The Buzz on Google Buzz: ‘Huge Privacy Flaw’

Google Buzz (Image from zdnet.com.)

Nicholas Carlson at Silicon Alley Insider writes about the issue I was just discussing on Twitter: what he calls the “huge privacy flaw” in Google Buzz.  Luckily, he’s explained it so I don’t have to.  He writes:

When you first go into Google Buzz, it automatically sets you up with followers and people to follow.

A Google spokesperson tells us these people are chosen based on whom the users emails and chats with most using Gmail.

That’s fine.

The problem is that — by default — the people you follow and the people that follow you are made public to anyone who looks at your profile.

In other words, before you change any settings in Google Buzz, someone could go into your profile and see the people you email and chat with most.

Yikes.

If you don’t get why, Carlson explains:

The whole point is: Google should just ask users: “Do you want to follow these people we’ve suggested you follow based on the fact that you email and chat with them? Warning: This will expose to the public who you email and chat with most.”  Google should not let users proceed to using Buzz until they click, “Yes, publish these lists.”

In my profession — where anonymous sourcing is a crucial tool — the implications of this flaw are terrifying.

Hopefully, he’s right and Google will quickly fix this design flaw.

Otherwise, expect to see some state attorney general’s office quickly open an investigation and fire off a letter to Google asking them to explain this decision.  The U.S. Code section cited, I’d suspect, will be this.

Popularity: 7% [?]