|Massive Privacy Hole in Google Buzz Found|
| 1:13 am on Feb 13, 2010 (gmt 0)|
FU Google [izurl.com]
I use my private Gmail account to email my boyfriend and my mother.
There’s a BIG drop-off between them and my other “most frequent” contacts.
You know who my third most frequent contact is?
My abusive ex-husband.
My privacy concerns are not trite. They are linked to my actual physical safety, and I will now have to spend the next few days maintaining that safety by continually knocking down followers as they pop up. A few days is how long I expect it will take before you either knock this #*$! off, or I delete every Google account I have ever had and use Bing out of #*$!ing spite.
But what Google viewed as an obvious shortcut stirred up a beehive of angry critics. Many users bristled at what they considered an invasion of privacy, and they faulted the company for failing to ask permission before sharing a person’s Buzz contacts with a broad audience. For the last three days, Google has faced a firestorm of criticism on blogs and Web sites, and it has already been forced to alter some features of the service.
E-mail, it turns out, can hold many secrets, from the names of personal physicians and illicit lovers to the identities of whistle-blowers and antigovernment activists. And Google, so recently a hero to many people for threatening to leave China after hacking attempts against the Gmail accounts of human rights activists, now finds itself being pilloried as a clumsy violator of privacy.
updated: it appears that the first FU google blog post has been retracted.
[edited by: Brett_Tabke at 1:32 pm (utc) on Feb 13, 2010]
| 5:05 am on Feb 13, 2010 (gmt 0)|
It appears Google has responded to this, but the damage has been done from the sounds of it.
| 8:37 am on Feb 13, 2010 (gmt 0)|
It would appear that, as a google user, you're opted in to what ever those phd brains come up with next, like it or not – safe and private or not. This girl was particularly unlucky. This is what it's come down to with google – a spin of the wheel – If you wan't privacy host your own mail, maybe some people don't realise that, maybe a few more cases like this and people will start clocking. You don't get given privacy, you take it. Right or wrong, that is how it is online.
| 2:36 pm on Feb 13, 2010 (gmt 0)|
I hate to say it but I completely agree with iambic9. Excellent way to put it.
Google have been given way too much trust and are now taking way too much. People need to educate themselves to what they are signing up for. There's still no such thing as a free lunch. Somehow, it always costs something.
| 2:40 pm on Feb 13, 2010 (gmt 0)|
|People need to educate themselves to what they are signing up for. |
Don't hold your breath. Have you ever read the fine print on terms and conditions? You need a law degree and two full days to get through it. The fault is with regulators, not Google, as they've failed to protect consumers against Google and others.
| 3:18 pm on Feb 13, 2010 (gmt 0)|
looks like google is putting the squeeze on that blog
| 3:29 pm on Feb 13, 2010 (gmt 0)|
|The fault is with regulators, not Google |
Regulators cannot be held responsible for the total lack of common sense of most people on this planet.
What you want to keep private you keep to yourself. Host it on your own site with your own protection in place. Keep your email on your own domain name. Keep your documents, spreadsheets and anything else on your own computer.
I've never stopped wondering since way back when all this stuff of online storing (whatever it may be) started to take off why on earth anyone would trust an unknown entity (whatever its name) with what is nobody's busy then your own. The mind boggles.
| 4:00 pm on Feb 13, 2010 (gmt 0)|
Why is it the "opt in" vs. "opt out" process seems backward? If you don't want to be flooded with offers by mail, phone, or E-mail, you must "opt out" to not receive them. This seems wrong. It means that many people will inknowingly receive offers/ads/spam/trash that they don't want.
It seems to me it would be much more efficient to have everyone automatically opted out of these things, unless they specifically opt in to receive them. At least then, the people getting this stuff might actually want it, and pay attention to it.
As it is now, it's just a waste of natural resources and everyone's time. I don't think you should ever have to "opt out" of anything. That should be the default. It's the only way to "do no evil."
| 7:01 pm on Feb 13, 2010 (gmt 0)|
The final straw came one day when logging in to sort out a Google Analytics problem for someone, and Google automatically attempting to link that account with the YouTube login that was usually used on that computer by someone else.
| 7:33 pm on Feb 13, 2010 (gmt 0)|
@g1smd Are you serious? That's nuts. Can you share more info?
| 2:50 am on Feb 14, 2010 (gmt 0)|
Google has taken this approach countless times, taken heat over it, reversed its position, and then proceeded to do it again. And again.
As the breadth of their services grow and pervade our daily lives, it is in their best interest to establish a global corporate policy of opt-in or the erosion of trust will eventually bring them down.
| 4:44 am on Feb 14, 2010 (gmt 0)|
We have so many confusions as to what "opt-out" or "opt-in" means... see it all the time in this forum and others. I suggest we get all to revert to the original terms which are "subscribe" or "unsubscribe"... but that ain't going to happen.
Me, I don't google... search engine, gmail, etc. etc. etc.
Read Robert A Heinlein's "Moon is a Harsh Mistress" or Isaac Asimov's Foundation Trilogy, or even Arthur C Clarke's shorts all the way to Rama...
The PC and that is not "politically correct" Personal Computer killed major corporation biz plans for managing all computer technology back in the very early 1980s. IBM, DEC, etc. were very disappointed and spent years trying to reacquire that control... and Google, through a back door, has managed to set sights on that acquisition, and done so with ham-handed "you are subscribed until you unsubscribe and in the meanwhile we get all your stuff" tactics.
Could go into a long rant regarding history repeating itself but won't. Folks my age (61) know the answer, those older have already lived through this and have bunched undies. Sadly, those younger have been taught the nanny state/corporation/phone company knows best.
We live in interesting times.
| 7:11 am on Feb 14, 2010 (gmt 0)|
|We have so many confusions as to what "opt-out" or "opt-in" means |
You are right.
"opt-in" = Actively confirm that you want to use a certain product or service, to become part of a community, or to allow a certain content object created by you to be used by someone else.
"opt-out" = "opt-in" by default, i.e. it is assumed (without active confirmation by you) that you want to use a certain product or service, to become part of a community, or to allow a certain content object created by you to be used by someone else. In order to reverse this assumed choice, you have to actively revoke the assumptions made by the party who opted you in by default.
Google knows very well that -in theory- they have the audience to create stellar products. They have the eyeballs in their search engine and other services. They could put in ads to promote new products and services (and sometimes they do). But they also know that -especially for social networking services- they need to have the critical mass right from the start to overcome the hen-egg problem (users don't sign up because there is no activity; there is no activity because no one signs up).
As noticed elsewhere on this board, I think Google is increasingly desperate to find the next golden goose. This is one more proof.
| 4:55 pm on Feb 16, 2010 (gmt 0)|
auto-opt-in = spam
| 5:00 pm on Feb 16, 2010 (gmt 0)|
|The final straw came one day when logging in to sort out a Google Analytics problem for someone, and Google automatically attempting to link that account with the YouTube login that was usually used on that computer by someone else. |
Yup, similarly, that nightmare has happened to me, too. Google has linked an account that shouldn't be, and I cannot be bothered to go through it with Google. I created brand new accounts on different computers.