Google did not grab “significant” personal details when collecting data from wi-fi networks, according to the UK’s Information Commissioner Office. The finding came after the body reviewed some of the data Google scooped up from unsecured networks.
Read the article: http://gigalaw.com/2010/07/30/u-k-says-google-didnt-collect-significant-data/ (Source: BBC News)
A security researcher released a file containing the names, profile addresses and unique identification numbers of more than 100 million Facebook users. The information was corralled via a public directory Facebook makes available that lists users who are sharing at least some of their profile information with everyone on the Internet.
Read the article: http://gigalaw.com/2010/07/28/data-on-100-million-facebook-users-exposed/ (Source: The New York Times)
After a string of online privacy problems this year, legislators grilled Google Inc., Apple Inc., Facebook and AT&T Inc., seeking assurance that user information will be protected in the future. Senators questioned whether new legislation is needed to protect people’s personal information online during a hearing held by the Senate Commerce Committee.
Read the article: http://gigalaw.com/2010/07/28/senators-press-google-apple-facebook-on-privacy/ (Source: Los Angeles Times)
The agency responsible for protecting consumers in the U.S. says defending the interests of teenagers in the online world presents “unique challenges.” The deputy director of consumer protection at the Federal Trade Commission laid out some of those challenges in testimony before a U.S. Congress subcommittee on consumer protection.
Read the article: http://gigalaw.com/2010/07/18/ftc-official-cites-challenges-in-protecting-teens-online/ (Source: CBC News)
Google broke Australia’s privacy law when it collected private information from wireless networks, the country’s privacy commissioner said, following an investigation into the Internet giant’s “Street View” mapping service. Several other countries are investigating Google over the data collection, and there are growing concerns from regulators and consumer watchdogs worldwide that Google isn’t serious enough about people’s privacy — a charge the company denies.
Read the article: http://gigalaw.com/2010/07/13/google-street-view-illegal-australian-official-says/ (Source: MyBroadband)
Read the article: http://gigalaw.com/2010/07/08/law-firm-working-on-class-action-facebook-privacy-case/ (Source: CNET News)
Data protection officials in Germany announced the launch of a formal investigation into Facebook, saying they believe some of its much-maligned privacy policies are illegal. It’s given Facebook until August 11 to respond formally.
Read the article: http://gigalaw.com/2010/07/07/germany-opens-formal-probe-of-facebooks-privacy/ (Source: CNET News)
Seven Senate leaders urged President Obama to support planned legislation designed to protect critical information technology systems from attacks. In a letter to Obama, the senators said they plan to produce a comprehensive cybersecurity bill, although they did not specify a timeframe.
Read the article: http://gigalaw.com/2010/07/05/senators-urge-obama-to-support-cybersecurity-bill/ (Source: National Journal)
The Internet has made Stuart Lawley a wealthy man. Now he’s poised to make his next fortune selling Internet addresses to pornographers.
Read the article: http://gigalaw.com/2010/07/03/leader-of-xxx-domain-says-it-will-be-very-successful/ (Source: Bloomberg Businessweek)
The company that oversees Web addresses is expected to give the go-ahead for the creation of a .xxx suffix for websites with pornographic content, company officials indicated. The Internet Corporation for Assigned Names and Numbers (ICANN), which oversees the Internet on behalf of the U.S. government, has in the past resisted creating a .xxx generic domain name system akin to those for .com and .net.
Read the article: http://gigalaw.com/2010/06/24/icann-expected-to-approve-xxx-domain/ (Source: Reuters)
Google is "almost certain" to face prosecution for collecting data from unsecured wi-fi networks, according to Privacy International (PI). The search giant has been under scrutiny for collecting wi-fi data as part of its StreetView project. Google has released an independent audit of the rogue code, which it has claimed was included in the StreetView software by mistake. But PI is convinced the audit proves "criminal intent". "The independent audit of the Google system shows that the system used for the wi-fi collection intentionally separated out unencrypted content (payload data) of communications and systematically wrote this data to hard drives. This is equivalent to placing a hard tap and a digital recorder onto a phone wire without consent or authorisation," said PI in a statement. This would put Google at odds with the interception laws of the 30 countries that the system was used in, it added.
"The Germans are almost certain to prosecute. Because there was intent, they have no choice but to prosecute," said Simon Davies, head of PI. In the UK the ICO has said it is reviewing the audit but that for the time being it had no plans to pursue the matter. PI however does intend to take the case to the police. "I don't see any alternative but for us to go to Scotland Yard," said Mr Davies.
