Tag Archives: online privacy

California DMV’s Autonomous Vehicle Regulations Must Protect Users’ Privacy

Driverless CarI was up in Sacramento today to call on the Department of Motor Vehicles to ensure that the regulations that they are developing to govern the use of autonomous vehicles – popularly known as driverless cars -will protect the operators’ privacy.

The company that will be most directly affected by the new autonomous vehicle regulations is Google, which is pioneering development of the robot-driven cars. The Internet giant was the driving force behind SB 1298, which charged the DMV with the task of developing the regulations and also rebuffed attempts to require privacy protections in the law.

However, it is not too late to implement privacy safeguards in this rulemaking and Consumer Watchdog called on the DMV to do so. Failure to act will mean substantial privacy risks from the manufacturers’ driverless car technology if there are not protections from what Google is best known for: the collection and use of voluminous personal information about us and our movements.

The DMV regulations must give the user control over what data is gathered and how the information will be used.  Merely stating what data is gathered with no explanation of its use is woefully inadequate. The DMV’s autonomous vehicle regulations must provide that driverless cars gather only the data necessary to operate the vehicle and retain that data only as long as necessary for the vehicle’s operation.  The regulations should provide that the data must not be used for any additional purpose such as marketing or advertising without the consumer’s explicit opt-in consent.

Without appropriate regulations, autonomous vehicles will be able to gather unprecedented amounts of information about the use of those vehicles.  How will it be used?  Just as we are now tracked around the Internet, will Google and other purveyors of driverless car technology now be looking over our shoulders on every highway and byway? Will the data be provided to insurance companies for underwriting purposes or to third parties that develop some kind of a driving score related to where and when individuals travel?  Will it be used to serve in-car advertisements or advertisements through other venues in the Google suite of products? Will it be used to track our movements and those of surrounding cars and mobile devices so that Google’s advertisers can better locate us?

Google is the aforementioned leader in driverless car research and is attempting to steer regulatory efforts in various states, especially California.  That’s why our concerns are so focused on the company. So I ask:  Why won’t Google endorse simple privacy safeguards for its self-driving cars?  I think there are two reasons.

First, Google’s entire business model is based on building digital dossiers about our personal behavior and using them to sell the most personal advertising to us.  You’re not Google’s customer; you are its product – the one it sells to corporations willing to pay any price to reach you.  Will the driverless technology be just about getting us from point to point or more about tracking how we got there and what we did along the way?

Second, computer engineers, who believe that more data is always better, are in charge at Google.  They may not know what they would use data for today, but they think they may someday find a use for it and don’t want any restrictions on them now.

Google is first and foremost an advertising company; 98 percent of its $38 billion in revenue comes from advertising, and the more personalized the marketing the better.  Indeed, Executive Chairman Eric Schmidt has said, “We don’t need you to type at all. We know where you are. We know where you’ve been. We can more or less know what you’re thinking about.”

John SimpsonWe all remember the last time Google deployed high tech vehicles around the world.  The result was Wi-Spy, the biggest wire-tapping scandal in history when the company’s Street View cars sucked up data from tens of millions of private Wi-Fi networks, including emails, health information, banking information, passwords and other data.  The company paid $7 million to settle the case brought by the state Attorneys General.  A class action suit is pending in federal district court.

Citing its “Don’t Be Evil” motto, Google claims it can be trusted with our information.  Facts show otherwise. The FCC released documents showing the Wi-Spy scandal was not a mistake or the work of one rogue engineer, as the company had claimed; but was part of the Street View design. The Commission fined Google $25,000 for obstructing its investigation.

The Federal Trade Commission imposed a $22.5 million penalty on Google for violating a consent agreement and hacking around privacy settings on Apple’s Safari browser, which is used on iPads and iPhones. Simply put, there is no reason to believe Google when it claims to be concerned about privacy.

Consumers enthusiastically adopted the new technology of the Internet.  What we were not told was that our use of the Information Superhighway would be monitored and tracked in order to personalize corporate marketing and make a fortune for companies like Google.  Consumer Watchdog supports driverless car technology and predicts it will be commonplace sooner than many of us expect.  However, it must not be allowed to become yet another way to track us in our daily lives.

