And, Of Course, Class Action Lawsuit Filed Against Google Over Buzz

from the proof-of-harm? dept

I definitely agreed with others that Google’s failure to realize the potential privacy problems of automating followers based on who you talk to the most — and then making that info public — was a privacy mistake, but is it worth a class action lawsuit? To lawyers, of course it is. These days, if you do anything that people don’t like, you can pretty much expect a class action lawsuit that really serves only one purpose: to enrich the lawyers bringing the class action lawsuit. So, it comes as no surprise that a class action lawsuit have been filed against Google for the Buzz privacy mishap. But, really, is this necessary? The company quickly admitted it had made a mistake and changed things. At this point, what good does a class action lawsuit do? It’s not like the company hid something bad and tried to avoid taking responsibility for it. Class action lawsuits can have real value, but in this case, it’s a pure money grab.

Filed Under: , ,
Companies: google

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “And, Of Course, Class Action Lawsuit Filed Against Google Over Buzz”

Subscribe: RSS Leave a comment
Fred McTaker (profile) says:

Chilling effects vs. stupidity entitlements

The main reason I don’t like this class action suit is that it may just result in chilling effects on all future upgrades to online communications tools. In the case of Buzz, if I read the complaints correctly, to suffer from the privacy-default slip you had to:

1. Enable Buzz when the offer thingy pops up, after logging in to your Gmail account.
2. Either fail to look at the checkbox option about privacy when enabling, or fail to check profile privacy settings separately. (This part may depend on when Buzz became available on your account).
3. Have contacts that can see your follow* lists because they’re IN them by default, yet those same contacts are people you want those lists hidden from, AND they have to look at your lists before you can get around to changing your privacy settings.

#3 seems like a rare edge case to start with, and if that case is something you consider a risk, #1 is something you should never do without reading all the documentation first!

#2 is where the real problem lies, and no large group of people will ever agree what defaults are best. In privacy questions, it’s probably safest to stay with the most restrictive hold on information by default, and let the user free that up over time. That definition of default privacy is obviously antithetical to the concept of *social network* tools in general, especially in the age of Twitter.

So in general I am left to the opinion that if you care about your privacy: read the manual stupid! Class action lawsuits can’t fix stupid, especially when the source of stupidity is the class members.

aguywhoneedstenbucks (profile) says:

Re: Chilling effects vs. stupidity entitlements

1. If you click “No Thanks” then Buzz still auto followed a bunch of people, at some people were following me (source: It happened to me)
2. Checking privacy settings for something you didn’t sign up for is retarded. Should have been opt-in, not opt-out
3. Since you were entirely wrong on #1, this is much easier to do than you realized.

What you don’t seem to get is that it was a service that Google signed everyone up that is using GMail by default. They have taken steps to quell some of the privacy concerns but it is still an opt-out rather than opt-in service. I do agree that a class-action suit may not be the way to go, but they do need to understand that they shouldn’t automatically sign people up for something without asking them first no matter how great they think it is.

inc (profile) says:

Re: A mistake that shouldn't have been made perhaps?

Being innovative usually mean experimenting and making mistakes until you get something that works great. What makes this even more a stretch is no one was paying for this service or making you use it. They came out and apologized and making it right. What is the real harm in some followers on your social network? Seriously, some people need to grow up. Now, Toyota having stuck gas pedals maybe on the level of a class action lawsuit. Since their handling of it was very poor, and the very real possibility for many people to be injured or even killed.

The Infamous Joe (profile) says:

Re: Re: Re: A mistake that shouldn't have been made perhaps?

Second: Did you see the blog about the lady whose abusive ex-husband ended up being an automatic follower on Buzz?

I don’t understand your point. She obviously emailed this man enough for Google to auto add him, so it’s not like he suddenly learned of her existence. Further, even before the “fix”, Google *showed* you who was being auto followed and who was following you. Next to that picture was the words “block” and “follow back”.

This is a non-issue. If a person really feels that strongly about this, stop using the *free* service Google provides, and go elsewhere.

Tyanna says:

Re: Re: Re:2 A mistake that shouldn't have been made perhaps?

Correct, she probably emailed him when they were married.

When I first opened the app, the little ‘block/follow back’ buttons you’re talking about didn’t exist. If Google set it up so that someone follows you, you were stuck with it. I know because I had 2 people I don’t talk to any more following me….and I couldn’t stop them from doing so. This resulting in me opting out of Buzz.

