Privacy group: Google sharing too much personal info with developers

Google's sharing of app buyers' personal information with developers violates an FTC settlement, Consumer Watchdog says

The U.S. Federal Trade Commission and the California Office of the Attorney General should investigate Google's Wallet service for sharing app buyers' personal information with app developers, a privacy group said.

Reports this month that Google Wallet is sharing customer information with app developers is the latest in a long line of privacy violations, said Consumer Watchdog, a frequent critic of Google privacy practices. Google's conduct violates a 2011 privacy agreement with the FTC over its Buzz social-networking service and the U.S. FTC Act prohibiting unfair and deceptive business practices, Consumer Watchdog said in a letter to the FTC sent Monday.

Earlier this month, Android app developer Dan Nolan wrote in a blog post that Google was sharing an "insane" amount of customer information, including names and addresses, with app developers after customers download the apps from Google Play.

The FTC needs to take action, Consumer Watchdog said, after deciding not to penalize Google after the company announced in January 2012 that it was combining customer information between its services and after the FTC imposed what Consumer Watchdog has called a minor penalty in Google's tracking of Safari users on Apple devices.

"Obviously, if the commission takes its obligation to protect the privacy of consumers seriously -- and if the Commission expects Google (or the public at large, for that matter) to take the commission's enforcement function seriously -- then the Commission needs to adopt a new and different approach toward Google's violations," John Simpson, Consumer Watchdog's Privacy Project director, wrote in the letter to the FTC. "The strategy of initiating enforcement procedures by proposing a settlement followed by secret negotiations and a toothless decree has brought the commission little beyond public condemnation."

The FTC has not protected consumers "adequately," Simpson added.

A Google spokeswoman said the sharing of customer information in Google Wallet is consistent with the company's existing privacy policies. "Google Wallet shares the information needed to process transactions and maintain accounts, and this is clearly stated in the Google Wallet Privacy Notice," she said in an email. "It's fully compliant with the law and our consent decree."

Google's Gmail privacy has been under attack in recent weeks by a Microsoft-backed campaign called Scroogled, but Simpson said his group's complaint is independent of those efforts.

The FTC complaint is a continuation of Consumer Watchdog's past efforts on Google privacy, he said in an email. "We see this as the fifth privacy violation in three years," Simpson said.

Apps sold on Google Play can deal with sensitive personal subjects, including health information and sexual activity, Simpson said in his complaint.

Simpson disputed Google's assertions that it was sharing information necessary for the app transaction. "Checking the relevant privacy polices, we found no indication that Google would share this information with apps developers," he said. "Google Wallet talks about sharing data necessary for the transaction, but this information is NOT necessary for the transaction."

Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is grant_gross@idg.com.

Join the CSO newsletter!

Error: Please check your email address.

Tags U.S. Federal Trade CommissionConsumer WatchdogregulationDan NolanCalifornia Office of the Attorney GeneralmobileJohn Simpsongovernmentprivacymobile applicationsGooglesecurity

More about AppleFederal Trade CommissionFTCGoogleIDGMicrosoftNolan

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Grant Gross

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place