Internet technology was implemented with little regard to protecting users’ privacy.  We are playing catch-up for our failure to consider the societal impact of a new technology.  The time to ensure that this new driverless car technology has the necessary privacy protections is while it is being designed and developed.   This is a concept known as “Privacy by Design.” It means privacy issues are considered from the very beginning and solutions are “baked in.” Trying to catch up after a new technology is developed and broadly implemented simply will not work.  The DMV should act to require that consumers must give opt-in consent before any data gathered through driverless car technology is used for any purpose other than driving the vehicle.

While we don’t propose to limit the ability of the cars to function by communicating as necessary with satellites and other devices, the collection and retention of data for marketing and other purposes should be banned. Unless strong protections are enacted in the new regulations, once again society will be forced to play catch-up in dealing with the impact of the privacy invading aspects of a new technology.



Posted by John M. Simpson, Director of Consumer Watchdog’s Privacy Project.  

Target Needs to Pay for Targeting Our Privacy

Target ShirtTarget is targeting our privacy. There’s a big red bullseye, a target – like the one on the shirt I’m wearing today – that Target and Neiman Marcus, who chose not to show up to answer questions today, have put on us because they haven’t done enough to protect our private financial data. And the reason is that there’s no financial incentive to do so.

110 million Americans had their personal financial information breached. That ‘s one out of two adult Americans. I was in Sacramento today to testify in front of a joint California Assembly committee hearing investigating the breach. And yet Target did not send a single representative to Sacramento today to answer questions about the largest data breach in American history?

The fact that Target didn’t show up today tells us all we need to know about how sorry Target is and how committed it is to our privacy.

If you are as offended by this as I am, I have a t-shirt for you to wear too.

The reason Target won’t face legislative questions today is the same reason that our personal financial information and data is at such grave risk: there is no price to pay. There are few financial penalties to companies like Target when our personal data is taken.  

Beyond public embarrassment, Target has little financial incentive to care.

We, the consumers, pay the consequences but we have no remedies.

According to the Committees’ own staff research, 1 in 4 consumers whose personal information that is taken becomes a victim of identity theft. 1 in 4 victims of a data breach is also a victim of identity theft. If these numbers apply to Target, that would potentially create more than 25 million identity theft victims.  

There’s a harm. The retailers had a role in creating that harm. And yet they have no liability under California law for what they have or have not done to safeguard the sanctity of our personal information.

The problem with privacy violations is that unlike thefts of money or property the law does not recognize a harm and does not provide a remedy.

As the Committees’ staff research states: consumers have no remedy under the law for the loss of financial privacy suffered through these data breaches, and the 1 in 4 risk of id theft they face.  Zero remedies.

Jamie CourtSo why would retailers invest in greater security, or meet voluntary industry standards, or move away from risky magnetic strip technology?  

If they don’t have to pay a price they don’t have an incentive to change.  And that leaves our private financial information with a big bullseye on it.

What can we do?

We need a California financial information act that mirrors our Medical Information Privacy Act.    

When there is a data breach of our medical information, the drug company, hospital or medical center is liable to the consumer for $1,000 per violation.  

Guess what?  Medical data breaches are fewer and farther between. When they occur companies pay a big price.

The same should be true for our financial data. We need a California Financial Information Privacy Act

It would:

  • Change notification standards to be immediate.
  • Write minimum-security standards into the law so that they are no longer voluntary.
  • Set limits on the time data can be retained. And limits on what information can be collected and retained
  • Most importantly: create a private right of action. Put a price tag on retailers’ mistreatment of our private financial information.

Until there is a price to pay, Target and other retailers will continue to make us targets.

If you are as offended as I am by Target’s absence today in Sacramento, please share our Target design online to show your displeasure.

When a company as big as Target won’t provide a single representative to answer questions about the largest data breach in American history, it is time for California to step up and deliver on the promise in Article 1 Section 1 of our state constitution: Privacy is an inalienable right.



Posted by Jamie Court, President of Consumer Watchdog.

Trifecta — Patient Safety, Pollution Prevention & Privacy

Patient Safety Advocates What a week! Three big victories in California will keep us safer from dangerous doctors, toxic polluters and privacy invasions, but we only got there thanks to your support.

