Google reaches settlement with FTC in Google Buzz privacy case

via BGR by Todd Haselton on 3/30/11

On Wednesday, the U.S. Federal Trade Commission announced it has reached a settlement with Google over its controversial Google Buzz social network. The FTC charged Google with using “deceptive tactics and [violating] its own privacy promises to consumers” when it launched Google Buzz — its Twitter-like social network — in 2010. The FTC’s proposed settlement will bar Google from “future privacy misrepresentations,” and requires that Google implement a comprehensive privacy program. The FTC has also called for regular, independent privacy audits during the next 20 years. “When companies make privacy pledges, they need to honor them,” said Jon Leibowitz, chairman of the FCC. “This is a tough settlement that ensures that Google will honor its commitments to consumers and build strong privacy protections into all of its operations.” The FTC argued that some Google users who declined to participate in Google Buzz were still enrolled in some features of the service. Similarly, it said that those who did decide to join Google Buzz were often confused on how to control the privacy settings.  This is not the only lawsuit that was brought against Google in relation to its Buzz service. In November 2010 Google was required to create an $8.5 million fund dedicated to “promoting privacy education on the web” as the result of a class action lawsuit.  Hit the jump for the full release. 

FTC Charges Deceptive Privacy Practices in Google’s Rollout of Its Buzz Social Network 

Google Agrees to Implement Comprehensive Privacy Program to Protect Consumer Data

Google Inc. has agreed to settle Federal Trade Commission charges that it used deceptive tactics and violated its own privacy promises to consumers when it launched its social network, Google Buzz, in 2010. The agency alleges the practices violate the FTC Act. The proposed settlement bars the company from future privacy misrepresentations, requires it to implement a comprehensive privacy program, and calls for regular, independent privacy audits for the next 20 years. This is the first time an FTC settlement order has required a company to implement a comprehensive privacy program to protect the privacy of consumers’ information. In addition, this is the first time the FTC has alleged violations of the substantive privacy requirements of the U.S.-EU Safe Harbor Framework, which provides a method for U.S. companies to transfer personal data lawfully from the European Union to the United States. 
“When companies make privacy pledges, they need to honor them,” said Jon Leibowitz, Chairman of the FTC. “This is a tough settlement that ensures that Google will honor its commitments to consumers and build strong privacy protections into all of its operations.” 
According to the FTC complaint, Google launched its Buzz social network through its Gmail web-based email product. Although Google led Gmail users to believe that they could choose whether or not they wanted to join the network, the options for declining or leaving the social network were ineffective. For users who joined the Buzz network, the controls for limiting the sharing of their personal information were confusing and difficult to find, the agency alleged. 
On the day Buzz was launched, Gmail users got a message announcing the new service and were given two options: “Sweet! Check out Buzz,” and “Nah, go to my inbox.” However, the FTC complaint alleged that some Gmail users who clicked on “Nah…” were nonetheless enrolled in certain features of the Google Buzz social network. For those Gmail users who clicked on “Sweet!,” the FTC alleges that they were not adequately informed that the identity of individuals they emailed most frequently would be made public by default. Google also offered a “Turn Off Buzz” option that did not fully remove the user from the social network. 
In response to the Buzz launch, Google received thousands of complaints from consumers who were concerned about public disclosure of their email contacts which included, in some cases, ex-spouses, patients, students, employers, or competitors. According to the FTC complaint, Google made certain changes to the Buzz product in response to those complaints. 
When Google launched Buzz, its privacy policy stated that “When you sign up for a particular service that requires registration, we ask you to provide personal information. If we use this information in a manner different than the purpose for which it was collected, then we will ask for your consent prior to such use.” The FTC complaint charges that Google violated its privacy policies by using information provided for Gmail for another purpose – social networking – without obtaining consumers’ permission in advance. 
The agency also alleges that by offering options like “Nah, go to my inbox,” and “Turn Off Buzz,” Google misrepresented that consumers who clicked on these options would not be enrolled in Buzz. In fact, they were enrolled in certain features of Buzz. 
The complaint further alleges that a screen that asked consumers enrolling in Buzz, “How do you want to appear to others?” indicated that consumers could exercise control over what personal information would be made public. The FTC charged that Google failed to disclose adequately that consumers’ frequent email contacts would become public by default. 
Finally, the agency alleges that Google misrepresented that it was treating personal information from the European Union in accordance with the U.S.-EU Safe Harbor privacy framework. The framework is a voluntary program administered by the U.S. Department of Commerce in consultation with the European Commission. To participate, a company must self-certify annually to the Department of Commerce that it complies with a defined set of privacy principles. The complaint alleges that Google’s assertion that it adhered to the Safe Harbor principles was false because the company failed to give consumers notice and choice before using their information for a purpose different from that for which it was collected. 
The proposed settlement bars Google from misrepresenting the privacy or confidentiality of individuals’ information or misrepresenting compliance with the U.S.-E.U Safe Harbor or other privacy, security, or compliance programs. The settlement requires the company to obtain users’ consent before sharing their information with third parties if Google changes its products or services in a way that results in information sharing that is contrary to any privacy promises made when the user’s information was collected. The settlement further requires Google to establish and maintain a comprehensive privacy program, and it requires that for the next 20 years, the company have audits conducted by independent third parties every two years to assess its privacy and data protection practices. 
Google’s data practices in connection with its launch of Google Buzz were the subject of a complaint filed with the FTC by the Electronic Privacy Information Center shortly after the service was launched. 
The Commission vote to issue the administrative complaint and accept the consent agreement package containing the proposed consent order for public comment was 5-0. Commissioner Rosch concurs with accepting, subject to final approval, the consent order for the purpose of public comment. The reasons for his concurrence are described in a separate Statement. 
The FTC will publish a description of the consent agreement package in the Federal Register shortly. The agreement will be subject to public comment for 30 days, beginning today and continuing through May 1, 2011, after which the Commission will decide whether to make the proposed consent order final. Interested parties can submit written comments electronically or in paper form by following the instructions in the “Invitation To Comment” part of the “Supplementary Information” section. Comments in electronic form should be submitted using the following web link: https://ftcpublic.commentworks.com/ftc/googlebuzz and following the instructions on the web-based form. Comments in paper form should be mailed or delivered to: Federal Trade Commission, Office of the Secretary, Room H-113 (Annex D), 600 Pennsylvania Avenue, N.W., Washington, DC 20580. The FTC is requesting that any comment filed in paper form near the end of the public comment period be sent by courier or overnight service, if possible, because U.S. postal mail in the Washington area and at the Commission is subject to delay due to heightened security precautions. 

