Google CEO Larry Page simply doesn’t get it when it comes to privacy concerns about the Internet giant’s new computerized eyewear, Google Glass. He made that crystal clear at the annual shareholders’s meeting Thursday.

I made my annual trek to Mountain View to attend the Internet giant’s shareholder meeting and pose some questions directly to Google’s top executives. I said Glass is one of the most privacy invasive and Orwellian devices ever made because it allows a user to surreptitiously photograph or video us or our kids. “It’s a voyeur’s dream come true,” I said, before noting the hypocrisy in unleashing a device that enables massive violations of everyone else’s privacy, but operating under rules that barred cameras and recording devices from the meeting. Take a look at a video from the meeting.

“Obviously, there are cameras everywhere, ” responded Page. “”People worry about all sorts of things that actually, when we use the product, it is not found to be that big a concern.”

“You don’t collapse in terror that someone might be using Glass in the bathroom just the same as you don’t collapse in terror when someone comes in with a smartphone that might take a picture. It’s not that big a deal. So, I would encourage you all not to create fear and concern about technological change until it’s actually out there and people are using it and they understand the issues.”

Page tried to compare the video cameras on ubiquitous smartphones with Google Glass. That’s exactly the point. There is a huge difference. I don’t collapse in fear that I’ll be videoed in the bathroom by a smartphone camera precisely because it’s obvious that someone is using the camera. I can politely ask them to stop, or escalate my protests as appropriate if necessary. Indeed, consider this satirical video, “Supercharge”, featuring Page and Executive Chairman Eric Schmidt if you don’t understand what I mean. It’s obvious Schmidt is invading the privacy of the gentleman in the next stall. Take a look at the video. You’ll see what I mean.

It doesn’t work that with Glass and that’s what is so creepy. There’s an app that snaps a photo with a wink. People have no idea that they are being photographed or videoed. That’s what people are worried about and they want the ability to delete videos and photos from Google’s database when they discover their privacy has been invaded.
Page says we shouldn’t worry about “technological change until it’s actually out there and people are using it.” He’s wrong. You need to to think about the impact before the technology is implemented. That’s what’s entailed in the concept of privacy by design, something that Google just doesn’t seem to get.

And here’s another point to ponder: As Google was holding its annual meeting, The Washington Post was breaking the details of NSA’s overreaching, intrusive snooping on users of some of the biggest Internet companies including Google with its PRISM program. Can’t you imagine a billion Glass users and a billion winks and the data that would flow to NSA?

Posted by John Simpson, Consumer Watchdog’s Privacy Project. Follow Consumer Watchdog online on Facebook and Twitter.

Consumer groups on both sides of the Atlantic have objected to Google’s proposed European antitrust settlement, which relies heavily on labeling Google’s own services and on showing links to rivals in its search results, Consumer Watchdog said today.

“Consumer welfare is the ultimate test of any antitrust settlement. Google’s proposed Commitments fail to meet this standard,” wrote John M. Simpson, director of the U.S.- based public interest group’s Privacy Project in comments filed with the European Commission’s Directorate-General for Competition. “Labeling does nothing but obscure the results of Google’s anticompetitive abuses. It does not resolve the fundamental issue of search manipulation.”

Simpson continued:

Google has developed a substantial conflict of interest. It no longer has an incentive to steer users to other sites, but rather to its own services. It is becoming even more effective at this and has a greater incentive to engage in manipulation now that it is merging data collected across all its services. The only way to deal with this conflict is to remove it. There needs to be a separation of Google’s different services and assets. At a minimum any remedy must insist that Google use an objective, nondiscriminatory mechanism to rank and display all search results – including links to Google products.

BEUC, The European Consumer Organization stressed the importance of search neutrality in its comments to DG-Comp:

It is important that Google is obliged to use an objective, non-discriminatory mechanism to rank and display all search results, including any links to Google products. We therefore call upon the European Commission to ensure that the non-discrimination principle is the starting point of the remedies.

Read Consumer Watchdog’s comments here (.pdf).

Read BEUC’s Comments here (.pdf).

After more than a year’s antitrust investigation by the European Commission, Google offered changes in its practices that it hopes will answer the Commission’s concern that Google is unlawfully favoring its own services in its search results. Other concerns expressed by the Commission are that Google appropriated content from other websites without permission, forced publishers to obtain most online ad services from Google and hindered advertisers’ ability to transfer campaigns across platforms.

The Commission has been “market testing” – taking comments from competitors and the public – on Google’s proposed deal for the last month. This week the Commission extended the deadline for comments until June 27 and Competition Commissioner Joaquin Almunia said it is likely Google will be asked to do more.

Consumer Watchdog said there are “fundamental flaws” in Google’s proposed Commitments and noted the proposed remedy is based on two principles. First is labeling – Google must identify its own results that it is favoring. Second is the idea of presenting links to rival services.

“Neither of these proposed solutions gets to the heart of the problem. They will not restore a competitive search marketplace that will serve the interests of consumers. Google’s conduct has severely damaged competition, leaving consumers with less choice and facing higher prices,” wrote Simpson. “The Commission must insist on remedies that as much as possible restore the market position of Google’s rivals – one possibility could be requiring the preferencing for some period of time the search result listings of rivals over Google Shopping or Google Places.”

Consumer Watchdog continued:

Ultimately the solution must be based on the non-discrimination principle. Because Google is the gateway to the Internet for so many people, it has an obligation to honor the concept of search neutrality. Google must hold all services – especially its own – to exactly the same standards, using the same web crawling, indexing, ranking, display and penalty algorithms. A demand for this even-handed treatment of all services including Google’s in the display of search results has a precedent in the regulation of Computerized Reservation Systems, which were prevented from favoring the parent air carrier on the system.

Allowing Google to continue promoting its own services and demoting those of rivals, but requiring Google to label its own services does nothing but enshrine the uncompetitive status quo. In fact the results manipulation would continue and labeling could well have the undesired outcome of making Google’s services even more prominent and attractive to consumers. Consumers would have a far less effective choice of other services because these services would be less visible. The Commission must insist on true objectivity and search neutrality in Google’s results.

BEUC’s comments written by Augusta Maciuleviciute, Senior Legal Officer and Konstantinos Rossoglou, Senior Legal Officer, warned that Google’s proposal to offer links to rival services does nothing to stop Google from squeezing out competitors:

On the contrary, Google will now be able to profit not only from the traffic it diverts from competitors, but also from the new possibilities to charge them for the inclusion among the rival links. By requiring Google rivals to pay a price for their links, Google will be granted the right to monetize its anticompetitive behavior. It will have the incentive to provide links to the rivals who pay the most and not those who provide the best or most relevant results according to consumers’ search queries.

Consumer Watchdog said another obvious failure of the proposed settlement is the limited number of Google domains to which the Commitments would apply. The proposal only covers European Economic Area domains such as www.google.at, www.google.be, www.google.cz, etc. Consumer Watchdog noted that the home page of each of these EEA Google search domains has a clear link to www.google.com. “Many Europeans click on this link and use www.google.com for their searches, yet the proposed Commitments do not apply to this important part of Google’s business,” wrote Simpson.

Eight members of Congress have sent a letter to Google CEO Larry Page asking tough and necessary questions about the Internet giant’s new wearable computing device, Google Glass.

The letter from members of the Bipartisan Privacy Caucus, whose Co-chair is conservative Joe Barton, (R-TX), says, “As members of the Congressional Bipartisan Privacy Caucus, we are curious whether this new technology could infringe on the privacy of the average American.”

It’s great to see that in a largely dysfunctional Congress some members can reach across the aisle and demonstrate that privacy is not a partisan issue. Besides Barton others signing the letter are Rep. John Barrow (D-GA), Rep. Steve Chabot (R-OH), Rep. Henry C. “Hank” Johnson Jr. (D-GA), Rep. Walter Jones (R-NC), Rep. Richard Nugent (R-FL), Rep. Bobby Rush (D-IL) and Rep. Loretta Sanchez (D-CA).

The letter also poses several questions intended to make sure consumers’ rights are protected. They include:

• When using Google Glass, is it true that this product would be able to use Facial Recognition Technology to unveil personal information about whomever and even some inanimate objects that the user is viewing? Would a user be able to request such information? Can a non-user or human subject opt out of this collection of personal data? If so, how? If not, why not?
• In Google’s privacy policy, it states that the company “may collect device-specific information (such as your hardware model, operating system version, unique device identifiers, and mobile network information including phone number).” Would Google Glass collect any data about the user without the user’s knowledge and consent? If so, why? If not, please explain.
• Will Google Glass have the capacity to store any data on the device itself? If so, will Google Glass implement some sort of user authentication system to safeguard stored data? If not, why not? If so, please explain.

Read a copy of the Bipartisan Privacy Caucus letter here.

The Representatives want answers to their questions by June 14. I’m betting that Google stalls. Ultimately I think the Representatives will need a Congressional hearing where CEO Page has to answer queries under oath.

As word of the Privacy Caucus’s letter was being reported, Google was holding its annual meeting with developers. Google Glass product director Steve Lee claimed in a “fireside chat” that the Glass team takes privacy seriously.

What a joke! The fact is that Google has become a serial privacy violator. It’s executives just don’t understand what privacy means and there is no reason to expect that they will. For instance, asked about whether Glass will offer facial recognition technology, Lee said, “We’ve definitely experimented with it but it is not in the product today. I can imagine that existing…”

Posted by John M. Simpson, Director of Consumer Watchdog’s Privacy Project. Follow Consumer Watchdog online on Facebook and Twitter.

What a week! Three big victories in California will keep us safer from dangerous doctors, toxic polluters and privacy invasions, but we only got there thanks to your support.

State Senator Curren Price and Assemblyman Richard Gordon proposed yesterday to strip the California Medical Board of its authority over physician discipline. The physician-run Board has let dangerous doctors keep practicing as investigations take years to complete. You joined us, and families who lost loved ones to reckless prescribing, when we called for a transfer of doctor investigations to impartial prosecutors at the Department of Justice.

Senator Price said it all when he told the LA Times he proposed cutting the Board’s power because, “I don’t want anybody else to die.” With your help we’ll keep the pressure on in Sacramento to make this reform a reality.

On Wednesday, the state’s top toxics regulator shut down the state’s largest battery recycler, Exide, for leaking lead, arsenic and other toxins into the surrounding community for more than two decades. The action came only after Consumer Watchdog exposed endemic failures at the Department of Toxic Substances Control to prevent pollution and punish serial polluters in our report, Golden Wasteland. Nevertheless, Californians could be on the hook for millions in clean-up costs because the DTSC never required the company to put money away for cleanup.

Rounding out this week’s trifecta was a rare reversal by Google on the privacy front: The internet giant quietly stopped sharing consumers’ private emails and addresses with app developers that use its Google Play store. The reversal came after a Consumer Watchdog complaint to the Federal Trade Commission and California Attorney General Kamala Harris that Google was not only violating consumers’ privacy, but violating its own agreement with the FTC not to share information without consumers’ permission.

And this breaking news: This morning, the Court of Appeal sided with us to reject Mercury Insurance’s attempt to throw out a case the company has delayed for nearly a decade. The suit would hold Mercury accountable for charging illegal broker fees to consumers. We are fighting that battle on a second front before an administrative judge in San Francisco right now.

So that’s really four big wins this week. Thanks for sharing them with us.
__________________________________________________________________
Posted by Carmen Balber, Executive Director of Consumer Watchdog. Follow Consumer Watchdog on Facebook and on Twitter.

Google apparently is ending an egregious privacy breach involving people who buy apps from its Google Play store using Google Wallet to pay. Consumer Watchdog filed a complaint to the Federal Trade Commission with a copy to California Attorney General Kamala Harris about what Google was doing. The complaint alleged that the Internet giant was violating its privacy policies and its “Buzz” consent agreement with the FTC.

Rep. Hank Johnson, D-GA, also questioned Google about what it was doing. Google was sending to apps developers the name, email address and address of people who bought apps on Google play. It tried to claim that the the information was necessary for the transaction, but that’s clearly not the case when talking about downloading an app from its app store. Neither Apple nor Microsoft provide such personal information about people who buy apps from their stores. Google’s response to Rep. Johnson, confirmed what Google was doing and actually showed it was unnecessary. Consumer Watchdog sent a second letter to the FTC with a copy to California Attorney General Harris when Google answered Rep. Johnson’s letter.

On Tuesday WebProNews and DroidLife reported Google was addressing the concerns on a new Wallet Merchant Center it is rolling out and no longer sending the personal information about apps buyers.

I’m glad the change is coming, but I’ve got questions.

What role did the Federal Trade Commission or the California Attorney General’s office play in this change? Why did Google only act when formal complaints were filed? Will there be fines?

Google has become a serial privacy violator. You’ll remember that new sooner was the ink dry on the “Buzz” consent agreement than it was caught hacking around the privacy settings on the Safari browser used on iPhones, iPads and other Apple devices. It ultimately cost Google a fine of $22.5 million, which is pocket change to a company that has annual revenue of around $50 billion. It’s like giving a $25 parking ticket to a person who makes $50,000 a year.

Google is simply figuring that fines are a cost — and a minor one at that — of doing business. In case you missed it, on Monday Germany hit Google with a $189,225 for the Wi-Spy incident where its Street View Cars sucked up emails, URLs, passwords, account numbers as they snapped photos around the world.

In describing the fine The New York Times‘ Claire Cain Miller wrote:

Regulators in Germany, one of the most privacy-sensitive countries in the world, unleashed their wrath on Google on Monday for scooping up sensitive personal information in the Street View mapping project, and imposed the largest fine ever assessed by European regulators over a privacy violation.

The penalty? $189,225.

Put another way, that’s how much Google made every two minutes last year, or roughly 0.002 percent of its $10.7 billion in net profit.
It is the latest example of regulators’ meager arsenal of fines and punishments for corporations in the wrong. Academics, activists and even regulators themselves say fines that are pocket change for companies do little to deter them from misbehaving again, and are merely baked into the cost of doing business.

The fact Google is changing Google Wallet’s practices makes it clear Google violated the Buzz Agreement. Google claims that it is taking privacy seriously now that it is operating for 20 years under the Buzz Agreement. It isn’t and the regulators aren’t holding Google’s feet to the fire.

The company’s executives need to be held to account in a meaningful way. I’ve always argued the way to get corporate executives’ attention is to hit them with jail time when they flout the law. It’s not going to happen here, but a meaningful fine for the second Buzz violation sure would be nice.

Posted by John M. Simpson, Director of Consumer Watchdog’s Privacy Project. Follow Consumer Watchdog online on Facebook and on Twitter.

Google, the company that makes its money by assembling digital dossiers about its users and selling them to advertisers for the highest bid, reported earnings Thursday. Revenue increased 31 percent to $13.97 billion and net income in the first quarter rose 16 percent to $3.35 billion, or $9.94 a share.

Admittedly as I listened to the earnings call my eyes began to glaze over. CEO Larry Page droned on about how “over the last two years, we’ve worked hard to increase our velocity, improve our execution and focus on the big bets that will make a difference in the world.”

Yada yada..

But when Page turned the call over to Patrick Pichette, Senior Vice President and Chief Financial Officer, for a nitty gritty report on the accounting details something really caught my attention.

Pichette said that in the first quarter of 2013 Google only paid an effective income tax rate of eight percent. I was shocked. I knew that by exotic tax strategies called the “Double Irish” and the “Dutch Sandwich” Google had managed to trim its overall effective tax rate to 22.2 percent in 2009. Now they’ve got it down to 8 percent. If this keeps up, people like you and me will be paying Google when they file their return.
Supposedly the corporate income tax rate in the United States is 35 percent. In the UK, Google’s second largest market it’s 28 percent. No corporation seems to pay that.

Here’s a proposal: Various court decisions have concluded that when it comes to things like the First Amendment, as Mitt Romney famously put it, “Corporations are people, my friend.” Well, OK, let’s tax them just like people.
____________________________________________________________________
Posted by John M. Simpson, Director of Consumer Watchdog’s Privacy Project. Following Consumer Watchdog on Facebook and Twitter.

Details of Google’s proposed settlement with the European Union to avoid antitrust charges have been leaking out of Brussels over the weekend. And while EU competition authorities appear to have accomplished more that the gentle tap on the wrist meted out by the U.S. Federal Trade Commission, the deal as so far revealed doesn’t do enough to end Google’s anti-competitive practices.

The provisions of the EU agreement still have to be publicly released, but based on what’s emerged so far, here’s the good news: Unlike the deal with the FTC, which wasn’t even a consent agreement, the EU is demanding that the settlement would be legally binding for five years. A third party would ensure compliance and Google would face fines of 10 percent of its global annual sales if it fails to keep its promises.
The bad news is that instead of requiring Google to change its algorithm and treat all services the same, the deal will apparently allow Google to continue favoring its own services in search results so long as it labels them as its own.

Google essentially has been using its dominant position as gatekeeper of the Internet to unfairly promote its own service at the expense of competitors and consumers. In Europe it has about 90 percent of the search market. In the U.S. it’s around 70 percent. About all this agreement appears to do is require Google to be transparent about the way it unfairly abuses its market position.

Indeed, labeling could actually leave the impression with some consumers that the Google-branded result was a better one, rather than one that received a better position because Google had its thumb on the scale.

Another problem with the deal is that it doesn’t seem to do anything to rectify the damage to the market that Google has already wreaked. I’d have thought some sort of disgorgement of the Internet giant’s ill-gotten gains would have been appropriate.

The next step in the EU process is for the Google deal to be “market tested.” The competition authorities will make the settlement public and receive comments on whether it solves the problems or not. I suppose it’s possible there may ultimately be stronger sanctions than currently appear to be the case in what’s been leaked or that the authorities will do more after the “market testing,” but frankly I doubt it.

Bottom line: Google has had its wings clipped a little bit. Google will be legally bound to follow labeling rules in Europe for five years and have a third-party enforcer to ensure that happens. It also means that European search results will look different than in the U.S. unless Google decides to take the same approach here or someone forces the company to do so. That could happen. Several state attorneys general led by the Texas attorney general have an open antitrust probe. I’d hope that they would settle for nothing less than what the Europeans got.

And further down the road? Fairsearch Europe has recently filed another antitrust complaint with the EU accusing Google of using Android software “as a deceptive way to build advantages for key Google apps in 70 percent of the smartphones shipped today.” Now that mobile is becoming more important than the wired Internet, Google is flexing its muscles there. The more things change, the more they stay the same…

Posted by John M. Simpson, head of Consumer Watchdog’s Privacy Project. Follow Consumer Watchdog on Facebook and Twitter.

Serial privacy violator Google may face fines in the millions of dollars in Europe as six countries Tuesday opened formal investigations into how Google combined its privacy and data policies last year without bothering to seek users’ consent.

The actions by France, Britain, Germany, the Netherlands, Italy and Spain came as Google refused to make changes in privacy policies requested by a group of European data protection authorities.

For the Internet giant, such fines are rapidly becoming a cost of doing business — and a rather trivial one at that. As the Associated Press pointed out, the French privacy watchdog CNIL can fine a company a maximum of 300,000 euros ($385,000). Based on a projected revenue of $61 billion this year, it earns 300,000 euros in about three minutes. The Brits could impose a fine of up to 500,000 pounds ($750,000).

Maybe with this constant drip, drip of privacy violations Google executives will come to their senses and realize the company runs the risk of losing users’ trust with a seriously negative impact on business.  For now that doesn’t seem to be the case.  “Our privacy policy respects European law and allows us to create simpler, more effective services,” said Google spokesman Al Verney after the investigations were announced.

In other words Google knows what’s right and it’s whatever the company decides to do. After all, their motto is “Don’t be evil,” so how could anything they do be wrong?

Let’s review what’s happened.  A year ago Google announced that it would combine data and privacy policies across its many services.  Google said this would make the user experience simpler and more intuitive.  Google didn’t  point out that it would make the data gathered about users more valuable and fatten its bottom line.  Those digital dossiers it compiles about us is how we are sold to Google’s advertisers.  Remember you’re Google’s product, not it’s customer.

Noting that Google didn’t ask permission before combing users’ information, Europe’s Data Commissioners launched a joint investigation, led by France.  In October they said the new policy is a “high risk” to privacy, but didn’t declare it illegal. They gave Google until February to make changes.  Responding with its usual arrogant manner, Google refused.

“Regulators in six states have begun the process of looking at penalties, and each must now act based on national law,” Isabelle Falque-Pierrotin, CNIL’s president, told Bloomberg News. “We have put in place a countdown for Google now. Promises to change will no longer be enough.”

Technically the six data authorities could block Google from operating in their respective countries, but I doubt that will happen.  I fear this is the most likely outcome: Simply put, Google is arrogant.  They have become a serial privacy violator and see the relatively minuscule fines they have faced as a mere cost of doing business. They violate your privacy, say it was a mistake, claim they care about privacy, occasionally pay a token fine and carry on with business as usual until the next violation when they cycle begins anew.

Maybe the Europeans can break the cycle, but I’m not optimistic

John M. Simpson is director of Consumer Watchdog’s Privacy Project. Follow Consumer Watchdog online on Facebook and Twitter.

Google’s privacy chief, Alma Whitten, is stepping down the Internet giant confirmed Monday. Since word of her departure came out on April Fools’ Day many folks probably thought this was part of the company’s annual elaborate pranks like its “announcement” of a new service called “Google Nose.”

I mean how many of you actually thought Google even had a privacy chief?

Whitten, an engineer based in London (now that’s a location convenient to its Mountain View Headquarters) took the position in 2010 about six months after the Wi-Spy scandal was uncovered and as Google was reaching a consent agreement with the Federal Trade Commission for invading users’ privacy when it launched the ill-fated Buzz social network.

Well, about all that happened on Whitten’s watch was that Google became a confirmed serial privacy violator. No sooner was the ink dry on the Buzz Consent Decree with the FTC, than Google was caught hacking around privacy settings on Apple’s Safari browser, which is on iPads and iPhones, and lying about its practices on the Google website. Google was fined $22.5 million by the FTC, pocket change to the Internet giant.

Also on Whitten’s watch Google was fined $25,000 for obstructing the Federal Communications Commission’s investigation of Wi-Spy and just settled for a paltry $7 million with 38 states attorney general who were investigating. They’ve also got to make a YouTube video telling people how to improve Wi-Fi network security and have a Privacy Day for employees. That’s like asking the fox teach the chickens about how to make the coop safe.

It was also on Whitten’s watch that Google combined its privacy and data collection policies across its services without asking users’ consent first. European data protection officials led by the French are still investigating and action is likely this spring.
Whitten intends to stay on the job through June — not that it makes much difference to users — until her successor Lawrence You takes over.

I guess it makes sense a certain amount of sense that this got announced on April Fools’ Day. Privacy at Google is a joke. Google’s executives view the taps on the wrist the Internet giant has received for privacy violations as nothing more than the cost of doing business.

John M. Simpson is director of Consumer Watchdog’s Privacy Project. Follow Consumer Watchdog online on Facebook and Twitter.

Consumer Watchdog has filed a second complaint asking that the Federal Trade Commission act immediately against Google’s most recent privacy violation – sharing users’ personal information with apps developers — after new information became available in a letter from Google to Rep. Hank Johnson, (D-GA).

We’ve also expressed our concerns again to California Attorney General Kamala Harris.

When we filed our first complaint, we estimated that Google — which has effectively become a serial privacy violator — in ignoring the terms of its so-called “Buzz Consent Order” with the FTC should face penalties that reach into the billions of dollars.

Here is what Google has been doing: They have been sending to app developers personal information about each user who purchased an app from Google, without obtaining the user’s permission. The personal information sent by Google includes the users’ names, certain physical address information and email addresses. Neither Apple nor Microsoft engage in similar conduct when they sell apps through their stores.

