What Is True/Slant?
275+ knowledgeable contributors.
Reporting and insight on news of the moment.
Follow them and join the news conversation.
 

Feb. 10 2010 - 10:39 pm | 5,444 views | 2 recommendations | 10 comments

The huge privacy flaw in Google Buzz (and how to fix it)

Image representing Google as depicted in Crunc...

Google Buzz privacy bust

Google has decided that it wants to join the social network revolution — with Google Buzz. Google kicked me out of Gmail today, and to sign back in, I had to upload Buzz. The buzz so far about Google’s attempt to usurp power from Facebook and Twitter has been good.

Honestly, the idea of signing up for yet another social network makes me want to throw my computer out the window, curl up in a little ball, and cry… without including any of that in a status update anywhere. But it’s Google, so I know it’s the next big thing. I don’t want to be left behind.

Except that Nicholas Carlson has discovered a huge privacy flaw. The default list when you sign up is basically all those you communicate with most frequently. From Business Insider via Stephen Kline:

When you first go into Google Buzz, it automatically sets you up with followers and people to follow. A Google spokesperson tells us these people are chosen based on whom the users emails and chats with most using Gmail.

That’s fine.

The problem is that — by default — the people you follow and the people that follow you are made public to anyone who looks at your profile.

In other words, before you change any settings in Google Buzz, someone could go into your profile and see who are the people you email and chat with most.

via WARNING: Google Buzz Has A Huge Privacy Flaw.

Carlson points out that wives may discover their husbands’ mistresses and bosses may see that their employees are emailing competitors. I looked through my list, and it’s everyone on Gmail whom I have emailed frequently over the last few months: employers, friends, my anonymous sources for news, boyfriends — current and former, family members, among others.

I don’t want the world to see that list…

Carlson recommends simply going into your profile and unfollowing anyone that would embarrass you, out you, or get you fired.

But I don’t want to unfollow people. I want to make the list private. I’m happy to tell you there is a way to do that, but Google has not made it very intuitive.

If you go to the Google Buzz privacy page, it tells you:

When you first enter Google Buzz, to make the startup experience easier, we may automatically select people for you to follow based on the people you email and chat with most. Similarly, we may also suggest to others that they automatically follow you. You can review and edit the list of people you follow and block people from following you.

Your name, photo, and the list of people you follow and people following you will be displayed on your Google profile, which is publicly searchable on the Web. You may opt out of displaying the list of people following you and who you’re following on your profile.

via Google Buzz – Privacy Policy.

That seems like a natural spot to have a link to the page where you opt out. But no.

After some frantic searching, I found the spot. You have to go to your Google profiles page, and uncheck this little box:

google edit my profile

I flipped out for about a half hour before I found this. My friend, Sophia, who first mentioned to me that you could see everyone’s followers, got to listen to me rant and rave about lawyers being fired for being my tipsters at Above the Law when their law firm PR people took a look at my list.

Once I found out how to make the list private, I became a lot calmer.

Another thing that made me feel better: as of 10 p.m. on Wednesday night, I am more popular than Ashton Kutcher:

ashton kutcher on buzz VS.

kash hill on buzz

Yes! Ten more followers than AplusK– w00t.

This privacy thing won’t be as much of an issue once everyone is on Buzz, and our followers/following lists became as impersonal as our Facebook friend lists. But initially, the Buzz friends list is an intimate look into our lives and the people we’re closest to. And it’s really uncool that Google forced us into it with so little warning.

Google seemed to dive into social networking rapidly (perhaps taking advantage of the fact that we’re all trapped indoors thanks to the snow?). It’s obviously Google’s response to Facebook. The companies are at war for control of the Internetz, and it looks like our privacy is collateral damage.


Comments

Active Conversation
3 T/S Member Comments Called Out, 10 Total Comments
Post your comment »
 
  1. collapse expand

    Hell I’ve got 3 followers and buzz hasn’t even been activated for my account yet. Apparently anyone who I’ve sent email to ever who signs up for buzz automatically follows my google reader feed. I don’t know that I have a profile, but don’t really care who finds out about it.

  2. collapse expand

    It looks like Google has fixed this problem already, or at least closed the method of fixing it, that second checkbox is no longer an option under the profile settings.

    Here is a screenshot of the way it looks now. http://bit.ly/9U0a58

  3. collapse expand

    Thanks. That actually was informational. I couldn’t find that setting either (though I just left it on anyway).

    By the way, if you want to turn Buzz off (like you can with chat), the setting is on the bottom of your mail screen in the small print.

  4. collapse expand

    Another thanks for this Kashmir. It looks like gmail using patients and therapists who don’t pay special attention just might be inadvertently violating confidentiality concerns if either one decides to buzz.

  5. collapse expand

    Just a note: I went to my gmail page for the first time in ages and the page has a huge announcement of the good news, a big blue button to set up my buzz and a tasteful, discrete link to “Nah, go to my inbox,” so it looks like they aren’t making you set up Buzz, they’re just tugging you that way by the mouse.

Log in for notification options
Comments RSS

Post Your Comment

You must be logged in to post a comment

Log in with your True/Slant account.

Previously logged in with Facebook?

Create an account to join True/Slant now.

Facebook users:
Create T/S account with Facebook
 

My T/S Activity Feed

 
     

    About Me

    I am a writer, reporter, editor and blogger. I'm an editor at Above The Law, where I blog about lawyers, judges, law firms and the legal industry. Here at True/Slant, I write about our changing notions of privacy.

    If you have story ideas or tips, e-mail me at kashhill@trueslant.com. I've hung out in quite a few newsrooms over the last few years. Currently, I can be found in Breaking Media's Nolita office. In the past, I've been found in midtown Manhattan at The Week Magazine, in Hong Kong at the International Herald Tribune, and in D.C. at the National Press Foundation and the Washington Examiner.

    I have few illusions about privacy -- feel free to follow me on Twitter: kashhill. Or friend me on Facebook... though I might put you on limited profile.

    See my profile »
    Followers: 401
    Contributor Since: March 2009
    Location:New York, NY

    What I'm Up To

    • Staying Above The Law

      judge

      Over at Above The Law, I write about lawyers, law firms, judges and the legal industry.

      We especially like “colorful news.” (Yes, that’s a euphemism for gossip.)

      Check out the site here and my stuff here.

      logo

       
    • Writing with real ink

      While most of my writing occurs online at Above The Law and True/Slant, I do occasionally venture into the world of print.  These are some of the magazines and newspapers that I’ve written for:

      The Washington Post

      Washingtonian Magazine

      Time Out New York

      The Orange County Register

      The Washington Examiner

       
    • Recent projects

      washingtonian issue for tsThe latest (and longest) “real ink” project: the cover story for Washingtonian Magazine’s December issue.

      While I’m usually a writer and reporter, I’m sometimes asked to play pundit. In November, the New York Times asked me to write a mini op-ed for its Room for Debate blog. In December, BBC radio asked me to talk about Mark Zuckerberg and Facebook privacy settings for its Newshour (19:00 minute mark), based on this True/Slant post.

       
    .<
    • +O
    • +O
    • +O
    >.