informa
/
Risk
News

Google Buzz Brings Complaint From Canada

The country's Privacy Commissioner wants Google to explain how its changes to Buzz will address privacy concerns.
On Tuesday, the Electronic Privacy Information Center (EPIC) asked the Federal Trade Commission "to require Google to make the Buzz service fully opt-in, to stop using Gmail users' private address book contacts to compile social networking lists, and to give Google users meaningful control over their personal data."

Google also responded almost immediately to reports of a security flaw in Buzz. A cross-site scripting vulnerability identified on Tuesday was fixed "a few hours after we became aware of it," according to a company spokesperson.

Google, which has repeatedly insisted that it takes privacy very seriously, said over the weekend that it was very sorry about the concern caused by Buzz.

It has reason for regret: Privacy problems continue to blindside the company. Despite earnest attempts to address the issue through, for example, the creation of a privacy Dashboard late last year, the company's commitment to privacy continues to be cast into doubt through missteps like CEO Eric Schmidt's suggestion that "If you have something that you don't want anyone to know, maybe you shouldn't be doing it in the first place."

Even after those remarks were put into their proper context and revealed to be less damning than Google foes claim, the company remains sullied by the mudslinging.

The stain is magnified by the fact that those fighting Google on a different front can point to privacy problems associated with a particular service and use them to justify calls for restrictions elsewhere. A case in point is the Electronic Frontier Foundation, which argued on Tuesday that "Buzz's disastrous product launch highlights the danger posed by [the possibility that Google will make secondary use of Google Books information, if the company's lawsuit settlement is approved]."

In 2004, Microsoft decided to get serious about security in order to save Windows. Though security remains an challenge for Microsoft, its commitment to confronting the issue through its Security Development Lifecycle processes is now widely accepted.

Google, as it embraces social networking, faces a similar decision about privacy.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5