You are here

Google's Poor & Defiant Settlement Record

Google's poor and defiant track record in respecting government agreements and settlements is likely one of the reasons the FTC hired an undefeated former Federal prosecutor and litigator to lead their Google antitrust probe and potential litigation against Google. The EU and the FTC are naturally exceptionally skeptical about negotiating an antitrust settlement with Google, given the substantial evidence that shows Google is consistently less-than-trustworthy in abiding by its agreements with Governments.

Specifically, the evidence shows that Google has not abided by either of its privacy agreements with the FTC concerning Street-View WiSpy or Google-Buzz, nor has Google fully-abided by its criminal Non-Prosecution-Agreement with the DOJ concerning its advertising of illegal prescription drug imports. In addition, Google attempted to broadly game the justice system in negotiating a Google Book Settlement that would have rewarded it with a partial monopoly for its mass copyright infringement.

1. FTC-Google WiSpy Privacy Agreement: In a 2010 letter to Google that got little media attention at the time, the Federal Trade Commission (FTC) ended its inquiry into the Google Street View WiSpy matter because of: Google's public representations that the privacy breach was "inadvertent" and "a mistake;" and also because Google made new public commitments to improve its privacy practices -- in its official Google Blog post entitled: Creating Stronger Privacy Controls Inside Google (10-22-10). The FTC then handed off that investigation to the Federal Communications Commission (FCC) to determine if Google violated wiretapping laws, which fall under the FCC's jurisdiction. Seventeen months later, the FCC fined Google $25K because Google "deliberately impeded and delayed the Bureau's investigation" per its enforcement Notice. The FCC also indicated in its enforcement Notice that Google's lack of full cooperation made it impossible to determine if Google violated the law prohibiting wiretapping or not.

Importantly, the FCC's investigation apparently does prove in this instance that Google misrepresented its practices and behavior to the public/FTC. This reasonably could compel the FTC to reopen its WiSpy investigation under the FTC's Section 5 authority, which prohibits deceptive practices and misrepresentation. The FCC's official investigative record directly contradicts Google's public representations that their effort was "inadvertent," or a "mistake" made by a lone engineer, or that no other Googlers knew about it until 2010. On the contrary, the FCC's new evidence shows that it was an intentional and planned data collection effort from 2006-2008, and that many more Googlers were aware of, and complicit with, Google's violation of millions of Americans' privacy from 2008-2010. Moreover despite Google's representations that the private data was not used in a product or service, the FCC's evidentiary record proves Google employees indeed tested the collected payload data to determine if this data could be useful for Google products of services.

Let's briefly summarize the most damning findings of the FCC's investigation. We now know Engineer Doe (Marius Milner) specifically and purposefully wrote computer code that by design collected personal "payload data," i.e. all WiFi signals, including passwords, emails among other sensitive information. The purpose of that code was to collect a new and different data set that could have potential use for improving search algorithms or other Google products and services, to be determined later -- which would be consistent with Google's mission: "to organize the world's information and make it universally accessible and useful." It was so purposeful that it was written directly into the required design document for the project, where it stayed unchanged throughout the WiSpy effort from 2006-2010.

The FCC report also shows Engineer Doe discussed the payload collecting code with other engineers on the team and that many other engineers either proofed it, modified it, reviewed it or "pushed" it into the field without changing the code's purpose to collect payload data: emails, passwords, etc. Engineer Doe even discussed the data collection with the Search algorithm team to see if it might be useful to them.

A new revelation that is shocking and especially disturbing, is that after long publicly representing that the private data was safe from viewing because it never physically left the hard disks that collected the data, at least in the U.S., the data was uploaded "to servers at a Google data center in Oregon." What we still don't know is why this data was uploaded to servers where it potentially could be accessible to a wide swath of Google engineers, (and possibly even the public via Google's universal search index in Big Table), if there actually was no interest in seeing how this data could be useful to other Google projects, products or services. (Given that the FTC is already investigating Google's search for deceptive practices, the FTC should seek to determine if, how, who and when Google fully-purged its servers of this ill-gotten information and who, if anyone, has accessed this payload data on Google's servers online, within or outside Google.)

Finally we learned from Google's letter where it acceded to the $25k fine, that Google told the FCC that Engineer Doe "had cooperated fully with Google's investigation, stating that he believed the collection of publicly broadcast information sent over unencrypted WiFi networks to be lawful." Ironically, Google is effectively using Engineer Doe's exercise of his Constitutional Right to not incriminate himself to publicly trumpet Google's innocence here. If Marius Milner, aka Engineer Doe, was given immunity from prosecution to testify before Congress, as recommended by Consumer Watchdog, the government then could learn the information the FCC enforcement staff have indicated is necessary to determine if the Street View WiSpy affair actually was the largest illegal wiretapping of U.S. citizens in U.S. history.

