EPIC Sues FTC Over Google's Planned Privacy Changes 100
angry tapir writes "The Electronic Privacy Information Center has filed a lawsuit against the U.S. Federal Trade Commission, asking a court to force the agency to take action against Google over planned changes in the company's collection of personal data. EPIC, in briefs filed Wednesday, asked the U.S. District Court for the District of Columbia to require the FTC to enforce a 2011 privacy agreement between the agency and Google over the company's fumbled rollout of its Buzz social networking service."
Re: (Score:2, Insightful)
Re: (Score:2)
Re: (Score:2)
Re: (Score:1)
Wow... awesome thread, tolls gone wild. Good times, bring popcorn.
Re: (Score:1)
'tis an EPIC thread o' trolling.
*Gotta stay on topic... and mix in old timey talk for no good reason.
Oops. Principals and principles tainted. (Score:5, Informative)
Interesting. Marc Rotenberg, President and Executive Director of EPIC served as counsel [wikipedia.org] on the Senate Judiciary Committee to PIPA sponsor Patrick Leahy. The very same unconstitutional PIPA that Google just protested against and helped get shut down with your help and mine.
I don't know about you, but a lawyer at counsel who could advise the Chairman of the Senate Judiciary Committee that he could get away with sponsoring a bill that violates not one, but at least two of our human rights enshrined in the Bill of Rights to suit a tiny minority commercial interest might be a wee bit biased.
Odd coincidence, that he's leading the group now suing Google over something or other. How did they expect us to not know that? Do they not have the Google? Are they living in the 1980's still?
In case you don't remember who Senator Leahy is and how he's working against your free speech and due process rights, here's an article [talkingpointsmemo.com] with interesting links. Being as how you're reading this though, it's unlikely you don't know this.
And here's former Senator and chairman of the Democratic National Committee Chris Dodd saying if the politicians took the graft they oughtta pass this bill (PIPA and SOPA): link [ibtimes.com].
It's called right to have representation (Score:2)
Re: (Score:2)
Re: (Score:2)
Second reply, sorry. That first reply isn't going to get 'er done. Your post presents certain ethical questions that are at the crux of lawyers and the law. No matter how depraved he is, under our system even Josh Powell deserves representation even unto parental visitation. Even if the children recall that he put their mother into the trunk and returned without her. And if that fair protection of his parental rights results in him hatcheting their skulls and immolating them, that's just due process of
Re:Oops. Principals and principles tainted. (Score:5, Informative)
According to that article, Rotenberg served as counsel to Leahy "after graduation from law school". His EPIC biography says he was admitted to the MA bar in 1987 --- so he worked for Leahy around 1987. He co-founded EPIC in 1994.
PIPA was introduced by Leahy in 2011, around 20 years later.
Given everything EPIC has been doing for the last 17 years, it seems more likely (though less "interesting") that Rotenberg didn't like what he saw from his stint with the SJC, and that put him on the alternate path that led to EPIC.
Math is hard, as they say, but valiantly we try.
Re: (Score:2)
"After" is a really stretchy word. It might mean "immediately after briefly" and it might not. Its duration is uncertain too. For all we know he's counsel to Senator Leahy still and that would not break the statement. What "After" says is that he didn't counsel the Senator before he graduated law school - which normally would be a given, since being at counsel to a Senator would normally presume passing the Bar.
I'm Symbolset and words (symbols) are my stock in trade. Words mean things. They also some
Re: (Score:2)
How do you know that Mr. Rotenberg didn't advise Mr. Leahy that PIPA is a really bad idea and why it wouldn't work?
Re: (Score:1)
Re: (Score:2)
This parent AC post is a verbatim copy of an AC post from yesterday. [slashdot.org]
Is this the work of an unimaginative troll, or of a paid advocate?
EPIC (Score:3, Funny)
What on earth... why are all these trolls so angry?
Re: (Score:1)
Re:EPIC (Score:5, Insightful)
Ok, I don't understand. On the one hand, Google is forced to implement a comprehensive privacy program. On the other hand, EPIC complains that Google's new privacy rules are.... too comprehensive? Can someone point me to what is actually changing in the privacy terms that is actually so bad? As far as I can tell, everyone's just complaining that the policies are going to be merged. So instead of having 20 separate privacy policies, now each service is governed by the same. How is that bad?
Just wondering, cuz I seriously don't get the outrage.