NOTE: The Commission issues an administrative complaint when it has “reason to believe” that the law has been or is being violated, and it appears to the Commission that a proceeding is in the public interest. The complaint is not a finding or ruling that the respondent has actually violated the law. A consent agreement is for settlement purposes only and does not constitute an admission by the respondent that the law has been violated. When the Commission issues a consent order on a final basis, it carries the force of law with respect to future actions. Each violation of such an order may result in a civil penalty of up to $16,000. 

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 1,800 civil and criminal law enforcement agencies in the U.S. and abroad. The FTC’s website provides free information on a variety of consumer topics. “Like” the FTC on Facebook and “follow” us on Twitter.
Advertisements

Before You Change your DNS Server, Read this!

Public DNS services, like OpenDNS or Google DNS, may offer more reliable and faster lookups than the DNS server of your ISP but in some cases, you may get much better download speeds if you continue to stick to your ISP’s DNS server. Here’s why.

location of amazon cdn

You know about Content Delivery Networks like Amazon, Akamai, etc. that have data centers located across the globe and they serve content from the one that’s closest to you geographically. A site like Adobe hosts its files on Akamai so when you download that 1 GB Photoshop installer from Adobe.com, the file will be served to you from the Akamai data center that’s nearest to you. 
A CDN uses your computer’s IP Address to determine your current location and then redirects you to the server that’s nearest to you. However, if you use a public DNS service, the CDN may not get to know your accurate location as your IP address is masked by the public DNS Service. The CDN could therefore serve content from a server that’s not closest to you and hence it will take more time to download files. 
A recent story published in The Economist discusses this problem in much greater detail. 

Are CDNs serving you content through the shortest path? 

Considering the fact that all major websites – from Microsoft to CNN to YouTube – use CDNs for delivering content, it is important to know if your are getting served from the nearest located server. How do you find that out? 
Step 1: Download the Dig tool and run it against a domain (like trials.adobe.com). 
C:\labnol>dig trials.adobe.com A trials.adobe.com. 687 IN CNAME trials.adobe.com.edgesuite.net. a1326.g.akamai.net. 20 IN A 203.106.85.127 a1326.g.akamai.net. 20 IN A 203.106.85.40 
Once you have the IP Addresses, you can find the server’s physical location using this online tool. If you are in India and request a file through Adobe (Akamai CDN), it should be served from their data-center in Asia and not the one in North America. 
203.106.85.127 MY Malaysia Simpang Tiga TMnet Telekom Malaysia 203.106.85.40 MY Malaysia Simpang Tiga TMnet Telekom Malaysia 
When I asked OpenDNS about this issue, their representative told me that it is something ‘fixable’ and that they’re working on a solution where the DNS Server itself passes on the client’s location to the CDN. Unless this happens, as Atul Chitnis rightly points out, non-ISP DNS services “kill the benefits of CDNs like Akamai.”
Digital Inspiration @labnol

Amazon Gives You 5 GB of Storage Space for Free

via Digital Inspiration Technology Blog by Amit on 3/29/11

Amazon Cloud Drive

Amazon today unveiled a new storage service called Amazon Cloud Drive that gives you 5 GB of free online storage space to store your documents, photos, music and other files securely in the cloud. All you need is a free Amazon.com account to upload your files which you can then access from anywhere using a web browser. 

Amazon Cloud Drive is purely an online file storage solution and the only client that you can use to upload or download files from your Cloud Drive account is your web browser.
Thus, for example, if you plan to copy your entire My Documents folder from the computer to Amazon’s cloud, you’ll have to upload files manually from the browser, one by one. Or, to save time, you could zip the entire folder into a single file and upload it in one go as Cloud Drive supports files as large as 2 GB in size. (Dropbox has a file size limit of 300 MB). 

Amazon offers a handy desktop client that will scan your hard drive for music related files and will automatically put them to Cloud Drive – you then listen to your music from anywhere using the browser itself without having to download anything to that computer. Other than that, I think the Cloud Drive service is also good for manually backing up some of your really bulky files online – like those Outlook PSTs.

Pricing - Amazon Cloud Drive vs Amazon S3

Amazon S3 vs Amazon Cloud Drive 

There’s however one part about Cloud Drive that has surprised me a bit – the pricing structure. The service internally uses Amazon S3 for storage but if you compare the storage cost of these two services, you’ll find that Amazon S3 is nearly 80% more expensive than Cloud Drive. 

Amazon charges 14¢ per month per GB for S3 which converts to around $1.78 per year (including the 10¢ data transfer fee) while Cloud Drive is available for a flat $1 per GB per year with no transfer-in or transfer-out fees. S3 is one of the popular choices for online backup but going forward, Cloud Drive could be a more cost-efficient option.
Bonus Tip – Upgrade to 20 GB for less than $1 

All Amazon Cloud Drive users get 5 GB of free online storage space or you can pay $20 to upgrade to the 20 GB plan. 

There’s another option as well. Amazon will upgrade your storage to 20 GB if you buy any MP3 Album from them. Now there are quite a few music albums on Amazon.com that are available for less than $1 – buy any one and you’ll be upgraded to 20 GB. 

The only downside is that while Cloud Drive is available to everyone worldwide, Amazon’s music store is only for residents of the United States with a U.S. billing address.

Digital Inspiration @labnol

Motorola ATRIX 4G 4.1.57 update available, no AT&T HSUPA support yet

via BGR by Todd Haselton on 3/28/11

Software version 4.1.57 for the Motorola ATRIX 4G is now available. The 17MB file, issued by Motorola, adds a number of improvements but is not the expected AT&T update that includes HSUPA support. After downloading the update, Motorola says users should notice the following changes: 
  • Bluetooth: Improved multimedia experience with Bluetooth devices as well as the ability to use phone with additional headsets.
  • Fingerprint reader: Improved fingerprint reader performance.
  • Battery: Improved battery performance for longer battery life.
  • Screen: Display will turn off automatically now while charging directly on wall charger.
  • Phone stability: Improved stability resulting in fewer occurrences of touch unresponsiveness and/of programs quitting unexpectedly.
  • Car dock: Improved performance of car dock and 3.5mm jack.
It’s been reported that the update may cause some issues with those who have rooted their phones. ATT has said that the upcoming HSUPA software update, which should ratchet up upload speeds on the ATRIX 4G and Inspire 4G, will land in April. Hit the jump for instructions on installing software version 4.1.57 on your ATRIX 4G. 
[Via Engadget