2. FTC-Google-Buzz Settlement: Last October, Google settled with the FTC over charges of "deceptive privacy practices" and legally committed, among other things "…to obtain express affirmative consent from the Google user…" However, just a few months later, Google consolidated ~sixty of its privacy policies into one policy without any opt-out option, i.e. without any "express affirmative consent from the Google user." Google then rejected requests from EU authorities to delay implementation of the new privacy to determine if it abided by EU law. And Google blew off a request by 35 state Attorneys General to meet with Google's CEO about their objections to the new privacy policy prior to its implementation.

Moreover in February, Google was caught by a Stanford researcher having hacked Apple's Safari browser to circumvent both users' and Apple's privacy protections to enable tracking for Google+ advertising per the WSJ. Google quickly stopped the offending hacking, implying wrongdoing, but did not apologize, and was misleading in its defense, necessitating the FTC to open a new inquiry into the matter to determine if Google broke the FTC-Google-Buzz privacy settlement in not implementing as required "…the design and implementation of reasonable privacy controls and procedures…"

Furthermore, the FTC's investigation will have to determine if Google again engaged in more misrepresentation in how it publicly explained its actions in the Safari hack affair, misrepresentation which is expressly prohibited in the FTC-Google-Buzz deceptive practices settlement (Google "shall not misrepresent in any manner, expressly or by implication: A. the extent to which respondent [Google] maintains and protects the privacy and confidentiality of any covered information.")

3. DOJ-Google Criminal Non-Prosecution-Agreement: In the August DOJ-Google non-prosecution-agreement that resulted in Google accepting responsibility and paying a $500m corporate penalty for knowingly advertising illegal prescription drug imports into the United States for eight years, para 14 specifically prohibited anyone speaking publicly on behalf of Google from contradicting any of the facts enumerated in the agreement.

This February, a lawyer representing Google in a shareholder suit on this very matter apparently flagrantly flouted that prohibition. To a Delaware state court he asserted that when the U.S. Attorney handling this case publicly described some of the facts in the non-prosecution agreement, that he was "so far off the reservation that the Justice Department apologized to Google for it and muzzled him," per the WSJ. However, in a stunning rebuke of this misrepresentation and mischaracterization of fact before the Delaware state court, the Rhode Island U.S. Attorney's office responded in an obvious un-muzzled way to the WSJ that "the U.S. Attorney has never issued apologies to anyone on this matter," and the DOJ spokesperson echoed: "We did not apologize." Apparently Google did not respect the clear gag-order terms of the DOJ's non-prosecution-agreement, and is likely now on very thin ice on this matter.

4. Google Book Settlement: Google proposed two different book settlements that were opposed by the U.S. DOJ for violating three different bodies of law: antitrust, copyright and class action, in 2009, and again in 2010. Germany and France also formally opposed the book settlement in court as illegal. U.S. Federal District Court Judge Chin formally rejected the settlement because it would be anti-competitive and reward Google for: "wholesale copying of copyrighted works without permission." After all that transatlantic legal negotiation, condemnation and opposition, Google continues its willful mass infringement unabated to this day -- with 15 million books copied without permission and counting.

Conclusion: It appears the EU and FTC are more inclined to litigate than settle Google's antitrust cases, in part because Google's poor and defiant record of not respecting previous government agreements and settlements, inspires little trust that Google will negotiate in good faith, fairly represent their behavior in the future, or faithfully abide by whatever settlement could be reached.

In addition, antitrust authorities seem well aware that they are confronting a unique global serial scofflaw, which has a long rap sheet, an above-the-law culture, over a billion users, and behavior that affects more of the economy than maybe any other company in the world.

Lastly, antitrust authorities and Google are light years apart in negotiations for three big reasons. First Google denies that they have any market dominance and that competition is but a click away for users, when the EU believes they are a search advertising 90+% monopoly and the DOJ and FTC have already concluded Google is dominant. Second Google does not believe it has done anything wrong in offering innovative services to users and providing what it editorially believes are the best search results for users, while the EU and FTC apparently have concluded in their respective investigations that Google is anti-competitively self-dealing and punishing competitors. And finally, Google maintains there can be no remedy that will not impede innovation or break the Internet, when the EU and the FTC apparently believe there needs to be some enforcement mechanism to ensure the illegal behavior does not continue into the future.