State Senator Curren Price and Assemblyman Richard Gordon proposed yesterday to strip the California Medical Board of its authority over physician discipline. The physician-run Board has let dangerous doctors keep practicing as investigations take years to complete. You joined us, and families who lost loved ones to reckless prescribing, when we called for a transfer of doctor investigations to impartial prosecutors at the Department of Justice.

Senator Price said it all when he told the LA Times he proposed cutting the Board’s power because, “I don’t want anybody else to die.” With your help we’ll keep the pressure on in Sacramento to make this reform a reality.

On Wednesday, the state’s top toxics regulator shut down the state’s largest battery recycler, Exide, for leaking lead, arsenic and other toxins into the surrounding community for more than two decades. The action came only after Consumer Watchdog exposed endemic failures at the Department of Toxic Substances Control to prevent pollution and punish serial polluters in our report, Golden Wasteland. Nevertheless, Californians could be on the hook for millions in clean-up costs because the DTSC never required the company to put money away for cleanup.

Carmen BalberRounding out this week’s trifecta was a rare reversal by Google on the privacy front: The internet giant quietly stopped sharing consumers’ private emails and addresses with app developers that use its Google Play store. The reversal came after a Consumer Watchdog complaint to the Federal Trade Commission and California Attorney General Kamala Harris that Google was not only violating consumers’ privacy, but violating its own agreement with the FTC not to share information without consumers’ permission.

And this breaking news: This morning, the Court of Appeal sided with us to reject Mercury Insurance’s attempt to throw out a case the company has delayed for nearly a decade. The suit would hold Mercury accountable for charging illegal broker fees to consumers. We are fighting that battle on a second front before an administrative judge in San Francisco right now.

So that’s really four big wins this week. Thanks for sharing them with us.

________________________________________________________________

Posted by Carmen Balber, Executive Director of Consumer Watchdog.  Follow Consumer Watchdog on Facebook and on Twitter.

Google Ending Privacy Breach Consumer Watchdog Targeted in FTC Complaint

Google Play

Google apparently is ending an egregious privacy breach involving people who buy apps from its Google Play store using Google Wallet to pay. Consumer Watchdog filed a complaint to the Federal Trade Commission with a copy to California Attorney General Kamala Harris about what Google was doing. The complaint  alleged that the Internet giant was violating its privacy policies and its “Buzz” consent agreement with the FTC.

Rep. Hank Johnson, D-GA, also questioned Google about what it was doing.  Google was sending to apps developers the name, email address and address of people who bought apps on Google play.  It tried to claim that the the information was necessary for the transaction, but that’s clearly not the case when talking about downloading an app from its app store. Neither Apple nor Microsoft provide such personal information about people who buy apps from their stores. Google’s response to Rep. Johnson, confirmed what Google was doing and actually showed it was unnecessary.  Consumer Watchdog sent a second letter to the FTC with a copy to California Attorney General Harris when Google answered Rep. Johnson’s letter.

On Tuesday WebProNews and DroidLife reported Google was addressing the concerns on a new Wallet Merchant Center it is rolling out and no longer sending the personal information about apps buyers.

I’m glad the change is coming, but I’ve got questions.

What role did the Federal Trade Commission or the California Attorney General’s office play in this change?  Why did Google only act when formal complaints were filed? Will there be fines?

John M. SimpsonGoogle has become a serial privacy violator.  You’ll remember that new sooner was the ink dry on the “Buzz” consent agreement than it was caught hacking around the privacy settings on the Safari browser used on iPhones, iPads and other Apple devices.  It ultimately cost Google a fine of $22.5 million, which is pocket change to a company that has annual revenue of around $50 billion. It’s like giving a $25 parking ticket to a person who makes $50,000 a year.

Google is simply figuring that fines are a cost — and a minor one at that — of doing business.  In case you missed it, on Monday Germany hit Google with a $189,225 for the Wi-Spy incident where its Street View Cars sucked up emails, URLs, passwords, account numbers as they snapped photos around the world.

In describing the fine The New York Times‘ Claire Cain Miller wrote:

Regulators in Germany, one of the most privacy-sensitive countries in the world, unleashed their wrath on Google on Monday for scooping up sensitive personal information in the Street View mapping project, and imposed the largest fine ever assessed by European regulators over a privacy violation.

