You are here

Expect Google's Privacy Problems to Threaten Bubble 2.0

Expect Google's bull-in-a-china-shop entry into social, to try and neutralize FaceBook, to bring lots more major unwanted privacy attention to the privacy-challenged social media business model, and to contribute to the eventual bursting of the Internet investment Bubble 2.0.


  • The hot air that is inflating the social media Bubble 2.0 is that people somehow want to forfeit their privacy to socialize more efficiently, and that social media business models can indefinitely monetize privacy arbitrage against users' interests without consequence.
    • (See Part I of this series here.)
  • Ironically, the investment fate of social media, and Bubble 2.0, will depend less on what social media companies do, and more of what the leviathan Google does in social media.
    • The venture capital community has long been painfully aware of the Google-leviathan's  outsized effect on every other VC investment, because they always ask start-ups "What if Google Does It?"


I.   Privacy Baseline is on the Move: Bipartisan Interest in Privacy Protection Strengthening

Anyone following social media or Google would be remiss to not notice the flurry of recent bipartisan, bicameral, and bi-branch interest in increasing privacy protection of online users in just the last few weeks.




II.   Google' Continuing Flouting of Privacy Concerns is Key Catalyst for Privacy Law/Rules


In late March the FTC charged Google with deceptive and unfair privacy practices (for its launch of its social media service "Buzz" which made people's gmail contacts public by default when their privacy policy representations did not allow it), and in the FTC's settlement of its enforcement action against Google, Google must devise a comprehensive privacy policy and be audited for compliance for twenty years.

In just the few weeks since the FTC's enforcement action against Google, Google appears to be making a mockery of the FTC's enforcement action. The evidence:

The Glaring Google Loophole: Google cleverly negotiated itself a privacy loophole so huge that it could drive a world-leading mobile operating system through it without being touched.

  • Unlike the Kerry-McCain Senate privacy bill, the Google-FTC agreement amazingly does not specifically include "device identifiers" as "covered" privacy information (See Definition 5) when "device identifiers" are just as private or more private than an IP address.
  • Why this FTC device identifier omission is so egregious and important is that the whole Google Streetview WiSpy scandal was about Google essentially wiretapping tens of millions of Americans homes and recording their device identifiers, in addition to emails and passwords.
    • And remember, the FTC closed its investigation of the Google Streetview WiSpy scandal after Google promised in a blog post to try and do better next time.
  • Apparently Google gamed the FTC in negotiating itself a huge privacy invasion loophole that enables it to continue to vacuum up private device identifier information via its Android operating system.
    • Its pretty obvious that Google is gigglingly aware of this critical nuance of the FTC not explicitly "covering" "device identifiers" as private information:
      • Just last week, "Google decided to use the device identifier going forward" per a Search Engine Land post.
      • And shortly after the FTC settlement, Google VP Marissa Mayer in a TV interview with the Wall Street Journal (see 2:50), made the distinction that it is "not Google, its your phone under your control" that's tracking your every whereabouts, despite the obvious fact that Android is a cloud operating system that operates on Google's servers!
    • If this FTC-Google privacy enforcement action to prevent deceptive privacy practices is to have any credibility going forward, Google must fairly represent that Google is indeed tracking Android users locations by default in order to map WiFi hotspot locations, because Streetview can no longer overtly wiretap WiFi signals due to WiSpy privacy concerns.
    • It is an outrageous misrepresentation for Google to publicly claim that Android, a cloud based operating system that tracks users location by default from Google's cloud servers is not Google, but the users' system.
  • Unless the FTC fixes this huge and dangerous privacy loophole and makes it explicit that "device identifiers" are included as covered private information to be protected, the FTC-Google agreement won't have much teeth.
    • (For those who would like to submit comments on the FTC-Google agreement, see EPIC's "Fix Google Privacy" page which makes it easy to do.)

Google +1 Diversion: The same day the FTC announced the FTC-Google privacy settlement, Google just happened to be ready to announce its new +1 social media offering. Google knew the best way to misrepresent the importance of the FTC action was to downplay its importance in its blog post on it, while at the exact same time publicly releasing its much-awaited new product entry into social media "+1."

  • Moreover, the +1 offering is about taking recommendations that someone might be interested in sharing with select friends, and sharing them with the world in Google search; or in other words making what used to be mostly private and making it completely public.

New Google CEO ties everyone's bonuses to Google's social success -- Buzz deja vu? One of the most significant changes new Google CEO Larry Page has instituted is to tie 25% of all Googlers bonuses to Google's success in entering social as fast as possible.

  • Remember Google totally missed the deep privacy problems of Google's social service Buzz when it rushed  it out without appropriate vetting for potential privacy concerns.
  • Now Google's CEO has made fastest broadest  exploitation of Google's private information for the success of Google's new social media products and services Google's main goal this year, while also making it clear that privacy protection is not on the radar screen of the new CEO.
    • Does Mr. Page's social media bonuses + his apparent blind eye to privacy = Buzz +1 more privacy scandal?

Only Google's Browser does not offer Do Not Track: This is because the entire purpose of Google Chrome and Google Android is to track users every movement and action. Chrome/Android are no privacy by design as they vacuum up all private information.

  • It is telling that Microsoft Explorer, Mozilla's Firefox, and Apple's Safari all now support Do Not Track capabilities on their browser, and Google's Chrome does not.
  • If the FTC and DOJ want more evidence why privacy is deeply relevant to antitrust, it is that Google uses privacy arbitrage as a key anti-competitive advantage to enhance and extend its monopoly power.
    • On Google's investor conference call last week, Google bragged about how "...everybody that uses Chrome is a guaranteed locked-in user..." for Google.
      • Please see  Larry Dignan's outstanding ZDNet post on this.


In sum, I see two big takeaways here.


  • First, Google remains on a collision course with the FTC, Congress and other privacy authorities on privacy.
    • It is clear that privacy protection is not important or a priority to Google's leadership, at the same time it is becoming increasingly important to users and government officials at all levels.
  • Second, Google's outsized and loud crashing of the social media party known as investment Bubble 2.0, will bring unwanted privacy protection attention by Federal/state law enforcement, legislators, and regulators -- to Silicon Valley's social media party where privacy offenses of all kinds are happening in full view of anyone willing to look.




Part I: Privacy Will Burst Bubble 2.0