By Stephanie K. Mann, J.D.
Following a Wall Street Journal report that Google discovered a vulnerability with its social network product, Google+, but failed to report that problem, Senate lawmakers on both sides of the aisle are seeking an investigation. In a letter to FTC Chair Joseph Simons, Sens. Richard Blumenthal (D-Conn.), Edward J. Markey (D-Mass.) and Tom Udall (D-N.M.) urged the regulator to launch an investigation into Google’s exposure of private information and the alleged concealment in its handling of consumer data. In a separate letter to Google CEO Sundar Pichai, Sens. John Thune (R-S.D.), Roger Wicker (R-Miss.), and Jerry Moran (R-Kan.) sought the answers to multiple questions that would allow the company to maintain or regain the trust of users of its services.
According to Google, a service used by developers, an Application Programming Interface, had exposed non-public profile information to others, such as name, email address, occupation, and age. It is anticipated that more than a half million Google users from 2015 to May 2018. According to the Wall Street Journal article, Google hid this issue for six months to "avoid public scrutiny about privacy practices."
FTC investigation needed. A letter by the three Democratic senators urged the FTC to conduct a "rigorous review" to determine whether the Google+ "incident constitutes a breach of the company’s consent decree or other commitments" and "whether Good has engaged in deceptive acts and practices with respect to privacy."
Noting that Google had already been put on notice twice for deceptive tactics and violation of its own privacy promises to consumers in which the company entered into a consent decree in 2011, the legislators believe that the latest incident only calls into question Google’s compliance with the original consent decree. "Clearly the FTC cannot continue to allow Google to select its own referee and to self-regulate," said the letter.
Due to the level of data collection conducted by Google, including location monitoring; acquisition of sales data; tracking of non-Google users across the web; and scanning of email, the senators urged the FTC to launch this investigation to "finally protect consumers."
Call for information. The Republican-authored letter to Google finds the apparent cover-up especially concerning given the fact that the company’s chief privacy officer had testified before the Senate Commerce Committee on September 26, 2018, but failed to notify the Committee about the breach. The letter provided Google with an opportunity to be forthcoming with the public and lawmakers by answering a set of questions of the breach and its discovery, the vulnerability, and notification requirements. The company was asked to submit written responses by October 30.
The news of Google’s alleged cover up comes at a time when the Commerce Committee is currently discussing a federal privacy law. Speaking at a hearing titled "Consumer Data Privacy: Examining Lessons From the European Union’s General Data Protection Regulation and the California Consumer Privacy Act" held on October 10, Thune said that "it is increasingly clear that industry self-regulation" in the area of consumer data privacy "is not sufficient," and he pledged that "the next federal privacy law will not be written by industry." However, the commerce committee chairman added that "passing onerous requirements that do not materially advance privacy would be a step backward."
Companies: Google, Inc.
MainStory: TopStory ConsumerProtection Privacy FederalTradeCommissionNews CyberPrivacyFeed
Interested in submitting an article?
Submit your information to us today!Learn More
Antitrust Law Daily: Breaking legal news at your fingertips
Sign up today for your free trial to this daily reporting service created by attorneys, for attorneys. Stay up to date on antitrust legal matters with same-day coverage of breaking news, court decisions, legislation, and regulatory activity with easy access through email or mobile app.