Sister CISA CISSP

Feb 19 2010   5:23PM GMT

Not the Kind of “Buzz” Google Wants – Check Your Gmail



Posted by: Arian Eigen Heald
Tags:
information security
Privacy
privacy on the web
TCM (Truly Clueless Management)

About ten days ago, a splash page appeared when I went to log into my Gmail, indicating I could click the button labeled “Sweet! Check out Buzz” or “Nah, go to my inbox.” I just said “Nah” and went to my inbox, thinking no more about it. Sometime later, I noticed a little icon at the top of my Gmail. I didn’t pay any attention to it. (Bad auditor, bad!)

Turns out “Buzz” is a function that integrates social networking, instant messaging, blogging and any of the other applications within Google. Unfortunately, it does a whole lot more.

When I read that EPIC (Electronic Privacy Information Center) had filed a complaint with the FTC about “Buzz,” I was surprised. Then I read the complaint. I strongly recommend you read it, and you will see why a class action suit has also been filed today on behalf of the 37 million users of Gmail.

It turns out that regardless of whether a user clicked the button labeled “Sweet! Check out Buzz” or “Nah, go to my inbox,” Google Buzz was activated. No big deal? Ohhh yes it was. According to EPIC, and others:

Once Google Buzz is activated, the tool automatically populated my “following” lists using my most frequent email contacts. This happened automatically, after I logged in. Regardless of what I selected at the splash screen. In other words, if I didn’t change any of the default settings in Google Buzz, someone could go into my profile and see the people I email and chat with most.

Google Buzz did not warn me that creating a “Profile” in Buzz would make my frequent email contacts into “followers” and followed by,” and that this list would be made automatically available to those people and public on the web.

As we all know, web pages are archived and stored all the time. I can’t take that information “back.”
And neither can anyone else.

If you’re as horrified as I am, here’s a link to disable the thing. You start by clicking that tiny little colored icon at the top right of the mail page.

That splash page was NOT an opt-out. I had no choice about whether to start using it, or not.

Check it out before you disable it. See how much default information about you and who you contact is available. I’m furious. So are a lot of other people. Google made some changes last week, that do not go far enough:

“Google will stop auto-following the people you regularly email and chat with, but will instead suggest that you follow these people when you first start using Buzz. You’ll be shown a bunch of faces and check boxes to make sure you’re really interested in following these people.” Those “checkboxes” are still automatically turned on.

If you are using this BAD IDEA, you must go in and manually set privacy settings.

Not good news for privacy. Big bad news for Google.

1  Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Jaideep Khanduja
    is there any way to see on a single page how many of the people "i follow" are "following me"
    8,790 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: