Google has repeatedly shown a “disappointing disregard” for safeguarding private information about its users, the privacy officials from 10 major countries have said.

Britain’s Information Commissioner Christopher Graham and equivalent officials from Canada, France, Germany and Italy were among the signatories to a letter to the search giant’s chief executive, Eric Schmidt, which condemned the way the company has delivered both its Streetview mapping service and its Buzz product, which was conceived as a rival to social network Facebook.

The letter, organised by Canada’s Privacy Commissioner Jennifer Stoddart, calls on Google to lay out how it will meet concerns about its use of public data in the future, and says that it has “violated the fundamental principle that individuals should be able to control the use of their personal information”. The search giant has already acted to address a number of the points now raised in the letter, but said that it had no further statements to make on its privacy policies.

This comes on the heels of problems with Google’s Buzz network.  According to the Telegraph:

The launch of the Buzz network in February sparked an international wave of protests because it took information about email users’ most common correspondents and automatically built each individual a network of followers. This meant that links which people wished to keep private could immediately become public.

Google says it has rectified the problems but privacy advocates will be watching very closely as Google continues to expand it’s reach throughout the world.

The author of this particular article seems to think this case could overturn federal statute in such a way that the Supreme Court will, ultimately, become involved.

This should be an interesting case to watch.

The key finding in this analysis is while few click on the links in spam emails, it does make money.

As Professor Danielle Citron notes, another option (reported in the Times a few weeks ago) is a method tested by the Future of Privacy Forum and WPP and recently adopted by a coalition of leading trade groups, including the Interactive Advertising Bureau, The Direct Marketing Association, The American Association of Advertising Agencies and the Association of National Advertisers.  By labeling banners that are targeted based on the previous web sites users have visited with a special “I” icon and with the tag “interest based ads”, consumers are alerted and given an option to turn-off the ad targeting if they so choose.

We hope that this new effort to communicate with consumer about privacy in a meaningful way, as well as many of the other solutions noted in the New York Times article, will be a step toward the business community advancing user transparency and control.  By voluntarily taking steps to enhance user trust, both profits and privacy should be possible.

The goal of the simulation will be to see, in real-time, how government officials would develop a response to a cyber attack on the US as well as the difficulty involved in constructing a plan of action.

According to the Bipartisan Policy Center’s website:

The BPC is a non-profit organization that was established in 2007 by former Senate Majority Leaders Howard Baker, Tom Daschle, Bob Dole and George Mitchell to develop and promote solutions that can attract public support and political momentum in order to achieve real progress. The BPC acts as an incubator for policy efforts that engage top political figures, advocates, academics and business leaders in the art of principled compromise.

The world’s largest Internet search company and the world’s most powerful electronic surveillance organization are teaming up in the name of cybersecurity.

Under an agreement that is still being finalized, the National Security Agency would help Google analyze a major corporate espionage attack that the firm said originated in China and targeted its computer networks, according to cybersecurity experts familiar with the matter. The objective is to better defend Google — and its users — from future attack.

Google and the NSA declined to comment on the partnership. But sources with knowledge of the arrangement, speaking on the condition of anonymity, said the alliance is being designed to allow the two organizations to share critical information without violating Google’s policies or laws that protect the privacy of Americans’ online communications. The sources said the deal does not mean the NSA will be viewing users’ searches or e-mail accounts or that Google will be sharing proprietary data.

This may seem like an innocent way for the two to help each other out but the future uses of any information could be very troubling.  Google has had high profile privacy mis steps in the past and this could just lead to more.

The article goes on to say that:

The pact would be aimed at allowing the NSA help Google understand whether it is putting in place the right defenses by evaluating vulnerabilities in hardware and software and to calibrate how sophisticated the adversary is. The agency’s expertise is based in part on its analysis of cyber-”signatures” that have been documented in previous attacks and can be used to block future intrusions.

The NSA would also be able to help the firm understand what methods are being used to penetrate its system, the sources said. Google, for its part, may share information on the types of malicious code seen in the attacks — without disclosing proprietary data about what was taken, which would concern shareholders, sources said.

Let’s be clear about one thing:  one of the most secretive agencies in the world will not be “sharing” much with anybody, especially a private firm.

This deal could be the proverbial camel’s nose under the tent.  It is hard to believe that an agency obsessed with information collection will just stop at monitoring illegal activity.

And, where does it stop?  They say now that they won’t monitor e-mails or users searches.  It is hard it imagine that if there is another terrorist attack the NSA won’t tap into Google’s “other” databases.

According to Peter Cullen, Microsoft’s Chief Privacy Strategist:

This change is the result of a number of factors including a continuing evaluation of our business needs, the current competitive landscape and our ongoing dialogue with privacy advocates, consumer groups, and regulators – including the Article 29 Working Party, the group of 27 European national data protection regulators charged with providing advice to the European Commission and other EU institutions on data protection.

Microsoft’s new policy will entirely delete IP addresses associated with a search query at 6 months, however it will be rolled out over the next 12-18 months.

This discussion will feature the Chairwoman of the European Privacy Association & Former Danish MEP, Karin Riis-Jorgensen as well as the Co-chair and Director of the Future of Privacy Forum, Jules Polonetsky. The event will be hosted and moderated by Robert Atkinson of the Information Technology and Innovation Foundation and Tom Schatz of Citizens Against Government Waste.

Privacy Working Group Dinner Discussion
Transatlantic Harmonization:  The US, EU and Finding the Future in Privacy
Monday, January 25, 2010
6:00 pm – 9:00 pm

Meridian House
1630 Crescent Place, NW
Washington, DC 20009

Please RSVP to rsvp@project-privacy.org