Which Web Browser Do You Use?

via GeekSugar by GeekSugar on 3/29/11

Last week, Firefox 4 launched with a host of new features and was quickly downloaded by nearly 40 million people and counting. Google’s Chrome browser is only two years old, but is already packing a punch with its helpful shortcuts, plug-ins, and more. Safari and IE are classics, and they come preinstalled on Macs and PCs respectively.
I’ve been a Firefox supporter for years, but as Chrome grows in popularity, so does my use of it. What about you?
Which Web Browser Do You Use?
Google Chrome
Firefox
Safari
Internet Explorer

Tweeting robots easily manipulate puny human social networks

via DVICE Atom Feed by Evan Ackerman on 3/23/11

Tweeting robots easily manipulate puny human social networks

Twitter, which already allows celebrities to communicate what they had for breakfast to an irrationally interested public, is now also a robot testing ground. A research project called Socialbot has recently shown that robots have no trouble creating, or destroying, social network communities with cleverly disguised fake tweets. 

All right, so, full disclosure: I have a Twitter account. I check this Twitter account daily. I occasionally twitter my own tweets (or whatever). And I even read tweets from robots. But I’m pretty sure that none of the people I follow are robots pretending to be humans, which is what happened with the Socialbots project.
Three teams competed to program autonomous pieces of twittering software with the aim of influencing the social connections of as many real humans as possible. It was an actual competition, too, for points, prestige, and eventually 500 bucks. Bots were awarded one point for every follower they got on Twitter, three points for every social response, and the teams stood to lose 15 points if Twitter ever said, “hey, you’re a robot!” and banned their account. 

One team decided to use Amazon’s Mechanical Turk service, which is based on swarms of humans performing simple tasks for dirt cheap. So like, a bot would get a message on Twitter, post that message on Mechanical Turk, and ask (say) 25 different people to respond to it for (say) three cents each. The bot would then pick one response and use it, and there you go, you’ve got clueless humans talking to clueless humans. 

So how well did it work? From the team

Swarms of bots with statistically-predictable social outcomes could be built and used to actively sculpt and rewire the connections of social groups online consisting of thousands (or perhaps hundreds of thousands of users).” 

And that’s pretty much exactly what they’re planning to do next: 

These robot swarms are capable of disconnecting user groups too, so a fun game suggested by the project organizers would be to compete to have the first Twitter robot swarm to (say) effectively disrupt some group of activists. Fun! 

And no, I don’t see any possible way that any of this could possibly go wrong. Why, do you? 

Tim Hwang, via New Scientist

“The bots collectively generated close to 250 responses, and received mutual connections from close to half of the entire target set. [In] two weeks, the bots were able to heavily shape and distort the structure of the network. This included bringing people together not originally connected, and bringing together a community of activity around the bots themselves.

“We’re going to survey and identify two sites of 5,000-person unconnected Twitter communities, and over a six-to-twelve month period use waves of bots to thread and rivet those clusters together into a directly connected social bridge between those two formerly independent groups. The bot-driven social “scaffolding” will then be dropped away, completing the bridge, with swarms of bots being launched to maintain the superstructure as needed.”

Sprint app will lock down your phone while driving

via DVICE Atom Feed by Michael Trei on 3/24/11

Sprint app will lock down your phone while driving

Distracted driving is a serious problem, so lots of people are coming up with ways to stop you from using your phone while driving. The latest is Drive First for Sprint Android phones, which senses when the car is moving and locks down most of phone’s functions. 

Luckily it doesn’t completely disable everything. Up to three apps like GPS for example will still run, and three contacts (read parents) can still reach you while you’re on the move. Other calls and texts will be automatically redirected to voice mail, along with some kind of message about how busy you are driving.
My problem with this approach is how does the phone determine that you’re not riding in the passenger seat, or sitting on a bus? Until they can find a way to figure that out, I think most people will discover that this app is little more than an exercise in frustration. 
Drive First will be available in Q3 for $2 a month. Hey, nobody said being safe would be free.