Wed02222012
Last update11:00:00 PM GMT
If you are potentially interested in serving as a teacher’s assistant in a Mises Academy course (either a current or future course) in exchange for free enrollment in the course plus a $50 Mises Store coupon, join the new Mises TA Google Group!
Join the discussion and post a comment
Related posts:
The Federal Trade Commission took another step forward today in making itself the de facto regulator of the Internet. The FTC announced an order against Google, addressing charges that the recent launch of Google Buzz, a free social networking application tied to the company’s free Gmail service, failed to adequately protect user privacy. In a lengthy statement, the Commission explained that some consumers were confused by Google’s “opt-in” provisions for Google Buzz. Although the FTC acknowledges Google made changes to its Buzz service in response to those complaints, the Commission claims it must impose substantial, ad hoc mandates on the company to prevent a future recurrence.
Although the FTC has no statutory authority to regulate free Internet services, the Commission asserted such authority earlier this year when it imposed similar “privacy” mandates on Twitter. The Twitter and Google orders both place the FTC in charge of monitoring the companies’ “privacy and data protection practices” until the year 2031.
Commissioner John Thomas Rosch issued a statement concurring with the Commission’s Google order, yet expressing reservations about the underlying motives of both his fellow commissioners and Google, which agreed to the order:
[T]he crux of the violation alleged in the [FTC's] Complaint is that Google represented in its general “Privacy Policy” that “When you sign up for a particular service that requires registration, we ask you to provide personal information. If we use this information in a manner different from the purpose for which it was collected, then we will ask for your consent prior to such use.” However, when Google initiated its social networking service (“Google Buzz”) it used personal information previously collected for other purposes without asking for users’ consent prior to this use. Part II of the proposed consent order prohibits Google, without prior “express affirmative consent” (an “opt-in” requirement) from engaging in any “new or additional sharing” of previously collected personal information “with any third party” that results from “any change, addition, or enhancement” to any Google product or service.
First, Google did not represent in its general “Privacy Policy” (or otherwise, according to the Complaint) that the “consent” it would seek would require consumers to “opt in” as required by Part II. Indeed, the Complaint does not allege that Google ever asked consumers to signify their “consent” by “opting in” (as opposed to “opting out”). To be sure, insofar as Google did not seek “consent” at all, its representation in its general “Privacy Policy” was deceptive in violation of Section 5. But the “opt in” requirement in Part II is seemingly brand new. It does not echo what Google promised to do at the outset. In the separate Statement that I issued when the staff issued its preliminary Privacy Report, I expressed concern about whether an “opt in” requirement in these circumstances might sometimes be contrary to the public interest. Then, as now, I was concerned that it might be used as leverage in consent negotiations with other competitors.
Second, Part II of the proposed consent order applies whenever Google engages in any “new or additional sharing” of previously collected personal information “with any third party” for the next twenty years, not just any “material” new or additional sharing of that information. Because internet business models (and technology) change so rapidly, Google (and its competitors) are bound to engage in “new or additional” sharing of previously collected information with third parties during that period. That means that Part II is certain to apply (and with some frequency) during that period as long as Google does not warn users or consumers in its “general Privacy Policy” that it may engage in such sharing in the future.
Third, Part II applies not just to Google’s social networking services or products, but to every single Google service or product that undergoes some “change, addition, or enhancement” (terms that are not defined in Part II) that results from the sharing of certain information. As a practical matter, this means that Google is at risk that Part II will apply across the board to every existing product or service that Google offers, including any product or service that involves the tracking and sharing of identified Google users’ browsing behavior.
In short, on the face of it, Part II seems to be contrary to Google’s self-interest. I therefore ask myself if Google willingly agreed to it, and if so, why it did so. Surely it did not do so simply to save itself litigation expense. But did it do so because it was being challenged by other government agencies and it wanted to “get the Commission off its back”? Or did it do so in hopes that Part II would be used as leverage in future government challenges to the practices of its competitors? In my judgment, neither of the latter explanations is consistent with the public interest.
I suspect it’s latter of the latter explanations. Google decided that, rather than invest its ample resources in helping to preserve a free Internet and boost the free market overall by working against the FTC, it was more politically advantageous to build an alliance with the agency. Rosch knows what he’s talking about. The order now gives the FTC and Google “leverage” to force competing firms to obey the same rules and mandates imposed by this order. Which gives the FTC enormous power to shape the Internet going forward. All without having to litigate a single case or ask those pesky congressmen for permission.
Join the discussion and post a comment
Related posts:
