Protect Your Privacy: What the FTC Must Require From Google | Center for Digital Democracy

	Home » Current Projects » Digital Marketing, Privacy & the Public Interest » Google/Doubleclick Merger
Current Projects Web 2.0 in the Public Interest Digital Marketing, Privacy & the Public Interest AdWatch Archive Articles on Advertising & Privacy CDD Analysis Google/Doubleclick Merger Google Loves Our Data! Let Us Count the Ways… Google Ranked at Bottom in Privacy Report Google's DoubleClick Takeover: Double Data-Dealing Protect Your Privacy: What the FTC Must Require From Google Search and Data Seizure: Google/Doubleclick Merger et al Search and Data Seizure: Google/Doubleclick Merger et al (extended version) Statistics Understanding Digital Marketing Network Neutrality Promoting Public Health in the Digital Era The Latest in Digital Democracy Changing Digital Media Behaviors April 2008 - CDD and USPIRG Tell FTC to Protect the Digital Privacy of All U.S. Consumers April 2008 - Children's Advocacy Groups Behavioral Advertising Comments The Facebook Economy: Deficits in Data Privacy Jan. 2008-CDD 12/10/07 Letter to FTC on Google/DoubleClick Merger and Competition Activist Library Check out CDD's Activist Library, which includes: Digital Destiny Jeff Chester's new book Also CDD's Blog Log is full of must-reads from the blogosphere. Digital Destiny Google & Yahoo!’s mobile businesses will require antitrust scrutiny in any deal Eyebaster Tells the SEC about its business “to track Internet users and their online behavior” for profiling Opposition to Google/Yahoo! (or other mergers) Should be Based on Principle: Digital Pawns in Play? See if you believe this Behavioral Targeter is really accessing “anonymous” info on you and your friends! Groups Calls on FTC to Develop Consumer Safeguards for Mobile Web Commerce more Navigation Recent posts News aggregator User login Username: * Password: * Request new password	Protect Your Privacy: What the FTC Must Require From Google Submitted by admin on Tue, 07/10/2007 - 04:10. Protect Your Privacy: What the FTC Must Require From Google 1. Order Google to provide meaningful notification when personal data from two distinct Google services are combined to produce a result that is linked an identifiable user. 2. Order Google to give a user the right to obtain knowledge, in a reasonable and timely manner, of whether or not the data relating to the user is processed and if it is processed, information to the purpose of the processing. 3. Order Google to provide, in a reasonable and timely manner, the logic involved in any automatic processing of data concerning that user. 4. Order Google not to retain user data in a form that permits the identification of data subjects for longer than necessary for the purposes for which the data were collected. 5. Order Google to institute an “opt-in” approach to collecting user information. If Google allows a user to “opt-in” before collecting personal data in order to personalize the search experience, Google should implement the same system with regards to a user’s privacy options. 6. Order Google to allow individuals reasonable access to their personal information, along with the ability to edit and delete that information. 7. Order Google to stipulate to never engage in behavioral tracking. 8. Further order Google not to sell personally identifiable information. 9. Order Google to implement a functional and secure system of anonymizing stored user data. Anonymized data remains traceable to the individual user, as demonstrated when America Online inadvertently leaked the search records of 658,000 Americans.124 Google must implement a technique that truly anonymizes this data, either by erasing more the last octet of the IP address, erasing the IP address completely, assigning randomized numbers to the data, or developing an alternative technique that will render tracing the data back to the individual source impossible. 10. Order Google to cease storage of IP addresses. The search engine functionality would not be impaired if a search engine did not store any user information at all. 11. Condition the merger on Google and DoubleClick maintaining separate databases of user information. 12. Order Google to craft, disclose, and implement a security plan that will maintain, protect, or enhance the privacy, confidentiality, or security of all personally identifiable information. 13. Order Google to implement remedies and a system of accountability in the event of a breach, and to disclose to the public the extent to which it cannot or will not protect the privacy, confidentiality, and security of all personally identifiable information. *For full text of the requests for relief as stated above, please see our amended complaint to the FTC. ‹ Google's DoubleClick Takeover: Double Data-Dealing up Search and Data Seizure: Google/Doubleclick Merger et al › Printer-friendly version Login to post comments	AdWatch Subscribe and uncover new threats to your privacy online Models for Change Find out more about the organizations and models that are making it a priority to shape our digital future. Discussions from the Digital Frontier Find out what some of today's top nonprofit leaders and social thinkers are saying about the future of digital communications. News Around the Net Surfing With a Swipe of Your Hand Older DVR Owners Are More Likely to Skip All Ads WiMax Could Bring Dramatic Changes, Wherever You Are Microsoft May Do Harm by Backing Privacy Regulation What TV Metrics the Buyers Want Cablevision to Spend $300M on Free Wi-Fi Battery Ventures Buys 3M Unit SlideShare, backed by Mark Cuban, Get $3M Will Google and Cable Firms Rejuvenate WiMAX? TechSpin: Old Media Still Struggles With Web more