The revelation that Google had collected such data led the German Information Commissioner to demand it handed over a hard-disk so it could examine exactly what it had collected. It has not yet received the data and has extended the original deadline for it to be handed over. The Australian police have also been ordered to investigate Google for possible breach of privacy.
According to Google, the code which allowed data to be collected was part of an experimental wi-fi project undertaken by an unnamed engineer to improve location-based services and was never intended to be incorporated in the software for StreetView.
"As we have said before, this was a mistake. The report today confirms that Google did indeed collect and store payload data from unencrypted wi-fi networks, but not from networks that were encrypted. We are continuing to work with the relevant authorities to respond to their questions and concerns," said a Google spokesman.
"This was a failure of communication between and within teams," he added. But PI disputes this explanation. "The idea that this was a work of a lone engineer doesn't add up. This is complex code and it must have been given a budget and been overseen. Google has asserted that all its projects are rigorously checked," said Mr Davies.
"It goes to the heart of a systematic failure of management and of duty of care," he added.
A new poll shows that a large majority of consumers are concerned about being tracked on the Internet and favor a proposal from privacy groups to create a “do not track list.” The survey, commissioned by the tech and telecom industry research group Precursor LLC, found that 81 percent of those polled said they were “somewhat” or “very” concerned about companies tracking their Web surfing habits and using that information for advertising, while 88 percent said it is “unfair” for companies to do such tracking without an Internet user’s permission.
Read the article: http://gigalaw.com/2010/06/08/most-internet-users-worried-about-privacy-poll-shows/ (Source: National Journal)
China will not ease state control over what can be said online and will brook no foreign criticism of its rules, according to a government white paper released after months of wrangling about freedoms for Web users. The 31-page white paper, which called the Internet “a crystallization of human wisdom,” said its usage in the most populous nation on earth was “transforming the pattern of economic development.”
Read the article: http://gigalaw.com/2010/06/08/china-says-it-wont-reduce-internet-restrictions/ (Source: Reuters)
Employees who dabble in social networking both on and off the job could expose their companies to a variety of risks, according to a study released by the ISACA. Malware, brand hijacking, lack of content control, noncompliance with rules over recordkeeping, and unrealistic expectations of Internet performance were the top five social-media risks to businesses identified by the ISACA in its study “Social Media: Business Benefits With Security, Governance and Assurance Perspectives.”
Read the article: http://gigalaw.com/2010/06/08/social-networking-exposes-employers-to-risks-study-says/ (Source: CNET News)
Connecticut’s attorney general is asking Google Inc. whether it collected personal information sent over wireless networks in the state, as a growing privacy controversy involving the Internet giant continues to ripple around the world. Attorney General Richard Blumenthal said his office would determine whether the company violated state privacy laws when Google gathered private data transmitted over unsecured networks used by residents and businesses.
Read the article: http://gigalaw.com/2010/06/07/conn-ag-seeks-answers-from-google-on-wi-fi-privacy/ (Source: The Wall Street Journal)
Lists of Britons who infringe copyright are to be drawn up by the UK’s biggest ISPs, under proposals from the regulator Ofcom. The plan is contained in a draft code of practice it hopes will curb copyright infringement.
Read the article: http://gigalaw.com/2010/05/30/u-k-plan-would-require-isps-to-identify-infringers/ (Source: BBC News)
The FTC is set to host its first workshop on whether to update the rule implementing a law aimed at protecting children’s privacy online. The Children’s Online Privacy Protection Act, which went into effect in 2000, requires Web sites to obtain parental consent before collecting personal information from children under the age of 13.
Read the article: http://gigalaw.com/2010/06/01/ftc-holding-workshop-on-childrens-privacy-protection-act/ (Source: National Journal)
A House of Representatives committee responsible for writing some electronic privacy laws sent a letter to Facebook CEO Mark Zuckerberg asking for details on when the company shared user data “without the knowledge of the account holders.” The letter, written by Democratic chairman John Conyers of Michigan, suggests that the committee will eventually hold hearings on whether the Internet’s second most popular site has — at least in the minds of a handful of politicians — acted responsibly in disclosing its data-sharing practices to its users.
Read the article: http://gigalaw.com/2010/06/01/lawmaker-indicates-facebook-privacy-hearings-likely/ (Source: CNET News)
Australian police have been asked to investigate Internet giant Google over possible breaches of telecommunications privacy laws, the attorney general said. The investigation follows complaints from members of the public about activities of Google employees while taking photographs for Google Maps, the search engine’s maps page.
