Do no evil? Right

Google fail at privacy again.

Seen via Police State Blog.

Google have been in the news again with violations of their users’ privacy, following the launch of their social networking tool Buzz.

The automated settings which Buzz launched with granted these most frequent contacts access to any content posted to Google Reader. In other words, Google automatically changed the security settings on users’ content, much of which was protected, to include a wider group of people. Without consulting them.

In the wake of the ensuing outcry, Google have swiftly backtracked. Buzz now offers a list of "suggested contacts", and each user has to approve adding them. Which is, of course, what they should have done originally. Because they didn’t, a lot of people have had their privacy invaded by Google’s choices, firstly to automate the ‘followers list’ settings at launch, and secondly to change security settings on content to grant access to the people in those lists.

As if that wasn’t enough, those same followers/following lists (whether generated automatically or configured by you) are publically viewable by default. The privacy failings of Buzz constitute a multi-faceted opt-in/opt-out misjudgement on Google’s part. In order to maximise the take-up of their new service as it launched, Google opted Buzz users in, by default, to:

  • the service,
  • a set of contacts,
  • sharing their contacts publically,
  • sharing content with their contacts,
  • Buzz notifications sent to their Gmail inbox

All these features should have been turned off by default, leaving users to opt-in, instead of requiring people to opt-out after the damage was already done.

Read on for more.

Also featured in The Register here and here.

Wouldn’t trust them as far as I can throw them.

AJ

Advertisements

About Al Jahom
Anti-social malcontent, misanthrope and miserable git.

2 Responses to Do no evil? Right

  1. Ethan says:

    Showing how out of touch I am with you youngsters. But I can’t think of anything more daft than putting every aspect of my private life on the net then bleating cos gasp – people can see it! and someone is using my data.

    Doesn’t this come under the bleedin obvious?

    Facebook, Twitter et al to me sem to be just fodder for scammers of all persuasions eg Nigerian 419 scammers. Or have I missed summat?

    If I never put my real name address or any combination of them on a non banking or commerce site then surely thats got to be safer?
    Plus I shred ALL my correspondence before it gets binned.

  2. Andrew Duffin says:

    Google have form for stuff like this.

    Didn’t the early versions of Chrome “phone home” with some unknown and uncontrollable feedback mechanism? Doesn’t the Google search engine use cookies to trace and record every search you ever make (for advertising, they say, but what when the Government comes calling?)?

    Heaven knows what Chrome-OS will harvest from your laptop, or what they’ll use it for.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: