The FTC rubber-stamped a settlement with Google yesterday relating to alleged privacy violations from the launch of Buzz — it was originally accepted on March 30th and submitted for public comments before final approval. The settlement requires Google to arrange third-party privacy audits every two years for the next 20 years, in addition to the standard expectations that it should be honest about its privacy compliance and get users' permission to share personal data.
When Buzz launched last year, people were alarmed to find their Gmail contacts and other private information were being shared without their knowledge or consent. Most people didn't use Buzz, but according to the FTC complaint, Google was enrolling users in certain features even if they opted out. People also found the privacy settings difficult to use, and even when they turned Buzz off, they weren't completely removed from the network. Although Google quickly made changes in response to customer complaints, the deceptive practices became the basis for FTC charges that it violated its own privacy promises to customers. "When companies make privacy pledges, they need to honor them," said chairman of the FTC Jon Leibowitz.
This ordeal seems to have effected a positive change — Google's Chris Gaither told Talking Points Memo the company has reformed its approach to privacy, making it a part of the design process rather than an afterthought. That'll be put to the test as the company integrates its new Google+ social network more tightly into all its products — Buzz never recovered from the initial bad press, and is being permanently shut down, with Google+ taking its place.