Read the article: http://gigalaw.com/2010/06/06/australian-police-asked-to-probe-google-on-privacy/ (Source: Reuters)
EU countries can ban online gambling if their aim is to combat fraud, Europe’s highest court said, dealing a blow to the multi-billion euro online betting industry seeking to break domestic monopolies. The European Union Court of Justice issued rulings on two separate challenges involving online gambling in the Netherlands.
Read the article: http://gigalaw.com/2010/06/03/eu-court-says-countries-can-ban-internet-gamblingFacebook, MySpace and several other social-networking sites have been sending data to advertising companies that could be used to find consumers’ names and other personal details, despite promises they don’t share such information without consent. The practice, which most of the companies defended, sent user names or ID numbers tied to personal profiles being viewed when users clicked on ads. Read the article: tp://gigalaw.com/2010/05/20/facebook-myspace-sent-user-data-to-advertising-firms/ (Source: The Wall Street Journal)
Two lawmakers who co-chair the House Privacy Caucus asked the Federal Trade Commission if Google broke the law in collecting WiFi and other Internet data while taking photographs for its Street View product. Reps. Joe Barton, a Republican, and Edward Markey, a Democrat, wrote to the FTC chairman to ask if the agency was looking into the data collection, which Google has said was “a mistake.”
Read the article: http://gigalaw.com/2010/05/19/lawmakers-seek-legal-opinion-on-google-wifi-error/ (Source: Reuters)
Google came under increased pressure in Europe over its collection of private data from unsecured home wireless networks, as a German regulator threatened legal action if the company did not surrender a hard drive for inspection. The German demand underscored the seriousness of the quandary Google now faced following its admission that it had stored the snippets of Web sites and personal e-mail messages from people around the world while compiling its Street View photo archive.
Read the article: http://gigalaw.com/2010/05/18/germany-threatens-legal-action-over-google-street-view/ (Source: The New York Times)
Germany’s consumer protection minister strongly criticized Google for a widespread privacy breach and insisted the U.S. Internet giant must cooperate better with data protection authorities. Google Inc. issued an apology, acknowledging it has been vacuuming up fragments of people’s online activities broadcast over public Wi-Fi networks for the past four years while expanding a mapping feature called “Street View.”
A European data protection group penned a letter to Facebook in which it told the social networking site that its recent privacy changes are “unacceptable”. That Article 29 Working Party, a collection of European data groups, sent letters to 20 social networking sites overall, but singled out Facebook for “fundamentally chang[ing] the default settings on its social-networking platform to the detriment of a user.”
Google has defended its privacy practices following a letter of complaint from data protection commissioners around the world. The original letter expressed concerns on privacy issues surrounding Google's social networking tool Buzz and its Street View service. In response Google said it was "committed to ensuring privacy is designed into our products".
But it admitted that mistakes were made with the launch of Buzz. "We do not get everything 100% right - that is why we acted so quickly on Google Buzz," said the letter, signed by Jane Horvath and Peter Fleischer, global privacy counsel for Google. A spokesman for Google said the letter represented Google's "full response" to the concerns raised by ten privacy commissioners from around the world, including the UK, Canada and France. Google insisted that it had a "core commitment" to privacy.
"We are keenly aware of the trust that our users place in our services, and of our responsibility to protect their privacy. As part of this responsibility, we are committed to being transparent with our users about the information that we collect," the letter read.
"Respecting privacy is a part of every Googler's job," it added.
This respect was not apparent to all users at the launch of its social networking service Buzz. The search giant found itself with a flurry of complaints from users unhappy that their Gmail accounts had automatically been connected to the service without their consent. As the row escalated, Google moved quickly to enable Buzz users to set their own privacy controls. In a subsequent letter from Canada's privacy commissioner Jennifer Stoddart, this prompt response was praised. But the letter also raised concerns about the way Google handled users' privacy.
It was co-signed by Ms Stoddart's counterparts in France, Germany, Ireland, Israel, Italy, the Netherlands, New Zealand, Spain and the UK. It called on Google to collect and process the minimum amount of personal information required for a service, to be clear about how it would be used and to ensure that privacy settings were default and easy to use. It also expressed unease about Street View, Google's street level, 360-degree photographs of areas taken by specially equipped Google vehicles.