Re:EPIC (Score:5, Funny)
Well, IANAL but a priori, it's rather obvious that if you have several privacy policies that aren't exactly the same, then when you replace them all with a single one, you must lose some rights that you had for some services, and possibly gain some other rights that you had for some other services. So you end up with a different mix from what you initially signed up for in a given service. If you were happy with the original policies, you may not like the new ones.
Aw crap! That reads like a lawyer's explanation. When I die, I'll go straight to Hell, and the only computer languages allowed will be Javascript....
Re:EPIC (Score:5, Insightful)
Meanwhile: Facebook changes it's privacy policy for the 20th time since the announcement of google's policy change.
Re: (Score:1)
Facebook didn't run afoul of the government like Google did with Buzz.
The rules change based on what you've done in the past.
Re: (Score:2)
Re: (Score:2)
Mmmm.... I missed how having the consistent privacy policy was evil. Disappointing? Maybe. Frustrating? Possibly. But doing the web equivalent of standing in front of you with a megaphone telling you it's important that you know about and understand the unification of their privacy policy is "evil"?
simple explanation (Score:4, Insightful)
The biggest underlying change, also for businesses, is that in practice Google now reserve the right to have any bit of data they get on you, no matter how, linked to all the other bits of data on you. This applies to both private and business use, or a combination of both. If you think how much google scrapes and logs, they will probably know more about you than your mother, your best friend and your girl/boyfriend combined. Imagine what could happen to your business or personal life if that data got into the hands of a company that actually knows how to mine raw data.... oh wait....
Re: (Score:3)
Yes, a great case, except for the fact that the new policy doesn't apply to them at all [safegov.org].
Re: (Score:2)
As a previous responder indicated, Google didn't violate their contracts with businesses. The implication that they are violating their business agreements is unfounded.
Re:EPIC (Score:4, Informative)
I think the outrage is simple.
Google has a different privacy policy for each of its services, and if it decides it wants to share the data between services, the conflict makes it a legal nightmare.
Unifying the privacy policy - a great idea, because it simplifies life for everyone. However, one of the changes is that Google will also unify your profile data among all services (it could once the new policy was in place, but I believe afterwards, it said it will).
So now everything you've ever done (your youtube, your browsing (double click, google ads, CDN, any site that uses a Google-hosted javascript or something), picasa, your searches) will be available in one, all linked nicely to your details you put on your G+ page. Even what Android or iOS apps you used and how long you used them.
It's like the supermarket cards - all the juicy details of your shopping habits is pure gold to insurance companies.
Basically, you cannot use the Internet without Google - even if you use Bing exclusively, never go to YouTube and other Google projects, there's a ton of other crap hosted by Google that your web experience would suck worse than with NoScript.
If you've put up a carefully written Facebook pages, carefully choose your friends, your real self will be exposed to Google I'm sure employers and marketing ages will be anteing up lots of money to see your real self - what websites you view, what you've searched, what kind of videos you browsed. A veritable gold mine.
Re:EPIC (Score:4, Insightful)
your real self will be exposed to Google I'm sure employers and marketing ages will be anteing up lots of money to see your real self - what websites you view, what you've searched, what kind of videos you browsed. A veritable gold mine.
Please tell me how can I as an hypothetical employer access that information about a person without her or his consent.
Google is fucking scary in how much they know about you, but lets not throw lies with it. They offer no way to access that information unless you're law enforcement. Which, again, is bad enough, but not so bad as you're claiming.
Re: (Score:1)
Please tell me how can I as an hypothetical employer access that information about a person without her or his consent.
They same way employers ALWAYS do, they hand you a consent form, either during the hiring process after you've been given an offer, and often after you have accepted the offer and tendered your resignation to your current employer, or after years of working with no problems your employer hands you a consent form to sign and tells you firmly that your consent to [drug test, background search, cavity search, etc.] is a "condition of your employment and refusal to consent will be grounds for disciplinary actio
Re: (Score:2)
So you're blaming Google for an hypothetical future where they have such a a feature.
Should I judge you too based on things I can imagine you might do in the future?
Re: (Score:2)
They're collecting the data to mine it and assign keywords to your profile based on your interests, when then they use to show ads that were assigned to those same keywords.
Selling that data would undermine their whole business model, because advertisers would stop having to pay again and again to show ads to people.