I agree that someone at Google should have thought this through, and b/c they didn’t they have lost a lot of users.

PrivateTeacher says:

Google Buzz

I think the suit is justified. Google knew what they were doing the moment they came up with the Buzz linking automatically my contacts. I DID NOT LIKE THAT and had I been in the States I´d file a suit too.

They quickly “corrected” and apologised, but we are not stupid and those who defend Google´s stealth way of doing things don´t really understand what this company is up to.

I wish more suits will be coming on their way because this is going too far. just like Iran,

AND NOW? Now it is too late

Griff (profile) says:

It was breathtakingly stupid

Was this some 20% project that persuaded the boss to let them go live ? Or just tunnel vision about keeping up with twitter and facebook ?

Either way, very surprising given google’s (supposed) talent.

So how are they going to be disincentivised from doing something sloppy like this again ?
I’m not sure a class action is the right way to go but something major (read “expensive”) should happen to give them (and anyone else) pause before doing it again.

Chronno S. Trigger (profile) says:

Re: It was breathtakingly stupid

“So how are they going to be disincentivised from doing something sloppy like this again ? “

That’s one big advantage of using Google. They don’t have the market by the balls like Microsoft douse. You don’t like G-Mail, Yahoo is free and unlimited. You don’t like Google Search, Yahoo is free and so is Bing and the other few thousand. Don’t like Google Maps (I don’t), Mapquest is free. Google douse not have the power here and they know it.

This isn’t like Microsoft where the people saying “don’t like it, don’t use it” are deluding themselves. With Google I can safely say “Don’t like it, don’t use it”.

Mr RC (profile) says:


I think this is more of a money grab than anything… It’s a total non-event..

I used buzz the moment it was offered, and the check box is right in front of you about displaying info.. How is it Googles fault that people didn’t pay attention? I sure did, nobody got to see my contacts..

Even if someone has the highest privacy settings on facebook, their ‘friends’ can be viewed, even if you’re not their friend.. hmmm just like the Buzz default… ohnoes!!

AnonymousCoward says:

Some Reasons Google is Responsible

Here are a couple of things they could be responsible for.

1. You are looking for a job and you log onto Gmail to find out your boss, co-workers and your employer prospect are now Buzz friends automatically. You are now unemployed because your current employer knows you were talking to the prospective company.

2. You are a journalist and keep your sources in a whistle-blowing case private, until Google Buzz…

jilocasin (profile) says:

Until we get laws with teeth, lawsuits are still a needed evil

Unfortunately we don’t have any privacy laws worth mentioning here in the States. Until we do, lawsuits like this are the only thing that will put a little sting into stupid behavior.

While it’s usually true that only the lawyers make out in class action suits, what’s the alternative? Class action lawsuits are needed in an attempt to cause a company some noticeable pain in a manner that’s profitable enough for a lawyer to bother. If a company skims $1.00 off of a person’s account who’s going to afford a lawyer to take them to court over it? If they do that to 12,000,000 customers it’s just too profitable for them not to.

What Google’s really guilty of, secondary usage of information about people, is just a symptom of the larger issue. That issue is that companies have very little restriction on what they can do with the information about you they have. Once they have it, they can do what they want, and if you don’t like it, too bad.

Of course there are certain odd exceptions, I mean really odd. In the U.S. you can’t share medical information under HIPPA, _unless_ you aren’t in the medical field. Your doctor can’t share your info with the pharma company, but it can with someone who isn’t in health care. They can then turn around and resell that data back to other doctors, pharmaceutical companies, etc. Since they aren’t in the health care field it doesn’t apply to them. A veritable industry of health information laundering has sprung up to exploit this loophole. In fact all HIPPA is known to most people for is the silly notice your doctor/pharmacy/etc. show you once a year and have you sign a statement that you’ve seen it. If you ever actually bother to read it, it’s full of text telling you that they _are_going_to_SHARE_ your information, and if you don’t like it too bad.

Verizon can sell records of who you call on the phone, and Google can let the world know everyone that you’ve ever texted, emailed, or communicated with through their services in a pathetic attempt to gain instant social networking credibility/relevance. But, due to the happenstance of an elected official’s video tape rentals embarrassing him, it’s a federal crime to share the record of the video’s you rent (just ask Blockbuster and Facebook).

