Read without ads and support Scribd by becoming a Scribd Premium Reader.
See Premium Plans
 
1
Before theFederal Trade CommissionWashington, DC
In the Matter of ))Google, Inc. )) ____________________________________)
Complaint, Request for Investigation, Injunction, and Other Relief 
I.
 
Introduction1.
 
This complaint concerns an attempt by Google, Inc., the provider of a widely used emailservice to convert the private, personal information of Gmail subscribers into publicinformation for the company’s social network service Google Buzz. This change in business practices and service terms violated user privacy expectations, diminished user  privacy, contradicted Google’s own privacy policy, and may have also violated federalwiretap laws. In some instances, there were clear harms to service subscribers. These business practices are Unfair and Deceptive Trade Practices, subject to review by theFederal Trade Commission (the “Commission”) under section 5 of the Federal TradeCommission Act.2.
 
These business practices impact more than 37 million users of Gmail who fall within the jurisdiction of the United States Federal Trade Commission.
1
 3.
 
EPIC urges the Commission to investigate Google, determine the extent of the harm toconsumer privacy and safety, require Google to provide Gmail users with opt-in consentto the Google Buzz service, require Google to give Gmail users meaningful control over  personal information, require Google to provide notice to and request consent fromGmail users before making material changes to their privacy policy in the future, andseek appropriate injunctive and compensatory relief.
1
Erick Schonfeld,
Gmail Nudges Past AOL Email in the U.S. to Take No. 3 Spot 
, TechCrunch (Aug. 14, 2009),http://techcrunch.com/2009/08/14/gmail-nudges-past-aol-email-in-the-us-to-take-no-3-spot/. 
 
2II.
 
Parties4.
 
The Electronic Privacy Information Center (“EPIC”) is a not-for-profit research center  based in Washington, D.C. EPIC focuses on emerging privacy and civil liberties issuesand is a leading consumer advocate before the Federal Trade Commission. Among itsother activities, EPIC first brought the Commission’s attention to the privacy risks of online advertising.
2
In 2004, EPIC filed a complaint with the FTC regarding thedeceptive practices of data broker firm Choicepoint, calling the Commission’s attentionto “data products circumvent[ing] the FCRA, giving businesses, private investigators, andlaw enforcement access to data that previously had been subjected to Fair InformationPractices.”
3
As a result of the EPIC complaint, the FTC fined Choicepoint $15 million.
4
 EPIC initiated the complaint to the FTC regarding Microsoft Passport.
5
The Commissionsubsequently required Microsoft to implement a comprehensive information security program for Passport and similar services.
6
EPIC also filed a complaint with the FTCregarding the marketing of amateur spyware,
7
which resulted in the issuance of a permanent injunction barring sales of CyberSpy’s “stalker spyware,” over-the-counter surveillance technology sold for individuals to spy on other individuals.
8
 
2
 
 In the Matter of DoubleClick 
, Complaint and Request for Injunction, Request for Investigation and for Other Relief, before the Federal Trade Commission (Feb. 10, 2000),
available at 
 http://epic.org/privacy/internet/ftc/DCLK_complaint.pdf.
3
 
 In the Matter of Choicepoint 
, Request for Investigation and for Other Relief, before the Federal Trade Commission(Dec. 16, 2004),
available at 
http://epic.org/privacy/choicepoint/fcraltr12.16.04.html.
4
Federal Trade Commission,
ChoicePoint Settles Data Security Breach Charges; to Pay $10 Million in Civil  Penalties
, $5 Million for Consumer Redress, http://www.ftc.gov/opa/2006/01/choicepoint.shtm (last visited Dec. 13,2009).
5
 
 In the Matter of Microsoft Corporation
, Complaint and Request for Injunction, Request for Investigation and for Other Relief, before the Federal Trade Commission (July 26, 2001),
available at 
 http://epic.org/privacy/consumer/MS_complaint.pdf.
6
 
 In the Matter of Microsoft Corporation
, File No. 012 3240, Docket No. C-4069 (Aug. 2002),
available at 
 http://www.ftc.gov/os/caselist/0123240/0123240.shtm.
See also
Fed. Trade Comm’n, “Microsoft Settles FTCCharges Alleging False Security and Privacy Promises” (Aug. 2002) (“The proposed consent order prohibits anymisrepresentation of information practices in connection with Passport and other similar services. It also requiresMicrosoft to implement and maintain a comprehensive information security program. In addition, Microsoft musthave its security program certified as meeting or exceeding the standards in the consent order by an independent professional every two years.”),
available at 
http://www.ftc.gov/opa/2002/08/microst.shtm.
7
 
 In the Matter of Awarenesstech.com, et al.
, Complaint and Request for Injunction, Request for Investigation andfor Other relief, before the Federal Trade Commission,
available at 
http://epic.org/privacy/dv/spy_software.pdf.
8
FTC v. Cyberspy Software, No. 6:08-cv-1872 (D. Fla. Nov. 6, 2008) (unpublished order),
available at 
 http://ftc.gov/os/caselist/0823160/081106cyberspytro.pdf.
 
35.
 
In March 2009, EPIC urged the FTC to undertake an investigation of Google and cloudcomputing.
9
In that complaint, EPIC specifically warned the FTC that Google had failedto take appropriate steps to safeguard the privacy and security of users. The FTC agreedto review the complaint, stating that it “raises a number of concerns about the privacy andsecurity of information collected from consumers online.”
10
 However, to date, the FTChas announced no formal action in the Google cloud computing matter.6.
 
Google, Inc. was founded in 1998 and is based in Mountain View, California. Google’sheadquarters are located at 1600 Amphitheatre Parkway, Mountain View, CA 94043. Atall times material to this complaint, Google’s course of business, including the acts and practices alleged herein, has been and is in or affecting commerce, as “commerce” isdefined in Section 4 of the Federal Trade Commission Act, 15 U.S.C. § 45.
The Importance of Email Privacy
7.
 
Law, technology, business practice, and custom treat emails and associated informationas fundamentally private.8.
 
While email senders and recipients always have an opportunity to disclose email-relatedinformation to third parties, email service providers have a particular responsibility tosafeguard the personal information that subscribers provide.9.
 
Improper disclosure of even a limited amount of subscriber information by an emailservice provider can be a violation of both state and federal law.10.
 
An attempt by an email service provider to attempt to convert the personal information of all of its customers into a separate service raises far-reaching concerns for subscribersand implicates both consumer and personal privacy interests.
The Release of Google Buzz
11.
 
Google launched Google Buzz on Tuesday, February 9, 2010. Google Buzz is a socialnetworking tool linked to a user’s Gmail email account, where users “start conversationsabout the things you find interesting.”
11
 
9
 
 In the Matter of Google, Inc., and Cloud Computing Services
, Request for Investigation and for Other Relief, before the Federal Trade Commission (Mar. 17, 2009),
available at 
 http://epic.org/privacy/cloudcomputing/google/ftc031709.pdf.
10
Letter from Eileen Harrington, Acting Director of the FTC Bureau of Consumer Protection, to EPIC (Mar. 18,2009),
available at 
http://epic.org/privacy/cloudcomputing/google/031809_ftc_ltr.pdf.
11
Todd Jackson, Google Blog post:
 Introducing Google Buzz 
(Feb. 9, 2010),http://googleblog.blogspot.com/2010/02/introducing-google-buzz.html. 
Search
Search History:
Searching...
Result 00 of 00
00 results for result for
  • p.
    • Notes
    Load more