Yes, the information Google has about people is potentially dangerous, and there's plenty of reasons to avoid giving it to them. But that doesn't mean that making up lies about them is OK.
Re: (Score:2)
Re: (Score:2)
For those who want to work around this:
http://slashdot.org/journal/277383/making-google-keep-to-itself-with-multifox [slashdot.org]
For extra security, use CookieMonster 1x to only temp-allow Google's cookies in the instance used to view Google services, and maybe use a separate proxy for those tabs (although Multifox doesn't allow separate proxies for separate identity windows, so you'll have to use FoxyProxy with per-site rules)
Re: (Score:2)
Basically, you cannot use the Internet without Google - even if you use Bing exclusively, never go to YouTube and other Google projects, there's a ton of other crap hosted by Google that your web experience would suck worse than with NoScript.
Actually I surf quite nicely most of the time as I already block most of Google's data gathering methods and yet, I haven't encountered a website that wouldn't allow me to access it for blocking Google's attempts unlike Facebook. Combine with Ghostery and Noscript along with a pretty comprehensive host file and I'm not giving out as much information as others who simply don't care about the situation.
Re: (Score:1)
There actually are a number of sites out there hitting googleapis.com and googleusercontent.com, so depending on where you go, you can run into trouble. I run into it most on news sites, sometimes when registering for things (many places are using Google's captcha), and once in a while on forums, so it truly does depend on where you're headed as to whether you see it or not.
I find that RequestPolicy for Firefox makes it easy to pick and choose which sites are permitted to talk to Google without needing to
Re:EPIC (Score:4, Insightful)
What on earth... why are all these trolls so angry?
Maybe it is not because Google will combine the privacy policies into a single one, but also all the users data across all its services? [macworld.com]
Perhaps the move will no longer let you share individual services data, like sharing your Google+ data but withhold your Calendar?
If so, would you still be considering trolls the guys at EPIC?
Re: (Score:3, Informative)
How is that a surprise? I thought that was already done. Especially considering you log into the calendar and G+ service with the same username.... again, how is that a friggin surprise, or a problem?
Re: (Score:2)
How is that a surprise? I thought that was already done.
Wow... just wow... I mean: you thought that it was already done and this is reason enough not to come as a surprise for anyone?
Re:EPIC (Score:5, Insightful)
Re: (Score:2)
Re:EPIC (Score:5, Informative)
Yep, that's certainly the idea. Note that most of Google's existing privacy policies already did give them the ability to share user's data across all its services. For example, YouTube already shows videos that your friends share on Google+. The problem was that they were inconsistent. Google cannot currently share data from YouTube with other sites. Their new policy allows them to do that. This is all explained in their letter to U.S. Congress [google.com].
Now what exactly is the problem with this? It seems to me that if Google is going to share my data, there are three sets of people they could share it with:
I see a significant harm if they were to engage in the first two. I don't really have a problem with the third. And this privacy policy specifically prevents them from doing the first two. So what this allows them to do is share my information, from one Google service to another, for the purposes of showing me relevant links and ads. In that case, where is the harm? Further, how am I worse off having, for example, Google search results informed by what YouTube videos I've been watching. It sounds like it could give me more relevant search results.
Further, I would much rather know that anything I upload to any Google service might be used by any other Google service, than have to remember a complex set of rules about which products' privacy policies allow Google to share data with which other products.
What does this mean? What do you mean by "share" in this context? Withhold your Calendar from whom? As far as I am concerned, the only people who have access to my calendar are me and Google's servers. If the Google+ app had access to my calendar (for example, it might show appointments on the side), that doesn't increase the people who have access to my calendar: It's still just me and Google's servers.
Since when did any company give you explicit control over how the data is stored on their servers? With Google's new policy, it is simple: if you use a service, your data for that service will be stored on Google and may be used by any other service within that company (and not sold to third parties). How is that harmful? How is that different to any other company?
Re: (Score:2)
My bad, I missused "share" to mean
1. "harvest/aggregate to sell to 3rd parties"
2 . "share/use your calendar with your social connections just because you have more permissive setting in your Google+" (I don't know if it makes sense, I'm using neither of them).
Clearer?
