Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

EPIC sues FTC over Google's planned privacy changes

The privacy advocate asks the court to require the FTC to enforce a 2011 privacy agreement with Google

The Electronic Privacy Information Center has filed a lawsuit against the U.S. Federal Trade Commission, asking a court to force the agency to take action against Google over planned changes in the company's collection of personal data.

EPIC, in briefs filed Wednesday, asked the U.S. District Court for the District of Columbia to require the FTC to enforce a 2011 privacy agreement between the agency and Google over the company's fumbled rollout of its Buzz social networking service.

Google's January announcement that it would consolidate user data over 60 of its services is a "clear violation" of that privacy agreement, EPIC said in court papers. Google has announced it will roll out the changes to its terms of service on March 1.

The FTC has not acted to block Google from making the changes, "placing the privacy interests of literally hundreds of millions of Internet users at grave risk," EPIC's lawyers wrote in court papers. "The FTC is required to enforce the consent order. But the commission has failed to do so."

The agreement between the FTC and Google required the company to implement a comprehensive privacy program and requires independent privacy audits for the next 20 years. The settlement also required Google to review the privacy implications of its current and future products.

"At a minimum, a comprehensive privacy program required by the consent order, which arose from the company's attempt to combine user data from two discrete services, cannot permit the company to now engage in the same prohibited practice," EPIC's lawyers wrote.

EPIC is seeking a temporary restraining order and preliminary injunction requiring the FTC to enforce the 2011 privacy order.

The changes to Google's privacy practices will give advertisers new insights into Google users, EPIC said in a court brief.

The changes "will make it possible for advertisers to gain access to personal information which was previously unavailable to them," EPIC said in a court brief. "Google ads are targeted to individual users based on information Google gathers about individual users."

The FTC said it closely monitors its consent agreements with companies. "The FTC takes compliance with our consent orders very seriously and always looks carefully at any evidence that they are being violated," the agency said in a statement.

Google takes privacy "very seriously," a spokesman for the company said. "We're happy to engage in constructive conversations about our updated privacy policy but EPIC is wrong on the facts and the law," the company said in a statement.

Google has undertaken "the most extensive notification effort" in the company's history to notify users about the upcoming changes, the statement said. "We're keeping your private information private -- we're not changing how any personal information is shared outside of Google."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Electronic Privacy Information Center, Federal Trade Commission, FTC, Google, IDG
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Civil lawsuits, Electronic Privacy Information Center, Google, internet, Internet-based applications and services, legal, privacy, search engines, security, social networking, U.S. District Court for the District of Columbia, U.S. Federal Trade Commission
Latest Blog Posts
Whitepapers
  • Spear Phishing Attacks - Why they are successful and how to stop them
    There's been a rapid shift from broad, scattershot attacks to advanced target attacks that have had serious consequences for victim organisations. The increased use of spear phishing is directly related to the fact that it works, as traditional security defences simply do not stop these types of attacks. This paper provides a detailed look at how spear phishing is used within advanced attacks and the key capabilities organisations need in order to effectively combat these emerging and evolving threats.
    Learn more »
  • Virtual Certainty - Best Practices for Gaining Monitoring Clarity in VMware Environments
    The benefits of virtualisation are unassailable: increased agility, scale, and cost savings to name but a few. However, so too are the monitoring challenges posed by these environments—including complexity, lack of visibility and control, and inefficiency. This white paper reveals the best monitoring practices to employ in virtualized environments—best practices that are essential in enabling organizations to overcome their monitoring challenges so they can get the most business value from their virtualisation investments.
    Learn more »
  • Top 5 Myths of Safe Web Browsing
    There are a lot of misconceptions out there about safe web browsing. You might think you're being safe. But without the facts it’s next to impossible to stay protected against today’s changing threats. In this paper we describe the top five myths of safe web browsing, what the facts really are, and what you can do to stay secure.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.