Google expected to cough measly $22.5m for Safari privacy gaffe

Πηγή: The Register
By Kelly Fiveash
July 10 2012

Google is reportedly set to cough up a piddly penalty payment of $22.5m to the US Federal Trade Commission (FTC) to settle its sneaky bypassing of the default privacy settings of Apple's Safari browser.

It was revealed by the Wall Street Journal in February this year that Google, Vibrant Media Inc, WPP PLC's Media Innovation Group LLC and Gannett Co's PointRoll Inc used code that "tricked" Safari into allowing users to have their online browsing habits tracked.

Apple's browser blocks most tracking by default with exceptions for websites that, for example, require interaction from a user – such as the filling in of an online form. Google claimed at the time that it had "mischaraterised" the code used by the ad companies.

Google later disabled the code, which installed a temporary cookie on the phones or computers of Safari users; the search biz's developers had embedded code into some of its ads that fooled the Apple browser into thinking that a form was being submitted to Google.

The WSJ is now reporting that Mountain View is close to settling with the FTC with a fine said to be the biggest of all time handed down by the regulator to a corporation.

Google offered up a withering statement to The Register that appeared to indicate that it had already accepted defeat.

We cannot comment on any specifics. However we do set the highest standards of privacy and security for our users. The FTC is focused on a 2009 help centre page published more than two years before our consent decree, and a year before Apple changed its cookie-handling policy. We have now changed that page and taken steps to remove the ad cookies, which collected no personal information, from Apple’s browsers.

The consent decree in question is the one the internet giant signed with the FTC in October last year, when Google agreed to be much more up front about its data-handling methods with its customers.

After Google's Buzz privacy howler in 2010, the company is now subjected to biennial audits for the next 20 years.

Google, as part of that agreement, avoided being fined and did not have to admit that its biz practices had been unlawful. However, if that decree has been violated, then the FTC was always clear that a fine would be slapped on Google.

The penalty is calculated based on $16,000 per violation per day and the number of iPad, iPhone and Mac users affected by Google's Safari privacy blunder could run into millions of customers.

However, as noted by the WSJ, Google racks up sales of over $20m roughly every five hours.

Perhaps Google just wants to pay the reported $22.5m fine and get on with fighting competition officials on the other side of the Atlantic. In Brussels, Belgium, the company is still fighting off "abuse of dominance" claims over its share of the search market in Europe.

The company's chairman, Eric Schmidt, sent a letter to the European Commission containing a "proposal" that Google claimed addressed the four areas of concern expressed earlier this year by Euro antitrust commissioner Joaquin Almunia.

The commissioner's office told El Reg this morning that competition officials were still perusing the contents of the letter, which has not been made public by Google.

Meanwhile, Google is undergoing a separate antitrust investigation in the US over claims the company unfairly manipulated results on its search engine to favour its own business.

FTC releases final privacy report, says ‘Do Not Track’ mechanism may be available by end of year

In recent years, lawmakers and advocacy groups have made increased efforts to protects users’ privacy online. Here are some cases that helped stoke the debate about tracking and privacy on the Web.

Πηγή: Washington Post
By Hayley Tsukayama
March 26 2012

The Federal Trade Commission on Monday outlined a framework for how companies should address consumer privacy, pledging that consumers will have “an easy to use and effective” “Do Not Track” option by the end of the year.

The FTC’s report comes a little over a month after the White House released a “privacy bill of rights” that called on companies to be more transparent about privacy and grant consumers greater access to their data but that stopped short of  backing a do not track rule.

The FTC goes further than the White House, saying that the commission will work with industry groups to “complete implementation” of “a Do Not Track”system to give consumers an easy way to stop online tracking.

“Although some companies have excellent privacy and data securities practices, industry as a whole must do better,” the report states.

The agency also called on companies to obtain “affirmative express consent” from consumers before using data collected for a different purpose and encourage Congress to consider baseline privacy legislation and for measures on data security and data brokers.

The FTC also reiterates its prior recommendations that Congress pass legislation to provide consumers with access to the data about them that is held by companies that compile data for marketing purposes.

The 73-page report focuses heavily on mobile data, noting that the “rapid growth of the mobile marketplace” has made it necessary for companies to put limits on data collection, use and disposal. According to a recent report from Nielsen, 43 percent of all U.S. mobile phone subscribers own a smartphone.