The penalty? $189,225.

Put another way, that’s how much Google made every two minutes last year, or roughly 0.002 percent of its $10.7 billion in net profit.
It is the latest example of regulators’ meager arsenal of fines and punishments for corporations in the wrong. Academics, activists and even regulators themselves say fines that are pocket change for companies do little to deter them from misbehaving again, and are merely baked into the cost of doing business.

The fact Google is changing Google Wallet’s practices makes it clear Google violated the Buzz Agreement.   Google claims that it is taking privacy seriously now that it is operating for 20 years under the Buzz Agreement. It isn’t and the regulators aren’t holding Google’s feet to the fire.

The company’s executives need to be held to account in a meaningful way. I’ve always argued the way to get corporate executives’ attention is to hit them with jail time when they flout the law.  It’s not going to happen here, but a meaningful fine for the second Buzz violation sure would be nice.

_________________________________________________________________

Posted by John M. Simpson, Director of Consumer Watchdog’s Privacy Project. Follow Consumer Watchdog online on Facebook and on Twitter.

When In Doubt, Speak Out

Jamie Court

A pro-consumer candidate to the Federal Trade Commission, who had the backing of the entire public interest community, really wanted the job. But this candidate didn’t want allies to go public for fear of alienating the White House. What happened?  Today POTUS hosed us and gave the keys to the FTC to corporate attorney Edith Ramirez.

The lesson: if you want to speak for the public, you have to speak publicly.

It’s just too easy to get caught up in the quagmire of worrying about alienating powerful people. Back channels and back room are the domain of those who want to turn their back on the public, not advocates for the public.

And the lesson, which came in healthy helpings this morning, can even be lost on those of us who typically have no control of our tongues.

Consider Ron Shinkman’s remarkable report today in Payer and Providers about the pathetic record of California Department of Managed Health Care Director Brent Barnhart.  We didn’t expect much from a former Kaiser lawyer Governor Brown appointed to regulate HMOs, but perhaps a healthy tongue lashing on the front end would have up-ended this record.

As Shinkman records:

Between 2009 and 2011, the Department of Managed Health Care issued nearly 1,000 enforcement actions against health plans, fining them nearly $9 million for a variety of misdeeds and demanding they take corrective actions to protect the interests of their enrollees.

But after Aug. 11, 2011, when Gov. Jerry Brown appointed former health plan lawyer and lobbyist Brent A. Barnhart to head the agency, enforcement actions dropped almost immediately. The DMHC issued only 74 such actions during the remainder of the year, compared to 433 in the portion of 2011 prior to his appointment – although an agency official said that number should be condensed.

In 2012, the DMHC issued 90 enforcement actions, well below its historical average dating back more than a decade. The most significant action of the year was taken not against a health plan, but against the Accountable Care IPA, a medical group that had been using non-physicians to make medical coverage determinations.

Moreover, financial penalties levied against the plans dropped dramatically in 2012. Last year, $451,000 in fines were issued, or just over $5,000 per enforcement action. That’s a stark contrast to 2010, when $2.2 million in fines were issued, an average of more than $20,000 per action. In 2008, fines exceeded $18 million, which included several significant enforcement actions against insurers.

New rule, or old rule remembered: When in doubt, speak out.

____________________________________________________________________

Posted by Jamie Court, author of The Progressive’s Guide to Raising Hell and President of Consumer Watchdog, a nonpartisan, nonprofit organization dedicated to providing an effective voice for taxpayers and consumers in an era when special interests dominate public discourse, government and politics. Visit us on Facebook and Twitter.

Consumer Watchdog Calls On FTC to Seek Do Not Track Legislation

photo spyphones.jpg

Consumer Watchdog Wednesday called on the Federal Trade Commission to ask Congress to pass Do Not Track legislation because “the self-regulatory effort to design Do Not Track is virtually dead in the water.”

