Risk
2/2/2012
11:18 AM
50%
50%

Google Calls Microsoft Privacy Claims 'Myth'

Microsoft attack ad draws quick retort from Google, as controversy over new privacy policies heats up.

12 Epic Tech Fails of 2011
12 Epic Tech Fails of 2011
(click image for larger view and for slideshow)
Hours after Microsoft launched an ad campaign slamming Google's privacy changes as invasive, the search giant hit back, calling Microsoft's charges inaccurate and claiming that it, not Redmond, has the best tools for protecting the confidentiality of Internet users' information.

"A number of myths are being spread about Google's approach to privacy," said Betsy Masiello, Google's manager for public policy, in a blog entry Wednesday. "We just wanted to give you the facts."

Masiello called out Microsoft spokesman Frank Shaw's assertion earlier this week that, "The changes Google announced make it harder, not easier, for people to stay in control of their own information." Not so, said Masiello. "Our privacy controls have not changed. Period," she said.

Masiello took particular issue with Shaw's claim that Microsoft's online services like Bing search and Hotmail e-mail offer superior privacy controls compared to Google search and Gmail.

"Our industry-leading Privacy Dashboard, Ads Preference Manager, and data liberation efforts enable you to understand and control the information we collect and how we use it. And we've simplified our privacy policy to make it easier to understand," said Masiello. "Microsoft has no data liberation effort or Dashboard-like hub for users."

[ Google tweaked its social network rules because of user complaints--but some remain frustrated. Read Google+ Name Policy Leaves Users Unsatisfied. ]

Masiello also dismissed as a "myth" Shaw's charge that Google reads its users e-mails in order to generate data for contextual advertising. "No one reads your e-mail but you. Like most major e-mail providers, our computers scan messages to get rid of spam and malware, as well as show ads that are relevant to you," said Masiello.

Her protests didn't stop Microsoft from taking a fresh shot with a new ad Thursday that bears the title "Email Is Important." The ad, which is slated to run in major newspapers, says that "many Gmail users are increasingly concerned about exactly how their private e-mail information might be used for ads." The spot entices Google users to try Hotmail and Office 365 if they're concerned.

The spat began last week, after a Google exec announced the changes in a blog post. "Our new privacy policy makes clear that, if you're signed in, we may combine information you've provided from one service with information from other services," said Alma Whitten, Google's director of privacy, product, and engineering.

"In short, we'll treat you as a single user across all our products, which will mean a simpler, more intuitive Google experience," said Whitten. Google said the changes would go into effect "in just over a month."

Google's plan has caught the attention of key lawmakers. Reps Ed Markey (D-Mass) and Joe Barton (R-Texas) last week asked the Federal Trade Commission to clarify whether the changes would violate an agreement that Google made with the commission last year to better protect user privacy. The lawmakers want a response from the FTC by Feb. 21.

Please join us on Feb. 15 for the InformationWeek & Dark Reading virtual event Clouds, Outsourcing, And Security Services: Making Providers Part of Your IT Security Strategy. When you attend, you will be able to access live and on-demand webcast presentations as well as virtual booths packed with free resources, and you can also be eligible to win great prizes! (Free registration required.)

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7421
Published: 2015-03-02
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.

CVE-2014-8160
Published: 2015-03-02
net/netfilter/nf_conntrack_proto_generic.c in the Linux kernel before 3.18 generates incorrect conntrack entries during handling of certain iptables rule sets for the SCTP, DCCP, GRE, and UDP-Lite protocols, which allows remote attackers to bypass intended access restrictions via packets with disall...

CVE-2014-9644
Published: 2015-03-02
The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a parenthesized module template expression in the salg_name field, as demonstrated by the vfat(aes) expression, a different vulnerability than CVE-201...

CVE-2015-0239
Published: 2015-03-02
The em_sysenter function in arch/x86/kvm/emulate.c in the Linux kernel before 3.18.5, when the guest OS lacks SYSENTER MSR initialization, allows guest OS users to gain guest OS privileges or cause a denial of service (guest OS crash) by triggering use of a 16-bit code segment for emulation of a SYS...

CVE-2014-8921
Published: 2015-03-01
The IBM Notes Traveler Companion application 1.0 and 1.1 before 201411010515 for Window Phone, as distributed in IBM Notes Traveler 9.0.1, does not properly restrict the number of executions of the automatic configuration option, which makes it easier for remote attackers to capture credentials by c...

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.