The commission called on companies to work to establish industry standards governing the use of mobile data, particularly for data that reveals a users’ location.

Commissioner Thomas Rosch dissented from the other commissioners in a 3-1 vote on the privacy report. Rosch said that while he agrees with much of what the agency released Monday, he disagrees with the commission’s approach to the framework, which focuses more on what consumers may deem “unfair” as opposed to actual deception perpetrated by companies.

“Unfairness is an elastic and elusive concept,” Rosch wrote, saying that it is difficult to determine how consumers feel about privacy.

He also said in his dissent that the recommendations were overly broad and would apply to “most information collection practices.”

“It would install ‘Big Brother’ as the watchdog over these practices not only in the online world but in the offline world,” Rosch wrote of the report.

While the FTC is not a rule-making but an enforcement agency and needs explicit authority from Congress to create new codes, Rosch said he believes that there should be no pretense that the report’s recommendations are “voluntary.”

Many firms, he wrote, may “feel obliged to comply with the ‘best practices’ or face the wrath of ‘the Commission’ or its staff.”

Voluntary guidelines for Web privacy backed by Obama administration

In recent years, lawmakers and advocacy groups have made increased efforts to protects users’ privacy online. Here are some cases that helped stoke the debate about tracking and privacy on the Web.

Πηγή: Washington Post
By Cecilia Kang

Feb 23 2012

The Obama administration on Thursday plans to announce voluntary guidelines for Web companies to protect consumers’ privacy online, a win for Google, Facebook and other Internet giants that have fought against heavier federal mandates.

The White House did not include a much-debated “do not track” rule that would have forced companies to offer users the choice of stopping advertisers from tracking their activities across the Web.

In what it has dubbed the “Consumer Privacy Bill of Rights,” the administration outlined several principles. It said users should have more control over data collected about them and how the information is used; consumers should be able to limit the collection of personal information, especially about children; and users should be able to correct false information about them.

“As the Internet evolves, consumer trust is essential for the continued growth of the digital economy,” Obama said in a statement. “For businesses to succeed online, consumers must feel secure.”

The move by the U.S. government gives Web giants leverage in their negotiations with regulators in Europe, where the companies can now make a stronger case for voluntary rules, analysts say.

The Federal Trade Commission will police companies that agree to the guidelines. The administration said that it will seek legislation to codify the rules and that the Commerce Department will soon bring together companies, consumer groups and academics to come up with more specific codes of conduct.

A recent spate of controversial practices by Web companies have sparked concerns about privacy among state attorneys general, lawmakers and consumer groups.

Google, for instance, announced that it would begin next week to pull data from all of its sites to create profiles of users who have signed into their accounts. The search giant also has been accused of circumventing mobile-device browsers’ privacy protections so that it could track the activities of consumers.

In light of such controversies, privacy groups had urged government officials to adopt the “do not track” mandate, but software developers and advertising firms have decried the technology as expensive and difficult to implement.

In a news briefing Wednesday, White House officials said a consortium of advertisers had come up with anti-tracking software that companies can choose to implement.

“Any ‘do not track’ mechanism needs to be robust and meaningful and cannot be more of the same self-regulatory system,” said Pam Dixon, executive director of consumer group the World Privacy Forum.

The biggest Web firms — including Google, Yahoo!, Microsoft and AOL — are expected to adopt the guidelines and have agreed to implement the “do not track” browser technology, government officials said. Many of those firms say they offer consumers anti-tracking options.

At the same time, the firms have urged government officials to resist legislation that could hamper their ability to tap the lucrative behavioral marketing business.

The White House report doesn’t specifically address privacy on mobile devices — an area that firms are eager to protect from federal regulation. On Thursday, Apple, Google, Amazon and Microsoft agreed to clearly disclose the privacy policies of app developers at their app stores.

The FTC reported last week that Google, Apple and most mobile app developers do not offer any information about how they collect information about users.

Lawmakers target Google over privacy laws

Πηγή: Foxnews
Feb 18 2012

WASHINGTON – Three congressmen on Friday called on the Federal Trade Commission to investigate Google Inc., after The Wall Street Journal reported that the Internet giant was bypassing privacy settings of people who used Apple Inc.'s Web browser on phones and computers.

