Google recently settled with the Federal Trade Commission over charges of “deceptive privacy practices” relating to its controversial social networking “Buzz” feature. Last year, Buzz appeared alongside Google subscribers’ email accounts. Despite Google’s privacy policies that ensured confirmation would be sought before private user information was disseminated, Buzz sparked criticism, because it released private user email contact information without notification. Furthermore, Buzz’s opt out features (“Turn off Buzz”) were ineffective, as users were nonetheless subscribed to certain social networking features. As a result, a complaint was summarily filed with the F.T.C. The settlement between Google and the F.T.C.—first of its kind—requires Google to initiate a “privacy program” under which it must submit to regular privacy audits for 20 years and accept fines for future privacy violations. The F.T.C. hopes that this settlement will serve as an example and lead to the adoption of the practices articulated in it throughout the web to protect users’ privacy.
In a constant push to be competitive with social networking sites like Facebook, however, this settlement likely will not lesson Google’s social networking efforts. In fact, on the same day as it reached this settlement, Google decided to try its hand at expanding its social networking “toolkit” again, releasing “+1,” which is internet slang agreeing with something someone has said. Modeled on the “like” button on Facebook, the +1 feature will allow users who are logged in to click a +1 button next to search results, which will publicly recommend them. Through this mechanism, Google users can not only view how many people liked a link, along with their name and pictures, but also recommend advertisements as well.
This dispute has given rise to privacy concerns by users and the F.T.C. alike. To what extent can social networking information be publicly released? Has privacy taken on new meaning in the context of a more “plugged in” mentality? To what extent is user privacy violated when voluntarily published information in users’ social networking profiles is released publicly? And especially, given the novel nature of the Google settlement, to what extent will social networking sites be liable in the future for privacy violations and what precautions will they have to take to survive “privacy audits”?