The FTC has approved its settlement with Google that addresses improper privacy disclosure during the release of Buzz. The settlement mandates additional privacy procedures, including third-party privacy audits every other year for the next two decades.
The FTC Settlement
The Federal Trade Commission (FTC) gave the bill unanimous support (the vote was 4 - 0) in the official vote this month. In additional to the third-party audits, Google will have to: show privacy warning in a more prominent position, especially when user information is shared without the user specifically requesting such sharing; simplify or provide easier access to privacy setting controls; and ensure that all privacy policies held by Google are met in future product releases. The full FTC settlement is publicly available.
The primary concerns with Buzz were centered around the data shared with all contacts. If the user didn't specifically modify their privacy settings (i.e., just used the Google defaults), they automatically shared status updates, Picasa web albums, Google Reader items, imported blogs, and a lot more. The FTC found that this sharing was not communicated effectively to users, making Google's release (in legal terms) "deceptive."
Google admitted they were in the wrong and apologized repeatedly for the privacy issues. In an official statement responding to the FTC settlement, Google said, "The launch of Google Buzz fell short of our usual standards for transparency and user control – letting our users and Google down."
The History of Buzz's Privacy Concerns
In December of 2010, Google addressed the class action lawsuit by giving $8.5 million to firms that specialized in educating users about online privacy. In March of this year, the FTC reached this settlement.
With the final approval, the privacy procedures go into effect. This combines with the imminent shut-down of Buzz make up the final steps in closing Buzz's casket permanently.