The lawmakers—Edward J. Markey (D., Mass.), Joe Barton (R., Texas) and Cliff Stearns (R., Fla.)—want to know if Google's behavior "constitutes a violation" of a privacy settlement Google and the Federal Trade Commission signed last year. Breaches of the settlement could bring fines of as much as $16,000 per violation per day.

"The FTC is aware of the situation," an agency spokeswoman said. At least two consumer groups also asked the FTC to investigate Google's behavior, which allowed the company to track Web-browsing habits of people using Safari browser software even if they intended for that kind of monitoring to be blocked.

At the heart of the complaints is the fact that, until recently, a page on Google's site told Safari users they could rely on the browser's settings to prevent tracking by Google. Among other things, the FTC settlement barred the company from misrepresenting its privacy practices to users.

"Google falsely told Safari users that they could control the collection of data…when in fact Google was circumventing the preference," wrote John Simpson, the privacy-project director with the advocacy group Consumer Watchdog. Another advocacy group, the Electronic Privacy Information Center, also made similar charges.

Google said it has stopped its practices and deleted the associated tracking files, after being contacted by the Journal. "We are taking immediate steps to address their concerns," a Google spokesman said of the congressmen's letter.

"We are happy to answer any questions regulators and others may have," the Google spokesman said.

Sen. Jay Rockefeller (D., W.Va.), chairman of the Senate Commerce Committee, said he planned to look into Google's behavior and whether it worked "to circumvent consumer choice."

Google's privacy practices have come under increasing scrutiny in recent months, as it and other technology companies have expanded social-networking and information-sharing services. The companies offer many of those products to people for free and receive income from online advertisements that are customized and targeted based on users' information.

The FTC's settlement with Google came after an investigation into the company's now-defunct Buzz social network. The FTC alleged that Google used "deceptive tactics and violated its own privacy promises to consumers" when it launched Buzz. Google had initially made some Buzz users' contacts automatically visible to others.

Google's latest practices also involve social networking. The company says the technology that resulted in the tracking was intended to help it place social-networking buttons on ads. People could use these buttons to indicate they liked the ad and share that with friends on the Google+ network.

To enable that feature, Google used computer code that bypassed Safari's privacy settings. Safari is the only browser that has a default setting blocking advertisers and other tracking companies from placing small files called "cookies" on users' computers. After Google bypassed the settings, the company's massive advertising network was able to track many users as they browse the Web.

"Google's practices could have a wide, sweeping impact because Safari is a major Web browser used by millions of Americans," the lawmakers said in their letter to the FTC. Safari is the standard browser on Apple's iPhone and iPad devices, as well as on Mac computers.

Facebook settles with FTC over deception charges

This Oct. 11, 2010 file photo, shows the logo of the online network Facebook, recorded in Munich with a magnifying glass of a computer screen of a laptop. Facebook said Tuesday, Nov. 29, 2011, it is settling with the Federal Trade Commission over charges it deceived consumers. The FTC had charged that the social network told people they could keep the information they share private and then allowed for it to be made public. The charges go back to 2009.

Πηγή: AP
By BARBARA ORTUTAY

Nov 29 2011

NEW YORK (AP) -- Facebook is settling with the Federal Trade Commission over charges it deceived consumers with its privacy settings to get people to share more personal information than they originally agreed to.

The FTC had charged that the social network told people they could keep the information they share private, then allowed it to be made public.

The charges go back to at least 2009, when Facebook changed its privacy settings so that information users may have deemed private, such as their list of friends, suddenly became viewable to everyone.

"They didn't warn users that this change was coming, or get their approval in advance," the FTC said.

The FTC said the settlement requires Facebook to get people's approval before changing how it shares their data.

In a blog post, Facebook CEO Mark Zuckerberg said the company has made a "bunch of mistakes." But he adds that this has often overshadowed the good work Facebook has done. He says Facebook has addressed many of the FTC's concerns already.

The settlement is similar to one Google agreed to earlier this year over its Buzz social networking service. Like Google, Facebook has agreed to obtain assessments of its privacy practices by independent, third-party auditors for the next 20 years.

Facebook isn't paying anything to settle the case, though future violations could lead to civil fines.

Zuckerberg said Facebook has created two new executive positions - a chief privacy officer of products and a chief privacy officer of policy as part of its response to the settlement.