In the 2008 comedy “Yes Man”, Jim Carrey's character gets into all the trouble for saying ‘yes' to everything anyone asks him without fearing the consequences. But is that not what we always do online while signing up for services? Recently the Federal Trade Commission in the U.S. put Google, the ubiquitous “go to” online, on a 20-year privacy audit. It was an important judgment that deserved more than just an ephemeral glance, writes Karthik Subramanian

Do No Evil.

Anyone who has been to any of Google's premises and listened to one of their corporate spokespersons will be hard-pressed not to smirk at the utter seriousness of the company's work philosophy. Google has always been serious about doing no evil. Which is why the Federal Trade Commission's settlement on March 30 with Google over charges of violating its users' privacy during the roll-out of their social networking service Buzz deserves a closer look. The FTC, an independent body constituted by the U.S. government for consumer protection as laid out by its Federal Trade Commissions Act, has put Google on a 20-year privacy audit watch.

The company has said it would cooperate to an extent where it would maintain and establish a comprehensive privacy policy, one that would be open for independent audits.

The FTC crackdown was after complaints of violation of Google users' privacy in February 2010 when Buzz was rolled out. The users' privacy controls were set to “public” by default, revealing to the world things they wanted to keep private. Now Google has agreed to express “affirmative consent” before sharing users' content with the rest of the world. “Affirmative Consent”, unlike the Yes Man's consent, is a “yes” after having explained all the consequences of action.

Consumer privacy

In a press release on its official website,, the consumer protection agency has noted: The proposed settlement bars the company from future privacy misrepresentations, requires it to implement a comprehensive privacy programme, and calls for regular, independent privacy audits for the next 20 years. This is the first time an FTC settlement order has required a company to implement a comprehensive privacy programme to protect the privacy of consumers' information.

In its official response to the FTC settlement dated March 30 on its blog,, Google noted: The launch of Google Buzz fell short of our usual standards for transparency and user control — letting our users and Google down. While we worked quickly to make improvements, regulators — including the U.S. Federal Trade Commission — unsurprisingly wanted more detail about what went wrong and how we could prevent it from happening again. Today, we've reached an agreement with the FTC to address their concerns. We'll receive an independent review of our privacy procedures once every two years, and we'll ask users to give us affirmative consent before we change how we share their personal information.

The buzz (forgive the pun) now is whether similar audits will come into play with Facebook, which has been under a lot of fire in recent times over privacy controls.

While most of the privacy settlements are happening in the U.S. and the European Union, it is needless to point out here that these decisions would impact online users in India too.

But without having to wait for such settlements, the prudent thing to do would be to be aware of privacy controls we enjoy in each of the social networks we use.

Do you agree? Is that a yes?