Are States Taking The Lead to Enforce Digital Privacy Laws?

Recently, 37 states and the District of Columbia reached a $17 million dollar settlement with Google over its intentional circumvention of Internet users' privacy settings.  The case stemmed from "Google's bypassing of privacy settings in Apple's Safari browser to use cookies to track users and show them advertisements in 2011 and 2012."  This multi-state agreement followed Google's $22.5 million dollar settlement with the Federal Trade Commission over the same practice.  In total, Google has paid approximately $40 million dollars to federal/state regulators for intentionally harming the personal privacy rights of Internet users in this matter.

Google's ability to circumvent Apple's Safari browser setting was uncovered and publicized by the Wall Street Journal on February 17, 2012.  According to the Wall Street Journal's investigation, Google and several other advertising "companies used special computer code that trick[ed] Apple's Safari Web-browsing software" into letting them track the web-browsing habits of users who tried to protect their personal privacy.  After the Wall Street Journal contacted Google about its alleged illegal activities the company disabled the code.  However, why did the Wall Street Journal need to contact Google in order for it to stop violating the personal privacy rights of Internet users?

In 2011, the FTC "resolved charges that Google used deceptive tactics and violated its own privacy promises to consumers when it launched its social network, Google Buzz."  In 2012, Google paid a $7 million dollar fine to 38 states for privacy violations regarding its Street View project which collected "passwords, e-mail and other personal information from unsuspecting computer users."   Earlier this year, a lawsuit was allowed to proceed that, "alleges that Google illegally scanned emails for users of Internet service providers who used a self-branded version of Gmail, as well as for Google Apps for Education users".

While the focus of the state attorney generals and FTC investigations regarding this privacy matter have been on consumers why hasn't there been media attention on how Google's actions may have harmed students who utilized school provided Apple products?  In 2011, the New York Times discussed how thousands of students across the country were utilizing iPads because of special pilot programs and multi-million dollar government grants.  

Did Google intentionally disable the privacy settings on tax payer funded and/or government owned student iPads and other Apple products that use Safari browsers to track student interactions with teachers and/or other students for pecuniary gain?  How many students had their privacy rights violated by Google while utilizing school provided Apple products?  If a student surfing the web using Safari was logged into a Google account (i.e. Gmail, YouTube, Google +, Blogger, etc...) all of his school related web usage may have been tracked and monetized by Google.  Did Google's behavior violate the Family Educational Rights and Privacy Act (FERPA)?  Why hasn't the Department of Education  opened an investigation into this matter?

If Google intentionally disabled the privacy settings of Internet users who chose to utilize a competitor's product (i.e. web browser Safari instead of Google's Chrome) how can Google be trusted to respect and protect the personal privacy of those who utilize Google products?  While Google has claimed it does not show ads by default to student users of its Google Apps For Education services, how can parents, guardians, teachers, and school administrators be sure that Google isn't still collecting, combining, and monetizing student data behind the scenes since it has been fined millions of dollars multiple times for violating the privacy rights of users in the past?

Sweden appears to have lost faith in Google's privacy promises and is requiring a municipality in Stockholm to rework its Google Apps For Education Agreement to better protect student data or its schools will be required to stop using Google's services.  Should Sweden's students have more privacy protections than those in the United States?

In Google's settlement agreement with 37 state attorney generals it lists in Appendix A the state consumer protection statutes/computer abuse statutes that Google allegedly violated.  Since some of these statutes may be utilized in conjunction with the federal U.S. Computer Fraud and Abuse Act (CFAA) when digital wrongdoing is alleged why hasn't the Department of Justice (DOJ) opened an investigation into this matter?  Shouldn't the DOJ at least investigate these issues with the same vigor that resulted in Google forfeiting $500 million dollars due to its actions that enabled its users to unlawfully import controlled and non-controlled prescription drugs into the United States that may have violated the Federal Food, Drug and Cosmetic Act and the Controlled Substances Act?

State attorney generals are utilizing their powers to hold Internet companies accountable for online violations of state law.  While the FTC is increasing its Internet enforcement activities, it is imperative for all interested parties to work in conjunction to ensure that those companies that break state and/or federal digital privacy laws are held accountable for their actions.

 

Copyright 2013 by the Law Office of Bradley S. Shear, LLC All rights reserved.