Proposed Consent Agreement In the Matter Google, Inc. (Google Buzz), File No. 1023136
To the FTC, I am submitting this comment on the proposed consent order, In the Matter of Google Inc., File No. 1023136, between the FTC and Google. The consent order comes as a result of the complaint filed by the Electronic Privacy Information Center ("EPIC") regarding the privacy breach to Gmail users caused by Google Buzz. The FTC complaint, which draws heavily on the complaint EPIC filed with the agency, alleges that Google employed unfair and deceptive practices when it launched the Google Buzz social networking service. I strongly disagree with the FTC settlement agreement, which applies to all Google products and services, including Gmail and Google Buzz. It bans Google from misrepresenting its privacy policies in the future, requires independent privacy audits every two-years for the next 20 years, and requires that Google institute a comprehensive privacy program to safeguard its users data and personal information. Despite this, I recommend the following: As part of the Comprehensive Privacy Program, the FTC should require Google to: - Encrypt all Gmail to Gmail emails and chats ( not necesarily using open standards like pgp, a private standard , i.e. not released, will be better protected from hackers.) - Not require Google Accounts for Android phones: while many of Androids features are reliant on a Google account, to require one is false practice. While the FTC might not agree on much of Google's practices, one must be reasonable: Google simply cannot spy on all of its users, the deed would be a physical impossibility. Additionally, many of Google's practices have been beneficial to law enforcement, such as data collection.