Google’s activities caught the eye of Rep. Johnson who wrote the Internet giant a letter asking that Google to explain what was going on. Susan Molinari, chief of Google’s Washington DC lobbying shop, responded.

Rather than justifying its conduct, Google’s argument demonstrated that the company lacks any satisfactory explanation for its practices. Here is part of what I wrote in our second letter to Charles Harwood, Acting Director of the FTC’s Bureau of Consumer Protection:

In its response to Congressman Johnson, Google did not challenge the accuracy of widespread reports that the company routinely discloses confidential information to applicant developers regarding all users who purchase applications from Google. For purposes of evaluating Google’s conduct under the Buzz Consent Order, then, it can be taken as fact that Google engages in this behavior.

Certainly, Google implied in its response that users know or should have assumed that the company would share confidential user identification information with application developers. But that suggestion directly contradicts the privacy representations made by Google to users that users should feel secure because Google will not willy nilly share their information but will only disclose confidential information when “necessary” to process the user’s transaction. More specifically, Google responded to Congressman Johnson as follows:

“Information such as name and email address is necessary for developers to issue refunds, reversals, payment adjustments — all of which developers are responsible for under the Seller Terms of Service — and investigate chargebacks.”

“Refunds, reversals, payment adjustments” are not the transactions at issue in this matter. Rather, Google’s privacy policy misrepresentation goes to the initial user purchase transactions for device applications. As I noted in my earlier letter, developers do not need users’ private information for the initial purchase transactions. They have routinely processed such transactions without using confidential user information. Google never contests this fact in its response to the congressman.

So, let’s assume everything Google says in its letter to Rep. Johnson is true. That means developers only need the users’ confidential information when a request for a refund, reversal or payment adjustment is made. The disclosure exception Google points to in its policy (“necessary to process your transaction”) might justify Google giving confidential information to developers for specific users who request refunds (and the like), but not for every single user who bought an app. It’s clear Google violated its pledge to protect the confidentiality of millions of users who bought applications in good faith reliance on Google’s public statements and who never sought a refund, reversal or payment adjustment.

For what it’s worth the FTC’s Harwood has told me that he referred both of Consumer Watchdog’s formal complaints to the Bureau of Consumer Protection’s Enforcement Division. Meanwhile, Adam Miller, Supervising Deputy Attorney General in the Privacy Enforcement and Protection Unit of the California Attorney General’s office also responded to my earlier letter. He wrote:

“Although our office cannot share any details of any investigation we may pursue, I can assure you that we will look into the concerns raised in your letter to us, as well as your letter to the Federal Trade Commission on the same matter. Should you have any further concerns please contact me at the above telephone number or address.”

Google’s most recent violation of the Buzz Consent Order is a matter of intense concern to Consumer Watchdog, to other privacy advocacy groups, to apps users across the country, and to the press. Although given the opportunity by Congressman Johnson, Google has yet to come up with a credible justification for its inappropriate conduct. In fact the letter to the Congressman simply makes Google’s violations clear. Both the FTC and the California Attorney General need to take strong action against Google.
______________________________________________________________________________________________________
Posted by John M. Simpson. John is a leading voice on technological privacy and stem cell research issues. His investigations this year of Google’s online privacy practices and book publishing agreements triggered intense media scrutiny and federal interest in the online giant’s business practices. His critique of patents on human embryonic stem cells has been key to expanding the ability of American scientists to conduct stem cell research. He has ensured that California’s taxpayer-funded stem cell research will lead to broadly accessible and affordable medicine and not just government-subsidized profiteering. Prior to joining Consumer Watchdog in 2005, he was executive editor of Tribune Media Services International, a syndication company. Before that, he was deputy editor of USA Today and editor of its international edition. Simpson taught journalism a Dublin City University in Ireland, and consulted for The Irish Times and The Gleaner in Jamaica. He served as president of the World Editors Forum. He holds a B.A. in philosophy from Harpur College of SUNY Binghamton and was a Gannett Fellow at the Center for Asian and Pacific Studies at the University of Hawaii. He has an M.A. in Communication Management from USC’s Annenberg School for Communication.