Re:EPIC (Score:4, Informative)
Okay, so those approximately match my first and second sharing types in my list of three. For #1, they state that they will not do this in the new policy [google.com]:
The "unless" includes a bunch of exceptions, which I don't see as a big deal but you may disagree. In summary, a) if you give them permission, b) if you have a domain administrator (doesn't apply to normal users), c) with a third party affiliate for "processing", which must also agree to the privacy policy (not quite sure what that means), d) if compelled to by a court.
For #2, that isn't what they meant at all by "sharing information between services". It does NOT imply that, for example, your calendar would be randomly shared on Google+. It only means that they will share data with you and you alone, across services (for example, to give you relevant results and ads). If you haven't used Google+, the sharing is very straightforward and very tightly controlled: only things you explicitly post on there get shared, and every time you share something, it explicitly asks that you nominate a group of people or individuals to share it with, and once posted, that group of people cannot be changed.
Re: (Score:2)
c) means that you might, for example, buy something from Google, and they might have to ship it to you. When they put your name on that envelope, they are "sh
Re: (Score:2)
That's a good point. I don't know why you got a score of 0. People see a clause in a contact that they would normally object to, but then they say to themselves "well I'm sure they wouldn't go so far as to do what their contract says they can do." This line of thinking is what gets people "legally" scammed out of hundreds of dollars. Just go to www.ripoffreports.com and read about all the little people who didn't think that such tiny print could have such a big bite.
Re: (Score:2)
you don't have good reading comprehension. They promise not to randomly share SPI (which may not mean you think it means) to random individuals (e.g., making it publicly available) but they can provide it to business partners. The kicker is that your identity is not considered SPI, nor is your location, nor information about your economic or financial situation.
In other words they are planning on doing the largest privacy-removing correlation in history and selling to those that can afford it. I mean, provi
Re: (Score:2)
Thanks, that's a really nice way to start a conversation.
Where are you getting the definition? From the glossary linked to by the privacy policy [google.com], per
So I opt out? Consider Tmo (Score:3, Interesting)
Re: (Score:3)
Re: (Score:2)
You can? The last thing I read in their privacy policy stated you can't opt out of any data sharing between any of the platforms at all.
Re: (Score:3, Insightful)
Re: (Score:1)
Re: (Score:2)
Google search requires cookies now? (Score:2, Interesting)
For privacy reasons I block all cookies with Firefox using Add-on Cookie Monster (Default Action: Rejected) and only allow certain sites for session cookies via Cookie Monster options.
I did not allow any Google cookies until yesterday and Google search worked fine.
But since yesterday, if I search for something, a left mouse click on a result leads to nowhere, or when i "middle" click, to open result in new tab, I get an empty page with a long URL like http://www.google.com/url?sa=t&rct=j&q=reddit
Re: (Score:1)
Google redirect javascript accesses "window.localStorage" without any error-checking.
If Cookie Monster Add-on is used and cookies are disabled, accessing "window.localStorage" causes a "Security Error" in Firefox.
So the Google redirect javascript fails silently.
I have the solution. (Score:1)
If they dont like the policies then they shouldnt use the services. It really is this simple, if you dont like something they dont use it. I cant see how people dont understand this anymore.
"I find that show offensive, Im going to sue so they change it to make it bland and mediocre!", "I dont like that companies policies, Im going to sue them so they make it how I think they should run their company!", "I dont like that persons beliefs, Im going to sue them for not believing what I do!" blah blah blah. If
A slightly different view (Score:4, Interesting)
So, I think by now a lot of good conversations (and a fair bit of trolling!) have been started in this thread about Google, the changes they want to make, etc. I see no reason to add to that.
What I want to know is simpler: How in the world does EPIC feel it has standing to sue the FCC?
It could sue Google, certainly -- probably as EPIC, but if not it could do it as individual users because each of those users can claim to be effected. But that's where their beef is, and that's where any perceived harm is. The FCC's not blocking a company's change doesn't make them liable for it and it certainly doesn't make them the cause of a tort that EPIC can sue to redress. If there is a violation of law or rights, it originates from Google.
The FCC and Google have an agreement and this may well be in violation of it -- but that is between the FCC and Google. The idea that you can sue a government agency to force it to act in the way you want is pretty ludicrous on its face. How far do you think I would get if I sued the Department of Justice for not arresting Chris Dodd over his claims that the MPAA basically owns the congressmen it donates to?
In finest Slashdot tradition, I am not a lawyer -- but I fully expect this lawsuit to be slapped out of court in short order for lack of standing.