In a press release today, the Federal Trade Commission (FTC) announced that Google had settled In the Matter of Google Inc., a corporation, FTC File No. 102 3136 (2010), alleging privacy breaches made by Google on its Buzz product.
Partially, from the release on the FTC website…
“FTC Charges Deceptive Privacy Practices in Google’s Rollout of Its Buzz Social Network
Google Agrees to Implement Comprehensive Privacy Program to Protect Consumer Data
Google Inc. has agreed to settle Federal Trade Commission charges that it used deceptive tactics and violated its own privacy promises to consumers when it launched its social network, Google Buzz, in 2010. The agency alleges the practices violate the FTC Act. The proposed settlement bars the company from future privacy misrepresentations, requires it to implement a comprehensive privacy program, and calls for regular, independent privacy audits for the next 20 years. This is the first time an FTC settlement order has required a company to implement a comprehensive privacy program to protect the privacy of consumers’ information. In addition, this is the first time the FTC has alleged violations of the substantive privacy requirements of the U.S.-EU Safe Harbor Framework, which provides a method for U.S. companies to transfer personal data lawfully from the European Union to the United States.
“When companies make privacy pledges, they need to honor them,” said Jon
Leibowitz, Chairman of the FTC. “This is a tough settlement that ensures that Google will honor its commitments to consumers and build strong privacy protections into all of its operations.” ”
The entire press release can be found here.
I applaud the FTC’s actions and I’m glad that Google owned up to the problem and has agreed to make adjustments to their operating policies.
There is no doubt that Google has introduced very forward thinking technologies into the World’s markets; from which we all benefit. But, Google’s entire business model is based on data, trust, and service. Without the trust there is no service and without both, there is no business.
Google’s brand has been seriously tarnished and I now wonder what their leadership is thinking – or are they actually thinking about anything except the next data deal. I’m wondering…
- Why would senior management allow this complaint to even go through legal channels to get resolution? One can only guess what C-suite dialog entailed, but it couldn’t have been for the betterment of their customers. The “we didn’t know this was happening” reason has been offered for this debacle.
- Why do Google’s executives continue to make the same kind of short-sighted errors repeatedly? Didn’t they get nicked for their data privacy collection breaches globally when performing their Street View activities – and then said “oops, we didn’t know”?
Isn’t “we didn’t know” the same excuse that the Enron executives gave and isn’t it the responsibility of senior executives to manage risks for their companies so that their brand and their customers are advanced in a positive manner?
Google needs to elegantly, humbly, and honestly recover from this latest misstep in a very public way, so let’s see what they do next to retain already mistrustful current customers, bring back defected customers, and even attract new customers.