Wednesday, February 10, 2010 - The Progress & Freedom Foundation Blog

Google Buzz: Encouraging Privacy by Design v. Privacy Paternalism

In case you missed it, the world stopped moving today to witness the birth of another Google product: the much-ballyhooed "Twitter-Killer," Buzz, which offers much of the functionality of Twitter in a more Facebook-like setting (plus location data) built directly into Gmail. CNET's Larry Magid started the #GoogSoc ("Google Social") hashtag for the event, kicking off a discussion about Twitter's newest competitor on Twitter itself--and he was the first one up to the mic with a question for Google Founder Sergey Brin and his team after their presentation. Larry asked about privacy concerns raised by Buzz and Brin responded, as Larry puts it:

that there are privacy controls built-into both the web and mobile Buzz applications but, by default, much of your information is public. For example, if you don't specify that a Buzz should only be seen by your friends, it's made available to everyone and indexed by the Google search engine. Like Facebook, Buzz gives you the ability to create lists so you can have a separate Buzz group for your drinking buddies and another one for people at work. However,as with all privacy tools, the key is how you use them. My concern is that some people might forget to use the privacy tools and send the wrong information to the wrong people.

There are also controls on whether your geo-location is disclosed but, again, it's up to the user to be careful on how they use them. Imagine sending a post out to your significant other that you're stuck at work only to accidentally reveal that you're actually located in a romantic restaurant down the street from the office?


I'm glad that Larry is raising these concern as someone who has done yeoman's work in educating Internet users, especially kids, about how to "Connect Safely" online (the name of his advocacy group). The fact that companies like Google know they'll get questions like Larry's is hugely important in keeping them on their toes to continually plan for "privacy by design."

But I do worry that those with a political axe to grind will take these same questions and twist them into arguments for regulation based on the idea that if some people forget to use a tool or just don't get care as much about protecting their privacy as some self-appointed "privacy advocates" think they should, the government--led by Platonic philosopher kings who know what's best for us all--should step in to protect us all from our own forgetfulness, carefulness or plain ol' apathy. After all, consumers are basically mindless sheep and if the government doesn't look after them, the digital wolves will devour them whole!

Concretely, one complaint raised in the Twittosphere about Buzz during today's press conference was the fact that, while users can chose whether to make each post public or private, the default setting is public. (It's worth noting that the setting is "sticky" to whatever the setting for your last post was and if you post something you didn't mean to, you can delete it). I wouldn't be surprised to see our friends at the Electronic Privacy Information Center (EPIC) fire off a complaint to the FTC demanding that Google be required to change this default setting to "private," or at least make users go through some kind of special opt-in before the default setting can be changed to "public."

If that doesn't sound so crazy to you, just stop for a moment and ask yourself how many Twitter users you know locked down their profiles. I only know one: Jim Harper, whatsadamattawidyou? And then ask just how useful Twitter would be if even more people did that.

There's also bound to be a lot of angst about the sharing of the Buzz user's location--even though the user has to choose to share that information AND gets a special opt-in the first time he/she does so.

What Buzz offers that Twitter does not is granularity of control, so that each user can decide who gets to see each post (and also whether to share their location for each post). That's exactly what Facebook began offering when it updated its privacy controls late last year, bu that didn't stop EPIC from rushing to the FTC to insist that the company start over on its privacy controls--and that government bureaucrats start making user interface decisions.

Let's hope we don't head further down that road. I'd much prefer to stay on the road to user empowerment land. Sure, we'll probably all make a few mistakes here and there, sharing things we didn't mean. But is it really such a burden for us all to take some responsibility for looking twice before we hit "send?" This is particularly true if the harm you're concerned about comes from lying to someone (to use Larry's example above). Having privacy management tools like those offered by Google Buzz and Facebook will probably make us all a little more careful and perhaps even a tad bit more honest.

posted by Berin Szoka @ 10:11 AM | Free Speech , Privacy