Google’s new privacy policy is under legal attack from regulators in its largest European markets, who want the company to overhaul practices they say let it create a data goldmine at the expense of unwitting users.

Led by the French, organisations in Britain, the Netherlands, Germany, Spain and Italy agreed Tuesday on the joint action, with the ultimate possibility of imposing fines or restrictions on operations across the entire 27-country European Union.

Last year the company merged 60 separate privacy policies from around the world into one universal procedure. The European organisations complain that the new policy doesn’t allow users to figure out which information is kept, how it is combined by Google services, or how long the company retains it.

The fines’ financial impact on Google would be limited – French privacy watchdog CNIL has the right to fine the company up to 300,000 ($A372,000) approximately the amount it earns in three minutes, based on its projected revenue of $61 billion this year. Britain can fine up to 500,000 pounds, but rarely does.

But successful legal action would hurt Google’s image and could block its ability to collect such data until it addresses the regulators’ concerns.

Google dominates the European market for internet searches. According to one survey, as much as 95 per cent of searches in Europe are carried out through Google, compared with about 65 per cent in the United States. European regulators have demanded specifics for anyone using Google on what’s being collected and a simpler presentation.

Tensions between privacy and the swiftly evolving ability of companies to spin online usage data into vast profits are ramping up, especially in Europe, where privacy laws tend to be strong and nearly every country has a regulatory body. But internet users have consistently shown a willingness to give up privacy in exchange for convenience and new online services that Google and other tech companies offer.

Google says it merged its myriad privacy policies in March 2012 for the sake of simplicity, and that the changes comply with European laws.

‘There is a wider debate going on about personal data and who owns and controls personal data,’ said Colin Strong, a technology analyst with GfK.

‘The question is the extent to which consumers understand the value of their personal data and the extent that they are happy with the trade that they’re getting.’

Story source: www.bigpond.com

Colleagues posting embarrassing photos of one another on social media sites is contributing to a widespread breakdown of workplace privacy, a new international study suggests.

Co-workers using social media sites to make unwanted romantic advances is also said to be blurring the distinction between work and home life.

The findings, based on surveys with 4000 social media users in 10 countries, were published by internet security firm AVG Technologies on Monday as part of its Digital Diaries studies series.

‘This study highlights the need for a combination of greater education around social media, alongside increased attention and care by both employees and employers to their social media etiquette at work,’ the company said.

Six out of 10 Australians who took part in the research said social media sites have eroded their expectation of privacy at work.

Many of the Australian participants said they now limit what they post online.

Other concerns raised by employees included cyber bullying at work and managers discovering embarrassing or incriminating information on social media sites.

Story source: www.bigpond.com

The World Wide Web Consortium (W3C) wants to help users control how their personal data is managed.

It is designing controls to shield personal data and reveal when sites do not honour privacy requests.

The W3C now wants users, browser makers and businesses to help finish and implement the specifications.

"Users have the feeling they are being being tracked and some users have privacy concerns and would like to solve them," said Dr Matthias Schunter from IBM who chairs the W3C group drawing up the Do Not Track technologies.

Co-ordination

The working group is defining software specifications that will:

• let browser settings tell websites to do less tracking
• let websites acknowledge privacy requests
• define best practices for sites so they can comply with different privacy needs

Dr Schunter said the specifications aim to end the current situation in which different browser makers adopt incompatible Do Not Track systems.

"Currently websites need to implement all these different protocols," he said. "There’s no standard way to respect privacy preferences."

"We want to standardise all these protocols so they talk the same language and then tell websites what to do with them," said Dr Schunter.

The tools resulting from the W3C work would aim to be "privacy friendly" and surrender as little information as possible, he added.

For instance, he said, a site could log a user’s language preference by noting their name and native tongue and store that in a cookie – little text files sites use to record information about regular visitors.

A more privacy-friendly way, said Dr Schunter, would have browser software note that its owner prefers a particular language without surrendering any identifying information.

Users could be warned about sites that do not do a good job of respecting requests to keep information private.

While the W3C cannot insist that sites and software vendors follow its lead, said Dr Schunter, it was more than likely that they would adopt the technologies.

The finished technologies are expected to be implemented by browser makers first in mid-2012 with websites following soon after as they get to grips with the best practices.

More than 15 firms and organisations are involved in the Do Not Track work including Adobe, Apple, Facebook, Google, Microsoft, the Electronic Frontier Foundation and Stanford University.

Story source: www.bbc.co.uk

The Wall Street Journal said Google and other companies had worked around privacy settings designed to restrict cookies.

Cookies are small text files stored by browsers which can record information about online activity, and help some online services work.

However Google says the story "mischaracterises" what happened.

Advertisers can use cookies to track online behaviour, helping them to target the commercials they show to internet users.

Some think this use of cookies erodes online privacy. In May, European Union laws are due to come into force which will restrict the use of advertising cookies.

But cookies are also essential to some web services like those Google offers.

Cookie control

The Safari browser is produced by Apple, and is the browser used by the iPhone.

By default Safari only allows cookies to be stored by the web page a user is visiting, not from third parties such as advertisers.

However, Stanford University researcher Jonathan Mayer found that advertisers were still able to store cookies on the computers of internet users browsing with Safari.

It was his discovery that formed the basis of the Wall Street Journal’s story.

Many Google services use cookies, for example to remember when someone is signed in to a service, but they are also used by the firm to help personalise advertising.

It was when Google attempted to find a way to enable some of its services and personalised advertising to work on Safari that, Google says, it inadvertently stored cookies.

Side-stepping Safari

In a statement, senior vice president Rachel Whetstone said that last year the company had decided to "enable features for signed-in Google users on Safari who had opted to see personalised ads and other content".

She added: "To enable these features, we created a temporary communication link between Safari browsers and Google’s servers, so that we could ascertain whether Safari users were also signed into Google, and had opted for this type of personalisation."

Ms Whetsone said the company had created new systems to make sure the information it collected was anonymous, but this had led to unintended consequences:

"The Safari browser contained functionality that then enabled other Google advertising cookies to be set on the browser.

"We didn’t anticipate that this would happen, and we have now started removing these advertising cookies from Safari browsers. It’s important to stress that, just as on other browsers, these advertising cookies do not collect personal information."

The Wall Street Journal reported that Google "disabled the code after being contacted by the paper".

Google declined to provide further comment to the BBC.

Privacy warning

Online privacy advocates were highly critical of Google’s actions.

The Electronic Frontier Foundation wrote: "It’s time for Google to acknowledge that it can do a better job of respecting the privacy of web users."

Although much of the criticism has been directed at the search giant, the Wall Street Journal said that in addition to Google, a number of advertising companies had been using the work-around which had been known about for some time.

An Apple spokesman said in a statement: "We are aware that some third parties are circumventing Safari’s privacy features and we are working to put a stop to it."

Story source: www.bbc.co.uk

Facebook’s move to enable facial recognition across its entire social networking site is raising some eyebrows – and possibly some legal woes — over its privacy implications.

On Tuesday, Facebook announced in a blog post that it was working to make it easier for uses to tag photos of their friends and family members. To do this, it has been quietly rolling out facial recognition technology to a test group across the world’s biggest social network since late last year.

That means Facebook‘s system will be able to recognize the faces of its 500 million to 600 million users worldwide. The company will be able to identify you simply by your face.

Facebook noted that starting in just a few weeks, its system will scan all photos posted to Facebook and will offer up the names of the people who appear in the frame. All of Facebook’s users are automatically being added to the database.

The facial recognition feature is automatically turned on. Users who don’t want the service must go in and manually opt out of it.

A day after the announcement was made, data protection regulators at the European Union said they will launch an investigation into it, according to the Bloomberg news service, which also reported that authorities in the U.K. and Ireland are looking into the matter.

“Tags of people on pictures should only happen based on people’s prior consent and it can’t be activated by default,” said Gerard Lommel, a member of the EU’s Data Protection Working Party, according to Bloomberg. Such automatic tagging suggestions “can bear a lot of risks for users” and the European data-protection officials will “clarify to Facebook that this can’t happen like this.”

Facebook did not respond to a request for comment.

However, Brad Shimmin, an analyst with Current Analysis, said it’s clear that Facebook hasn’t learned any big lessons from its previous privacy brouhahas.

“Facebook’s repeated methodology of opting all users into new services, particularly services with potentially damaging ramifications, demonstrates a certain disregard for the security and privacy of its users,” Shimmin said. “When applied broadly, it can undermine our overall privacy — perhaps putting an end to anonymity altogether. With the proliferation of cameras and the major role they play in Facebook, wherever you go, you may be identified and catalogued for future reference.”

Over the past year or so, Facebook has found itself in the center of several firestorms related to privacy issues.

Just last fall, it was revealed that some of Facebook’s most popular applications, such as FarmVille, Texas HoldEm Poker and FrontierVille, had been sending users’ personal information to dozens of advertising and Internet monitoring companies. According to a Wall Street Journal investigation, the issue affected tens of millions of users, even those who had set their privacy settings to the strictest levels.

Earlier last year, Facebook was criticized after the company unveiled tools that would allow the sharing of user information with other Web sites. That move caused an uproar among users and prompted a handful of U.S. senators to send an open letter calling on Facebook to amend its privacy policies.

“You’d think that they would have learned something from the past pounding they’ve taken on privacy issues, but it doesn’t look like they have,” said Dan Olds, an analyst with The Gabriel Consulting Group. “This is pretty creepy … Let’s say some guy sees an attractive woman, he can snap a quick picture of her with his cellphone camera and then search Facebook to see who she is.”

Olds added that people should quickly move to opt out of the feature but he’s concerned that most users won’t take the issue seriously enough.

But for those who want to turn the feature off, security company Sophos offers some how-tos:

Not everyone is concerned about Facebook’s facial recognition feature, though.

Rob Enderle, an analyst with the Enderle Group, said the technology is out there whether Facebook uses it or not. “If Facebook doesn’t do this someone else likely will,” he said. “Remember [Facebook isn't] making private things public with this. They are making public things easier to find.”

Sharon Gaudin covers the Internet and Web 2.0, emerging technologies, and desktop and laptop chips for Computerworld. Follow Sharon on Twitter at @sgaudin or subscribe to Sharon’s RSS feed . Her e-mail address is sgaudin@computerworld.com.

View the original article here

In court documents unsealed on Tuesday, the three challenged a court order forcing Twitter to tell the government the names of those they talk to privately and who follow their posts. Lawyers argued that violated their freedom of speech.

The documents capture the heart of the WikiLeaks debate because the United States is investigating whether WikiLeaks should be held responsible for leaking classified information, even though it was not the original leaker.

Defence lawyers say it is a question of political discussion, arguing that Twitter communication about WikiLeaks is protected speech.

‘The First Amendment guarantees their right to speak up and freely associate with even unpopular people and cause,’ lawyers wrote.

The documents were filed by a member of Iceland’s parliament and a former WikiLeaks activist, Birgitta Jonsdottir, as well as two computer programmers, Rop Gonggrijp and Jacob Appelbaum.

Source: www.bigpond.com