing is considered the future of data storage for many. "However, the storage of data on remote computers may also raise privacy and security concerns for consumers," wrote FTC attorney David C. Vladeck in a December letter to the commission.
"For example, the ability of cloud computing services to collect and centrally store increasing amounts of consumer data, combined with the ease with which such centrally stored data may be shared with others, create a risk that larger amounts of data may be used by entities in ways not originally intended or understood by consumers," he said.
- Iconix Brand Group, Inc., in October 2009, agreed to pay a $250,000 civil penalty to settle Federal Trade Commission charges that it violated the Children’s Online Privacy Protection Act "by knowingly collecting, using, or disclosing personal information from children online without first obtaining their parents’ permission," according to the FTC.
The privacy protection act, in place since 2000, requires Web sites that collect information from children under age 13 to get consent first from a parent before getting information from a child.
Since 2006, the FTC said, Iconix, which owns youth-oriented brands including Candie's, Bongo, OP and Mudd, "knowingly collected and stored personal information from approximately 1,000 children without first notifying their parents or obtaining parental consent." One of its sites, MyMuddWorld.com, the company "also enabled girls to publicly share personal stories and photos online," the FTC said.
- Last fall, Facebook said it would shut down its Beacon advertising-related program and create a settlement fund of $9.5 million to resolve a class-action privacy lawsuit filed against the company in 2008. A hearing in federal court on the settlement will be held this month.
The social networking site started Beacon in late 2007 as a program "to allow users to share information from other Web sites for distribution to their friends on Facebook."
But privacy advocates said Beacon, which monitored and shared online what Facebook users bought from companies such as Overstock.com, Blockbuster.com and Fandango.com, was invasive, and that it was too difficult for Facebook members to "opt out" of Beacon.
Facebook did later amend Beacon to make the "opt out" choice clearer for users, but by that time, Beacon's light was dimming.
- Amazon became more "Big Brother" than author George Orwell's book, "1984," when "1984" and "Animal Farm" were deleted from Amazon's Kindle e-readers last July.
The company cited a problem with rights to the books and issued refunds to the buyers. But, as an Associated Press story said, the company's action also "startled many Kindle customers, who didn't know Amazon had the neo-Orwellian ability to erase content that had already been downloaded to their devices."
Amazon CEO Jeff Bezos apologized, saying it was "stupid, thoughtless, and painfully out of line with our principles." The company also offered $30 to Kindle customers whose copies of the Orwell classics had been deleted.
- Yahoo, which was keeping data about user's Web searches for 13 months, said it would limit most of that data collection to 90 days after an uproar in late 2008. Some say Yahoo's partial deletion of IP (Internet Protocol) address data is still not enough to protect consumers, and called for complete deletion.
Google and Microsoft also agreed to reduce the length of time the companies kept such data, but not as much as Yahoo did. Google agreed to nine months and Microsoft to six months, both down from 18 months. (Msnbc.com is a joint venture of Microsoft and NBC Universal.)
- Sony Music, in late 2008, agreed to pay $1 million as part of a settlement to resolve FTC charges that it violated the Children’s Online Privacy Protection Act. The FTC said that through its music fan Web sites, Sony "improperly collected, maintained and disclosed personal information from thousands of children under the age of 13, without their parents’ consent." The $1 million was the "largest penalty ever in a COPPA case," the FTC said.
- America Online apologized for a "screw-up" in 2006, after a company researcher mistakenly released a database containing more than 20 million search queries from 658,000 AOL users. The database did not include names or user identities, but did include a unique ID number for each user.
- In 2005, after years of debate, the FBI put an end to the highly controversial Internet surveillance program called "Carnivore," which was created to read e-mails and other online communications among suspected criminals and terrorists.
The agency is using another surveillance program that is not supposed to be as invasive as Carnivore was.