The Federal Trade Commission
The Federal Trade Commission is an agency that protects consumers from unfair competition within commerce. When the agency has “reason to believe” there has been a violation of the law or a policy, they issue an administrative complaint, and proceeds to file an official complaint. This complaint doesn’t necessarily rule that the concerned actually made the violation. After the respondent is notified of the complaint, they come to a settlement, which also does not count as an admission of guilt. This settlement could be a fine and/ or other requirements put in place to help reduce the likelihood the violation happens again.
Deceptive Tactics
In March of 2011, Google was charged by the Federal Trade Commission for using deceptive tactics, violating the privacy standards they had set in place. In 2010, Google launched a new social network called Google Buzz. This network was launched through the company’s email product, Gmail. When users were notified of this new feature, it seemed as though they had the choice of whether to use the features or not, giving them a click option to ignore or learn more. When users would attempt to unenroll in the features, they found it extremely difficult and confusing to navigate and properly close. Even when the consumers finally found the option to limit the data shared, the website still continued to do so. This became a privacy issue when users started to notice that their most frequent contacts over email were made public. The company didn’t necessarily lie in their claims, but they purposefully misled the consumers and left their claims vague. For the first time, the FTC also alleged that Google violated the privacy requirements of the U.S./ E.U. Safe Harbor Framework. They violated this by failing to notify the consumers or give them a choice about what their information was used for.
Google’s Response
Google began to receive thousands of complaints from their consumers who were upset about their private information being shared without their knowledge. Among the contacts were emails between patients, ex-spouses, professors and students, and employers. This caused Google to release a statement claiming “If we use this information in a manner different than the purpose for which it was collected, then we will ask for your consent prior to such use.” This turned out to be a lie and the company was found using the information for other purposes without consent, once again violating their privacy policy.
The Settlement
Google came to settlement agreement with the FTC, agreeing to follow a number of guidelines in response to their violations. The first prohibited Google from any future misrepresentations of their privacy policy. The next had them execute a comprehensive privacy program for all of their users. Lastly, the FTC required regular privacy audits from a third party for the next 20 years. These were all set in place to ensure that the company would be held accountable for any future infrantions.
Google Violates Again
Google had obviously not learned their lesson, as they were found to have violated their privacy policy again in 2012. They were found to have misrepresented to the consumers that cookies would not be placed in their computers or give the users targeted ads based on their search history. When a user would visit websites within Google’s DoubleClick advertising network, tracking cookies were placed on their computer, even though they were told they would not be. This not only violated privacy terms, but it also violated the agreement the company had come to prior with the FTC. With a new settlement, Google faced a $22.5 million civil penalty, which was the highest amount anybody had been charged for violations. They also required that Google disable any tracking cookies they had originally said they wouldn’t use on user’s computers.
RIT Cyber Security Policy and Law Class Blog 
You must be logged in to post a comment.