Google is in hot water once again after application developers have discovered that the Silicon Valley giant is sharing its users' personal information without obtaining their consent.
Non-profit advocacy group Consumer Watchdog has sent a letter to the United States Federal Trade Commission that implores for the FTC’s Bureau of Consumer Protection to intervene in the latest goof-up courtesy of Google.
According to watchdog group, Google could be forced to pay over billions of dollars in penalties after violating its own privacy promises yet again.
"Google has become a serial privacy abuser and the FTC must change its tactics to curb the Internet giant's abuses,” John M. Simpson of Consumer Watchdog’s Privacy Project said at a news conference held this week to discuss the group’s complaint. “Google's wanton disregard for its obligations under the law demonstrate the need for meaningful penalties – in this case a fine in the billions of dollars.”
Consumer Watchdog’s call for action was made after news circulated that the programmers responsible for applications sold through Google’s online store are provided with the detailed personal information pertaining to customers who’ve made purchases, despite no warning being given.
“If you bought the app on Google Play (even if you cancelled the order) I have your email address, your suburb, and in many instances your full name,” Australian app developer Dan Nolan warns on his personal blog. “Let me make this crystal clear: every App purchase you make on Google Play gives the developer your name, suburb and email address with no indication that this information is actually being transferred,” he says.
In an issue that’s echoed in the Consumer Watchdog letter, Nolan says that letting developers have unfettered access to this information could pose quite a few problems for the consumers, not to mention the Silicon Valley company that is quickly finding itself entangled in yet another privacy snafu.
“With the information I have available to me through the checkout portal I could track down and harass users who left negative reviews or refunded the app purchase,” he says. Additionally, the letter from the Consumer Watchdog warns, “Google Play apps deal with sensitive personal subjects, including health conditions and sexual activity. By disclosing personal user information to app developers, Google enables the identification of people” who downloaded personal content.
“The problems on Android of app permissions (and subsequent potential for malware aside) is one of active negative behavior on the part of an app developer. This isn’t. This is a massive oversight by Google. Under no circumstances should I be able to get the information of the people who are buying my apps unless they opt into it and it’s made crystal clear to them that I’m getting this information. This is a massive, massive privacy issue Google. Fix it. Immediately,” urges Nolan.
In his letter to the FTC, Consumer Watchdog’s Mr. Simpson says the latest discovery is “to no one’s surprise.” Google has violated a court order yet again, he says, “and this time in a most substantive and egregious manner.”
Ben Edelman, an associate professor at Harvard Business School, tells the Guardian that the latest screw-up from Google isn’t going to set well with the company. "Google's prior privacy blunders have put [it] under higher scrutiny," he says, noting that the company agreed in March 2011 to a 20-year consent order with the FTC. That contract was inked after a highly-publicized incident in which Google collected personal data from users and imported it into its failed “Buzz” social networking platform. After Google agreed to implement a comprehensive privacy program to protect consumer information in response, FCT Chairman Jon Leibowitz said, “This is a tough settlement that ensures that Google will honor its commitments to consumers and build strong privacy protections into all of its operations."
Then in August, the company was fined $22.5 million for finding a work-around that let them spy on the browsing histories of mobile clients.
“This represents the fifth significant misuse of confidential user data by Google in the last three years,” says Consumer Watchdog.
Under the “Buzz Order” made after the 2011 snafu, Google agreed to pay a civil penalty of $16,000 “for each misrepresentation to the many tens of millions of users who downloaded hundreds of millions of Google apps,” the letter to the FTC reads. “Calculating the amount of the penalty is a simple matter of multiplication. The number is enormous (in the billions of dollars), and only a penalty of that magnitude will deter Google from future violation of the Buzz Order.”