WSJ: Facebook and Google Are Risking an Invasion of Privacy From Regulators

http://online.wsj.com/article/SB10001424052970204792404577229613295011198.html

FEBRUARY 17, 2012

Facebook and Google Are Risking an Invasion of Privacy From Regulators

Internet giants may be cruising for a privacy bruising.

The disclosure that Google has been exploiting a loophole in the Safari Web browser--allowing it to track Mac and iPhone users' browsing activity--is more evidence that the online ad industry is falling short when it comes to policing itself on privacy.

That risks more than users' trust. It raises the chance that a regulatory hammer one day comes down on their multibillion-dollar profit party.

That could be somewhat similar to what happened to banks. Light-touch regulation led them to get carried away, and they now face much tighter controls. Such an outcome also could threaten the likes of Google and Facebook if they push the limits on privacy too far.

Just last month, the search giant said it plans to combine nearly all the information it has on its users across its properties like Google search, Gmail and YouTube. That will make it harder for users to remain anonymous and easier for Google to target ads at them.

Facebook recently agreed to a pact with the Federal Trade Commission over changes the social network had made so that users' profile information was public by default. It has since given users more control over what is displayed.

For an idea of what might befall the Internet industry if it isn't careful, look at privacy regulations being proposed in Europe. The European Commission wants to prevent companies from sharing users' information unless users explicitly allow them to. Such a rule could hamstring the online ad industry if it were rolled out in the U.S. Today, users typically have to "opt out" of being tracked via online "cookies" rather than "opt in."

Already there have been calls for more regulation in the U.S. The FTC has called for a "do not track" system to protect users' browser activity from outside snooping. The Obama administration wants a "Privacy Bill of Rights." Lawmakers introduced more than a dozen privacy bills in Congress last year.

More self-discipline would be a good start. Issues that arise are often from Web developers being cavalier on privacy concerns when building their websites or apps. Recently, a mobile app developer was found to be accessing the address-book information of iPhone users. Apple responded this past week, saying it will require that apps seek user permission before accessing such data.

At least one app on Facebook has in the past collected not just the information of users that give them permission, but the information of "friends" that haven't. This helps those apps build an audience, but it can cost Facebook the trust of users.

With few rules, the Internet still operates somewhat like the Wild West when it comes to privacy. And many companies continue to treat the issue as peripheral. If few are closing their Gmail accounts, or taking down their Facebook profiles, then protests about privacy from a minority of users can be safely overlooked.

If Internet companies don't get it together to police themselves, the risk is that a Wyatt Earp shows up to lay down the law in a heavy-handed fashion.

--Rolfe Winkler

Write to Rolfe Winkler at rolfe.winkler@wsj.com