Proposed Consent Agreement In the Matter Google, Inc. (Google Buzz), File No. 1023136 #00163 

Submission Number:
Paymanah Maghsoudi
California Library Association
Initiative Name:
Proposed Consent Agreement In the Matter Google, Inc. (Google Buzz), File No. 1023136
Federal Trade Commission Office of the Secretary, Room H-113 (Annex D) 600 Pennsylvania Avenue, NW Washington, DC 20580 Re: Google Buzz, File No.1023136 Commissioners and Staff: The California Library Association (CLA) strongly supports the FTC settlement agreement that applies to all Google products and services, especially Google Books, Google Scholar and Google Search. This settlement bans Google from misrepresenting its privacy policies in the future, requires independent privacy audits every two years for the next 20 years and requires Google to develop a comprehensive privacy program to safeguard its users' data and personal information. The California Library Association (CLA) submits this comment on the proposed consent order, In the Matter of Google Inc., File No.1023136, between the FTC and Google. The consent order comes as a result of the complaint filed by the Electronic Privacy Information Center ("EPIC") regarding the privacy breach to Gmail users caused by Google Buzz. The FTC complaint alleges that Google employed unfair and deceptive practices when it launched the Google Buzz social networking service. CLA has a specific interest in the settlement as it pertains to the rights of individuals to read anonymously. Reader privacy is a critical component of intellectual freedom. In our experience, readers who read books, journal articles and other sites relevant to their research have a reasonable expectation of privacy, indeed, they believe they are anonymous. They are entitled to know what information about them is collected, retained and how it is used. They should not be deceived by unfair and secretive practices that track their Internet use. As part of the Comprehensive Privacy Program, the FTC should require Google to: ?Provide "opt-in" permission from users before collecting their data ?Not share data about users of its Books and Reader products ?Limit data retention to the minimum time necessary (we would recommend 24 hours) ?Establish and publicize user privacy provisions for Google Books ?Build privacy protections into all new and existing products ?Treat IP addresses as personally identifiable: they should be deleted on a daily basis ?Routinely encrypt all current and future cloud-based services (Gmail, Docs, et. al.) ?Allow users to use Google services anonymously ?Be transparent about what data it collects on users ?Allow users to control the information Google collects and keeps on them ?Encrypt all Gmail to Gmail emails and chats using open standards like PGP ?Refrain from offering facial recognition services ?Stop behavioral profiling of Internet users ?Limit Google's use of a web site's Analytics data ?Require a warrant before disclosing user data to law enforcement ?Not require Google accounts for Android phones ?Not track Android (or future mobile OS-systems) users without explicit permission We strongly believe that these same requirements should apply to Google's competitors as well. Thank you for the opportunity to comment on this historic settlement. We hope it will send a strong message to all online companies about the importance of their privacy policies. We hope your work will also help provide a framework for legislative debate about online privacy bills. Very truly yours, Paymaneh Maghsoudi President, California Library Association The California Library Association was established in 1895 and currently has 3,000 members consisting of librarians, library employees, library students, friends groups and trustees, businesses, institutions, and members of the general public.