In a letter to FTC Chairman Jon Leibowitz John M. Simpson, the nonpartisan nonprofit public interest group’s Privacy Project Director wrote:

“Almost a year ago with great fanfare in the media you said a Do Not Track mechanism would be in place by the end of last year.  You and you colleagues opted to rely on a self-regulatory process to implement Do Not Track, but alluded to the possibility of legislation if that process failed.  Not surprisingly the self-regulatory effort to design Do Not Track is virtually dead in the water.  After a year nothing has changed for the consumer.  You tried to use the bully pulpit, but the advertising industry did not heed your call. The time for words has passed; if you expect Do Not Track to be implemented, the Commission must endorse Do Not Track legislation now.”

Read Consumer Watchdog’s letter here

“As the Commission advocated in its report, Protecting Consumer Privacy in an Era of Rapid Change, a Do Not Track mechanism would offer people control over whether data about them was collected,” Simpson wrote.

Consumer Watchdog noted that the World Wide Web Consortium (W3C), an Internet standards setting organization, has been trying to develop specifications about how the Do Not Track message would be sent and what the obligations would be for a website that receives it.  “Talks have dragged on more than a year with weekly conference calls and six face-to-face meetings, while the W3C’s Tracking Protection Working Group has grown to 102 members,” Simpson wrote. “Another round of meetings is scheduled next month. Talks can at best be charitably described as stalled.”

“You and the Commission repeatedly put faith in self-regulatory efforts and predicted that a Do Not Track mechanism would be in place by the end of the year,” Simpson wrote.  “Unfortunately that optimism has proved to be unwarranted.”

The letter concluded:

“The end of the year as passed. Your words have gone largely unheeded by the advertising industry. The bully pulpit has not brought about a Do Not Track standard. Lest your words be taken as empty threats and given the logjam in the World Wide Web Consortium process, the time for decisive action by the FTC has arrived.  Sen. Jay Rockefeller, (D-WV) introduced a Do Not Track bill in the last session of Congress.  We understand he intends to re-introduce the bill this session.  We call on you and the entire Commission to endorse the urgent need for Do Not Track legislation.  If nothing else, the threat of legislation could be the stick that prompts a recalcitrant advertising industry to stop its foot dragging and re-engage in real negotiations.”

The letter cited numerous times that Leibowitz had predicted the implementation of Do Not Track by the end of last year and raised the possibility of legislation if the effort failed.  For instance, the letter noted:

“‘We are definitely at a critical point in whether folks will be able to come together and develop a real Do Not Track option for consumers,’ you told Politico in October. You said the lack of consensus was ‘encouraging the possibility of legislation — maybe not today, maybe not in the lame duck, but soon.’ You also told The New York Times, ‘It is time to drop some of the bluster and work toward compromise.’

“In November you used the bully pulpit again to tell Politico, ‘If by the end of the year or early next year, we haven’t seen a real Do Not Track option for consumers, I suspect the commission will go back and think about whether we want to endorse legislation.’ ”  

Consumer Watchdog Asks FTC To Release Staff Report In Google Investigation

FTC

Says Action Necessary To Restore Faith in Agency As Effective Antitrust Enforcer

Consumer Watchdog today called on the Federal Trade Commission to release the 100-page staff report on the 19-month Google investigation as the only way to “restore a modicum of public trust in the Commission’s ability to serve as an effective antitrust enforcer.”

“I call on you to release the FTC staff report to help make clear what was behind the Commission’s otherwise unfathomable action,” wrote John M. Simpson, Consumer Watchdog’s Privacy Project director in a letter to Commission Chairman Jon Leibowitz and Commissioners Julie Brill, Edith Ramirez, Maureen Ohlhausen and Joshua Wright.

“Media reports suggest that the Commission’s tap on the Internet giant’s wrist was the result of a ‘calculated and expensive charm offensive,’ ” Simpson wrote.

Read Consumer Watchdog’s letter here.

“Put another way, by all appearances, the Internet giant played an insiders’ game and bought its way out of trouble,” Simpson wrote. “Perhaps, the Commission managed to ignore the charm offensive and decide the case on the merits.  Sadly, we cannot know the true situation because we don’t have the details of the 19-month staff investigation.”