Companies (and especially the Government) shouldn’t be allowed to reuse and information about you for any purpose other than the one you gave it to them for and can only be collected for a specific/narrow purpose. No boilerplate, “by using this site you agree that we can use your info however we like in perpetuity” nonsense.

They should be forced to destroy any copies of that data at your request, restricted only be a legitimate business need (by legitimate I mean if they charge you by the month they get to keep your information until the end of the month so that they know what to charge and where to send the bill)

They should be forced to allow you to inspect any information they have about you.

Breaches of this law should be punishable by real fines, _AND_ prison time.

The other major change that needs to be made is to make it impossible for consumers to waive the above or any other consumer protection law regardless of what the contract may state. Companies can negotiate arbitration or venue restrictions, customers shouldn’t have to as the cost of buying things or using services.

Until that happens we will need to keep hitting companies like Google with the class-action-clue-stick until they wise up.

PEBKAC says:

Re: Until we get laws with teeth, lawsuits are still a needed evil

I’m in this camp. Any/all info collection or re-use should be mandated as opt-in, never opt-out.

Aside from the legal pointed sticks, there’s also the FTC, which has been complained to regarding this situation:

The Infamous Joe (profile) says:

Re: Until we get laws with teeth, lawsuits are still a needed evil

Once they have it, they can do what they want, and if you don’t like it, too bad.

By ‘once they have it’ you, of course, mean ‘once you give it to them of your own free will’ and by ‘too bad’ you, of course, mean ‘take your business elsewhere’? Or did the government mandate gmail addresses for everyone while I wasn’t looking?

AnonymousCoward says:

Free Service Doesn't Excuse

I don’t understand how Gmail being free excuses the behavior.

If I ask my neighbor to retrieve my mail while on vacation, there is an implied level of privacy. If my neighbor goes around the neighborhood and tells people I am behind on my bills or have outstanding lawsuits, my neighbor isn’t excused because they are “doing it for free”.

Overcast (profile) says:

and then making that info public — was a privacy mistake, but is it worth a class action lawsuit?

Yes, any company that takes upon itself to hold your ‘personal information’ in their databases – that screws up with it, should pay and pay good.

If they don’t want that risk, then keep personal information out of their databases. It’s their choice, so it’s their responsibility to bear – just like a bank or a doctor’s office.

I hope they get slammed good – sorry, but there’s a measure of responsibility that goes with ‘trust’ of personal information of users. Even if it’s somewhat insignificant.

Brandon (profile) says:

Re: Re: Re:

I agree, same with the IRS too. Oh, wait..

Of course there is a huge difference but just because its a free opt-in service doesn’t excuse Google here, especially with their commitment to privacy. The same also wouldn’t be said for people who use Google checkout (free, btw) and Google suddenly and accidentally exposed their credit cards. I mean its a free service so those with exposed credit cards should be at fault, right?

Problem I see with the whole ‘if you don’t like it, don’t use it’ crowd is that they don’t think privacy has any value. While I don’t agree that a class-action lawsuit is appropriate in this case, I don’t think that people should just dismiss the possible implications, at the very least this should cause people to question Google. I do think the way they approached the issue publicly and quickly worked on fixes was better than many other companies.

This is a greater issue than people may think, HIPAA could have been violated to a degree. Don’t think so? Google could have exposed patients who have emailed doctors who specialize in HIV, Cancer and other treatments. While I deal with HIPAA on an ongoing basis in IT, I’m not sure of the ramifications of this.

Also, what if this happened for those users who do pay for Google services like Google Apps? While Buzz isn’t active for business (maybe for this very reason) what if you realized your competing vendors suddenly noticed via buzz that you are also emailing their rivals?

Yes, this treads in WHAT-IF territory and is very unlikely. Yes, if you don’t like the possibility of your private information getting out, you shouldn’t use a free service. That being said, what gives you any idea that paid services are more secure with your info just because you gave them money?

I don’t actually have any recommendations or insightful/helpful stuff to say other than my thoughts. Privacy issues like this is so far beyond my expertise but even as a generally happy Google user I don’t think they should get a free pass on issues like this just because I like their service.

Question companies just like you should question the government.

The Infamous Joe (profile) says:

Re: Re: Re: Re:

I don’t think they should get a free pass on issues like this just because I like their service.

Now, I thought I was pretty quick to sign up, but maybe this button was missing before I got to it, however, it definitely *asked* me if I wanted to enable buzz.

Should a company be liable for its users inattention to detail?

Anonymous Coward says:

I’m actually a paying Google customer, although it’s only $50 a year – for online file storage space via Google Docs. The first thing I did was turn off Buzz completely -I have tons of music files stored and the last thing I want is a run-in with the fucking RIAA mafia after I’ve unknowingly shared ten gigabytes of my paid-for music with the world. I didn’t even bother reading through to see if this was even possible through Buzz – I just turned the feature off.

Mike Masnick (profile) says:

Re: Google Buzz Class Action

I had to challenge your reflexive apologia for Google Buzz in blaming the Google Buzz victims in my post.

My goodness Scott. So much wrong in so little space.

1. I did not “apologize” for Google, reflexively or otherwise.
2. Instead, I pointed out why a class action lawsuit doesn’t make sense in this case.
3. I did not “blame the victims.” I am simply asking why the people who were upset by this privacy snafu — which I agree is a big snafu deserve money.
4. We agree on the fact that Google has bad customer service. I’ve posted a whole series of blog posts in the last few months attacking Google over this very point. Why would you suggest otherwise? Especially if I’m a “reflexive apologist” for the company? Hell, in the last year alone, I’ve written the following posts:
5. But even if Google has a customer service problem, how does that mean that this particular class action lawsuit makes sense?
6. As for what remedies people have if Google violates their privacy, clearly they have many that work quite well: they can use alternative products. They can speak out in the press. That obviously worked quite well with Buzz, forcing the company to apologize and adapt quite quickly.
7. If you cite EPIC on Google privacy issues, you’ve already lost. EPIC, like you, are on a vendetta against Google and is difficult to take them seriously.
8. Even if Google has had privacy issues, to claim that this class action lawsuit has anything to do with that is grossly misleading to the point of being ridiculous. You should give back the money you’re paid to trash Google it’s so weak.
9. The number of users Google has is meaningless.
10. If you can point us to someone who was actually harmed by this poor choice, let us know. Yes, we agreed that it was a really bad thing. In fact, we wrote a post knocking Google for this privacy mistake (despite your false assertion that we reflexively apologize for Google). But making a dumb mistake doesn’t automatically mean a class action lawsuit is justified. You must know that. Right?
11. No, I never said that each individual should file a separate lawsuit, but I would like to see a specific case of harm caused by this. To date, people have suggested how there could be harm, but I’ve seen no evidence of the millions of people harmed that you claim. Scott, you have a history of making up ridiculous numbers, please don’t do so again.
12. It is not ridiculous to claim this is a money grab. Class action lawsuits quite often are. If you can’t show real harm, and the lawyers expect to take the lion share of any settlement, it’s clearly a money grab.

Might I respectfully suggest, Mr. Cleland, that as someone who admits upfront that you are paid handsomely to bash Google, that you might consider, at times, that some attacks on Google are misguided.

Also, I would appreciate it that you not put words in my mouth as part of your shilldom.

Scott Cleland (profile) says:

Google Buzz Class Action

Mr. Masnick thank you for your explanation. Let me agree with your conclusion that some attacks on Google are misguided.
We can agree to disagree on this case, but I believe this one and many many others are not misguided. You admit Google made a mistake and handled it badly and that Google has issues. A court case is a normal forum for a person who believes they are aggrieved by another to get redress. In that process they will have to prove harm. My criticism is why reflexively bash people and question their motives before they have their day in court?
Let me also state that many challenges of Google that are completely warranted and justified. Several different copyright industries have sued Google for serial infringement. This is not the first serious dust-up Google has faced on privacy/security related issues. And on Antitrust, my analysis has been spot on and early, and the US Government has implictly agreed with my assessment of Google’s monopolistic anticompetitive behavior in three instances, Google-Yahoo, Google Books, and Microsoft-Yahoo so I am not unjustifyably “attacking” Google, I like others am presenting information and cases that are proven to have great merit with both the Bush and Obama antitrust authorities.
Your rebuttal would also be stronger if you did not feel the need to resort to ad hominem attacks. You don’t need to, you are perfectly capable of making your case strongly without them.
Scott Cleland
Precursor LLC
Publisher of

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...