Privacy fears ruin the Buzz about new Gmail service

Google's foray into social networking faces criticism for failing to protect e-mail users' private data, writes KARLIN LILLINGTON

BUZZ, GOOGLE’S hoped for Twitter killer, launched last week into some initial indifference (“Hmmm, it ain’t Twitter”).

But however disappointing that reception must have been, what followed – a full-blown media storm and privacy debacle – has really hurt.

Buzz is Google’s foray into social networking, an area that the search behemoth has not, to date, effectively penetrated.

Its Wave collaboration tool pulls disparate people together into dialogue, but isn’t the kind of blabby, too-much-information gabfest that is mainstream social networking à la Twitter or Facebook.

Google is obviously no fool and, despite its total world domination in several areas – search, online ads, free e-mail – and near-term potential to move into and co-opt many others (publishing, mobiles, operating systems), the company is acutely aware that its competition is shifting from older-world challengers like Microsoft to upstart sites and services that let us all yada-yada to our hearts’ content.

Hence Buzz, which was released to the 176 million users of Google’s popular free Gmail webmail service. The notion of not just integrating it with, but structuring the whole initial user experience on Gmail accounts had obvious attractions: a massive initial userbase for Buzz for a start.

Gmail users could accept an invitation to try Buzz, which highlighted the fact that people could get started right away without having to set anything up. The problem is that, to offer this ease of use, Buzz just piggybacked onto Gmail, using and exposing information as a default setting rather than allowing users to configure the service.

Into one’s initial followers went all the people the user e-mails most frequently, and this list was by default made public to anyone who viewed one’s Buzz profile and also to all the people who were automatically added to one’s Buzz contact list.

In turn, anyone who is a contact of one’s personal contacts could also view the user’s contacts, in a geometric privacy progression nightmare.

Buzz also allowed contacts to view a user’s Picasa photo albums and Google Reader shared items, if any.

Surely this had obvious and alarming implications. E-mail for most people is a more private and personal realm than their follow list on Twitter or their “friends” on Facebook. Yes, a person might have hundreds of followers on Twitter, and follow hundreds themselves, or have 500 Facebook friends, but these are opt-in, blockable connections.

We generally recognise these are our public interaction places.

E-mail on the other hand, is where we send private messages to all sorts, depending on who we are: friends, family, lovers, colleagues, clients, patients, human rights activists, journalistic sources.

Many of these relationships and connections are personal, private and deliberately – of necessity – hidden. In the case of human rights activists, real lives could be placed in danger by exposing contacts.

Many people use Gmail for business or both business and personal correspondence.

Business users could find themselves embarrassed or compromised by having their frequent email contacts revealed; while most of us would not wish to have our work and private worlds publicly merged and displayed.

Using e-mail to set up and expose contacts in this way is akin to having your mobile service provider set up a service that reveals all the people you phone most frequently, and allow others to in turn view all the people each of those contacts phones most frequently.

Or as an Associated Press writer put it: “On Facebook, that would be like having the people you e-mail with most often automatically become ‘friends’. But those people may instead be your boss or ex-lover and you wouldn’t necessarily want to share everything with them.”

I am sure it will not have made Google’s day to have the problem with its service explained through an analogy to arch rival Facebook.

Not that Facebook is the best choice, given that Facebook – also regularly hammered for a cavalier attitude towards user privacy – revamped its user settings a few weeks back and presented them as privacy improvements when actually, the default option revealed more personal detail than the original settings, and failed to highlight this to users.

Google, to its credit, was quick to respond to stinging criticisms of Buzz and is moving to a configurable version which has better privacy as the default. It has outlined these changes on its official Gmail blog, though bleatings that any Reader and Picasa information used was already publicly accessible misses the point entirely.

As anyone in the age of the internet realises, lots of information on and from anyone is publicly available – Google-able, if you will. That doesn’t mean I want it aggregated without my permission for all my contacts to view.

But the wider question of the lamentable privacy buzz over Buzz remains.

How in the world did Google so badly botch this launch? Google, a company whose every service is tightly interlaced with issues of user privacy, whose entire history has been played out in firefights and full-on battles – at national and international level – on privacy issues, and with internal legal experts whose jobs are to focus on, yes, privacy issues?

Can this really have happened, when ultra-smart Google is, for example, simultaneously engaged in discussing with European regulators the comparatively obscure issue of storing IP addresses of Google search users?

It simply beggars belief that no one inside the company considered Buzz’s privacy implications.

Either the company, or some within it, remain seriously out of tune with users and the internal system needs a vigorous overhaul, or Google is simply indifferent to users’ prospective concerns.

Neither option is encouraging, given Google’s enormous online presence and growing reach.

Blogs and podcasts: Techno-culture.com

Twitter: Twitter.com/klillington