In Germany there has been criticism of the Street View service because it has recorded the details of private wi-fi networks. Germany's Federal Commissioner for Data Protection Peter Schaar has complained to Google. A legal claim in February 2009 by a Pittsburgh couple who said that Street View violated their privacy was thrown out by a federal judge.
A coalition that includes firms that compete with Google says a proposed settlement aimed at allowing Google to create an online digital library violates U.S. treaty obligations aimed at protecting intellectual property. The Open Book Alliance, which includes Google rivals Amazon.com, Microsoft and Yahoo as well as some smaller publishers and writers groups, released an analysis of the proposed settlement between Google and the Authors Guild and the Association of American Publishers that claims the deal violates the Berne Convention’s Protection of Literary and Artistic Works as well as the nondiscrimination provision of the World Trade Organization’s agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS).
In a potential blow to Google’s efforts to establish itself as a major player in enterprise software, a leading public university has ended its evaluation of Gmail as the official e-mail program for its 30,000 faculty and staff members — and it’s got some harsh words for the search giant. In a joint letter to employees, University of California-Davis CIO Peter Siegel, Academic Senate IT chair Niels Jensen, and Campus Council IT chair Joe Kiskis said the school decided to end its Gmail pilot, which could have led to campus-wide deployment, because faculty members doubted Google’s ability to keep their correspondences private.
Read the article: http://gigalaw.com/2010/05/05/university-drops-gmail-cites-privacy-concerns/ (Source: InformationWeek)
House Energy and Commerce Communications Subcommittee Chairman Rick Boucher, D-Va., released draft privacy legislation that would require Web sites to provide enhanced notice about how they use consumer information and obtain a user’s consent before collecting sensitive information or sharing data about a consumer with some third parties. In an interview, Boucher said he will use the feedback from the draft to make some possible modifications to the measure.
Read the article: http://gigalaw.com/2010/05/04/lawmaker-releases-draft-of-internet-privacy-bill/ (Source: National Journal)
More than a year in the making, the draft legislation proposes regulating Internet companies' tactics for collecting information about Web visitors and the use of that data for ad targeting. It also could apply to the practices for collecting consumers' information in the offline world.
The proposed legislation comes as the furor over privacy issues related to the Internet grows. Lawmakers and regulators say that most consumers experience a great deal of confusion about what information is collected about them and how it is used. Privacy advocates say such tracking has reached alarming levels.
Meanwhile, Internet and advertising companies say that they are capable of regulating themselves and privacy legislation threatens to stifle the $23 billion Internet-ad market.
Rep. Rick Boucher (D., Va.), along with Rep. Cliff Stearns (R., Fla.), plan to post a draft of the bill on their websites on Tuesday, then solicit feedback for a two-month period. Legislators will then revise the bill for introduction during a House subcommittee hearing. To be sure, the proposal doesn't mean that Congress will pass a law.
Mr. Boucher revealed details of the much-anticipated legislation on Monday during a conference for American Business Media, a trade group of business-to-business publications, said Mark Sableman, a partner at the law firm Thompson Coburn and counsel to American Business Media.
Under the current draft, websites collecting information about their visitors would need to disclose to consumers how that information is collected and used, with whom it is shared and the circumstances under which that sharing takes place, Mr. Sableman said. If consumers decide they don't want their information to be collected or used for those stated purposes, they should be able to opt out directly on the site.
The regulation also lays out a separate set of regulations for outside companies that collect information about consumers on websites and target ads to those consumers on other, unrelated sites.
Consumers would need to grant these third-party companies special permission for their data to be collected. The draft legislation provides some exceptions. The ad company wouldn't need to solicit permission to collect information about consumers if the targeted ad includes a link that explains which company was involved in making the ad appear, shows consumers what information is collected about them and gives them the chance to opt out.
The draft also includes special restrictions for the collection of sensitive information, including financial information, medical history, government identifiers such as drivers' license and Social Security cards and information about children or adolescents.
The legislation would grant authority to the Federal Trade Commission to endorse the provisions of the bill.
"We haven't seen the bill, but protecting privacy is a priority for the FTC, as it is to Congressman Boucher, and we're eager to work with Congress as it crafts legislation to address privacy concerns," FTC Chairman Jon Leibowitz said in a statement.
"Although I do not support all of the provisions in the draft, I look forward to getting back comments to improve the bill and then hopefully advance it through the committee process," Rep. Stearns said in a statement, noting that it was premature for him to comment on the legislation as it has yet to be made public. He said that the bill is based on earlier privacy legislation that he developed in 2005.