Consumer Watchdog’s letter quotes articles in Politico and The New York Times about the Internet giant’s $25 million lobbying campaign and its efforts to cozy up to the Obama Administration and other Washington insiders. “It was a multiyear campaign focused on this very moment, knowing as the company grew these issues were going to come up,” Alan Davidson, Google’s former top lobbyist, told Politico.

Read the Politico article here.

Read The New York Times article here.

The best course of action, Consumer Watchdog said, would have been to file an antitrust suit and bring the case to trial. All the evidence would have been part of the public record.  In a November letter to the FTC Consumer Watchdog warned that a negotiated settlement would inevitably invite cynicism about the results.

Consumer Watchdog’s letter to the Commission today continued:

“Opting to avoid a trial and filing a formal consent agreement would at least have required a complaint, spelling out the violation. Instead you have settled for promises from a company that has a demonstrated record of repeatedly breaking its word.  And it’s not even clear what they did wrong.

“Your only chance of re-establishing the FTC’s credibility on its handling of the Google investigation is to release the 100-page staff report about the inquiry. Releasing the report would put the Commission’s decision in context.

“Moreover, the public has the right to know what the staff recommended and to understand the reasoning of the professionals who conducted the lengthy investigation and the quality of their work.  It could be possible that the staff botched the investigation and you were left with no other choice.  If the report contains Google trade secrets, they could be redacted.”

FTC should proceed with case against Google

Photobucket

When you stare down a $220 billion corporation, it’s hard not to blink. But if the Federal Trade Commission doesn’t deliver on its ultimatum to Google that it settle its antitrust problems soon for real relief or face prosecution, then consumers will never get the open and unfettered online and mobile access to information they deserve.

While the government’s battle with Microsoft in the 1990s was about whether the dominant software company could bundle software and an Internet browser, the antitrust case against Google is about whether one company should have so much control over online information that it can steer us any where it chooses for its own profit.

This is the power to make or break businesses, control online discourse, and steer consumers to the Internet giant’s own websites and affiliated businesses, all based on tweaking an unseen algorithm and holding a network of key online and mobile gateways and properties.

Google’s 70% control of online searches and 90% control of mobile searches, along with its dominant Android mobile operating system, patents, and vast content acquisitions make it the Standard Oil of our time.

The allegations against Google are that it restrains online trade with biased search results that drive consumers to the content it owns (Google Travel, Products, YouTube, Maps, Google+, etc.) or content it chooses, as opposed to that favored organically by the public.

Restraint of trade may be different today than in 1911 when the U.S. Supreme Court ordered John Rockefeller’s Standard Oil broken into parts under the Sherman Antitrust Act. Nonetheless the antitrust principle of preventing dominant players from playing unfairly and hurting consumers by driving out legitimate competition is very real for Google’s 2012 business model.

The principle at stake in the FTC case is critical: If you want to do business online, should you be forced to do business with Google?

Companies like Foundem, Nextag, AsktheBuilder.com and Kayak have been threatened with closing because they have fallen on the wrong side of the assumptions in Google’s Search algorithm. The evidence shows that Google increasingly steers consumers to what it determines to be “quality” web sites – aka those that use Google services and support its business model. If you are not on Page One of a Google Search, your business is not alive, even though you may be the business that consumers prefer in the market, just not Google’s “type” of business.

Counterfeit industries and black markets for prescription drugs, predatory loans and entertainment have also profited because Google has turned a blind eye to the source of its massive advertising dollars and, as a result, companies that play by the rules have been hurt. Example: Google paid the US $500 million last year for illegal pharmacy advertising. Copyright and other intellectual property rights held by authors, artists, musicians, journalists and Hollywood are also increasingly thrown to the wind because of Google’s dominance, bias against respecting them and the money to be made from “free” content and pirated products.

Can such a dominant search and content Goliath really provide open access that isn’t biased toward its ownership interests?

Google founders Larry Page and Sergey Brin didn’t think so when they went to Stanford.

“We expect that advertising funded search engines will be inherently biased towards the advertisers and away from the needs of the consumers,” they wrote in Appendix A of their research paper explaining their search technique. “Since it is very difficult even for experts to evaluate search engines, search engine bias is particularly insidious.”

Consumers often don’t know that they are being steered or why, so it takes an engineer to show them. Recently engineers from Twitter, MySpace and Facebook showed that Google’s new social search feature steers users to less relevant and less popular spots, like Google+, to promote Google services, rather than Twitter and other spots with unquestionably more traffic. Google increasingly wants our world to be its world.

The young Google founders argued in their Stanford research paper that launched Google that overt bias won’t be tolerated, but covert steering would be acceptable. “For example, a search engine could add a small factor to search results from friendly companies, and subtract a factor from results from competitors,” they wrote. ” This type of bias is very difficult to detect but could still have a significant effect on the market.”

And this is the most dangerous type of bias in the hands of company as big and controlling as Google.

The European Commission is demanding the Internet giant change its ways or face a formal complaint. The Federal Trade Commission, rumored to be backing away from a staff recommendation in favor of legal action, owes the public a prosecution of Google in order to reveal the evidence it has collected. Help us keep the FTC off the fence – send an email to the Commission today to tell them to file the antitrust lawsuit today!

___________________________________________________________________

Originally posted on November 30th, 2012 on the Hill. Posted by Jamie Court, author of The Progressive’s Guide to Raising Hell and President of Consumer Watchdog, a nonpartisan, nonprofit organization dedicated to providing an effective voice for taxpayers and consumers in an era when special interests dominate public discourse, government and politics. Visit us on Facebook and Twitter.

Google Ruling Shows Need For Do Not Track And Strong Antirust Action

Gavel

A federal judge’s ruling late Friday in a key privacy case demonstrates the need to implement tough “Do Not Track” rules and to take decisive action on the antitrust front against Google.

Judge Susan Illston approved the Federal Trade Commission’s $22.5 million settlement with the Internet giant for hacking past privacy settings on Apple’s Safari browser in U.S. District Court in San Francisco, in a deal that Consumer Watchdog had argued was insufficient in light of Google’s wanton privacy violations.

“The Court also grants additional deference where the decree has been negotiated  by a governmental agency that is an expert in its field,” Judge Illston said in her decision.

I was disappointed with the ruling, but think we made important points that will affect how similar cases are dealt with in the future. Drawing the public’s attention to this case was tremendously important. I’m glad we did it.

Attorney Gary Reback of Carr & Ferrell represented us as an amicus curiae or friend of the court. Frankly, I expected an uphill battle with Google and the FTC aligned against us.  Together the government and Google defended the deal that had been negotiated in secret.

Judge Illston did not surprise when she began the hearing by saying her “preliminary view” was to approve the settlement. We opposed the deal for three basic reasons:

1. The settlement allows Google to deny that it did anything wrong.

2. The $22.5 million fine — a lot for you and me — is insufficient for a company like Google with revenue of $40 billion a year. Really it’s just chump change. Google makes $22.5 million in about five hours. Google was liable for fines totaling $16,0000 per day per violation. If you consider each wrongly placed cookie a violation — and you should — Google quickly reaches a liability in the billions. A fine of that magnitude would have caught Google executives’ attention.

3. The injunctive relief in the settlement is insufficient.  Google is allowed to keep the ill-gotten data it obtained by hacking around the Safari privacy settings, which is the browser used on iPhones and iPads.

Reback made the arguments in two excellent briefs before the hearing. Both are well worth reviewing. The first is particularly valuable for the way it lays out Google’s history of privacy invasions. Read the original amicus brief here and our response brief here.

As the hearing began Judge Illston said there was no need to require Google to admit it did anything wrong. She said she had no problem with the amount of the fine. She did, however, have questions questions about allowing the Internet giant to retain the wrongfully acquired data.

The government and Google’s attorneys tried to make the case that the Google wouldn’t use the information, so keeping it was irrelevant. I thought Reback effectively rebutted their position, but then, you’d expect me to think that.

By the end of the day, though, Judge Illston had ruled against us.  As Reback told The Associated Press’ Mike Liedtke, after the hearing, a consent decree ”is not a good way to police Google,”

What the decision does is allow Google executives  to buy their way out of trouble with what for them is pocket change and then deny doing anything wrong.  As our briefs made clear, Google has demonstrated an ability to out maneuver government regulators repeatedly and ride roughshod over the privacy rights of consumers.  Google continues to be disingenuous about its practices.

That’s why the decision makes two things clear: First, if consumers are to have any privacy at all and be able to control what data is gathered about them, tough Do Not Track rules must be implemented. Second, as we told the FTC last week, the Commission needs to file an antitrust suit against Google and take it to trial in U.S. District Court. The FTC should seek to force Google to divest its Motorola Mobility subsidiary, separate  search from advertising, and undergo the same sort of regulation as a public utility.

The Federal Trade Commission’s role in keeping Google’s abuses in check is essential. The Internet is too important to allow an unregulated monopolist to dominate it.

____________________________________________________________________

Posted by John M. Simpson. John is a leading voice on technological privacy and stem cell research issues. His investigations this year of Google’s online privacy practices and book publishing agreements triggered intense media scrutiny and federal interest in the online giant’s business practices. His critique of patents on human embryonic stem cells has been key to expanding the ability of American scientists to conduct stem cell research. He has ensured that California’s taxpayer-funded stem cell research will lead to broadly accessible and affordable medicine and not just government-subsidized profiteering. Prior to joining Consumer Watchdog in 2005, he was executive editor of Tribune Media Services International, a syndication company. Before that, he was deputy editor of USA Today and editor of its international edition. Simpson taught journalism a Dublin City University in Ireland, and consulted for The Irish Times and The Gleaner in Jamaica. He served as president of the World Editors Forum. He holds a B.A. in philosophy from Harpur College of SUNY Binghamton and was a Gannett Fellow at the Center for Asian and Pacific Studies at the University of Hawaii. He has an M.A. in Communication Management from USC’s Annenberg School for Communication.

Will Google Maps Camera-Equipped Tricycles Take Pictures Of Our Kids Playground?

Google’s grand experiment in photographing the world’s places for Google Maps has taken its “street view” cameras off-road with new hi-tech tricycles equipped with 360 degree view cameras to photograph the back roads, parks, college paths and inner sanctums of our world. The engineer’s latest design raises the question: What will Google be capturing on its back-road tour that people don’t want seen?

Google’s grand experiment in photographing the world’s places for Google Maps has taken its “street view” cameras off-road with new hi-tech tricycles equipped with 360 degree view cameras to photograph the back roads, parks, college paths and inner sanctums of our world. The engineer’s latest design raises the question: What will Google be capturing on its back-road tour that people don’t want seen?

The images are up on Google Maps today and we’ll no doubt soon see how the engineers at Google have opened people’s private lives up to scrutiny they did not invite. All so Google can have better images to sell their advertisers’ products around the world.

WIll Google be adequately blurring the faces of people out of their online photographs?  Go look at this tricycle shot of Legoland (choose “street view”) and see what you think.  Bet those families that day didn’t realize they were being photographed to boost Google’s bottom line. Did these families have a reasonable expectation that their family photo wouldn’t be open to millions of eyes, and used to sell Google advertising services?

Will it be outing college students who don’t want their parents to know what’s in their dorm window, people who don’t want their employers or clients to know what flags they fly or signs they hang on their rural roads, people who built extensions on their home, but didn’t tell the city permitting office? There’s no blurring the identity of people driving certain cars on certain roads near their homes.

I don’t want my kids photographed in a playground, or on a class trip to a park or historical site as Google’s tricycles are rolling through. Google claims it will blur faces, but we’ll just have to see how much it values privacy over its desire to put images of everywhere and everything online for everyone to see, just so that advertisers will pay a bigger price to advertise on those pages.

This is creepy stuff. Let’s hope this is one time the privacy cops at Google were giving clear direction to the engineers. My bet is we’ll be hearing the fallout soon.

More importantly, Google isn’t publishing a newspaper, where photos of people in public places are allowed.  Google is taking pictures to make more money from it’s contextual advertising. Google makes its money one way — advertising.  Our right to privacy shouldn’t be sacrificed so Google can make billions of dollars off images of us and our things.

————

Posted by Jamie Court, author of The Progressive’s Guide to Raising Hell and President of Consumer Watchdog, a nonpartisan, nonprofit organization dedicated to providing an effective voice for taxpayers and consumers in an era when special interests dominate public discourse, government and politics. Visit us on Facebook and Twitter.