Yesterday we reported that the FTC’s decision to close its investigation into the Google WiSpy affair came less than a week after President Obama attended a $30,000-plate fundraiser at the California home of senior Google executive Marissa Mayer. It also came four days after Google, after months of denials, admitted for the first time that its “Street View” video cameras were intercepting emails, passwords and website addresses sent by unsuspecting Internet users.
Now we’ve learned that on September 28, 2009, Becky Burr, a Google lobbyist at Wilmer Hale, emailed White House officials Susan Crawford and Andrew McLaughlin asking for a meeting to request the White House’s assistance in urging the Federal Trade Commission to back off on privacy. Her email reads in part:
Wondering if we can get together to discuss the movement away from a ‘notice and choice’ privacy paradigm to a more prescriptive normative approach? This is an emerging theme in the academy, and seems to be gathering favor at the FTC. The move has some worrisome implications for innovation, and it seems important for the FTC to have administration input on this… Let me know if this is something of interest.
Ms. Crawford replied the same day and suggested that White House Deputy Chief Technology Officer Andrew McLaughlin – himself a former Google employee who was sanctioned earlier this year for emailing privately through his Gmail account with his former Google colleagues about policy issues that benefited his former employer – should also be a part of that meeting. As documents unearthed by Consumer Watchdog indicate, Mr. McLaughlin agreed to meet with Ms. Crawford and Ms. Burr, suggesting Friday, October 2nd.
The outcome of that meeting is not clear, and while the email exchange occurred before the WiSpy scandal broke, what it clearly demonstrates is Google’s willingness to use its close relationship with senior White House officials to pressure regulatory agencies to back off privacy policies it did not like.
Any objective investigation of the FTC’s decision in closing its investigation in the WiSpy affair must look into this meeting and any other subsequent actions of any Administration officials, especially former Google employee McLaughlin, in pressuring the FTC to give Google a free pass on privacy.
Obama & Google: Was the “fix” in?
The FTC’s actions are highly suspect given that the blatant violations of consumer privacy were going on in 2009 – even as FTC Chairman Jonathan Liebowitz was publicly denying that Google was engaging in anti-consumer practices. Appearing on C-SPAN on May 9, 2009, Liebowitz was asked about the threat Google’s operations could pose to America’s Internet users:
C-SPAN: So you don’t see Google as abusing its power right now?
Liebowitz: I certainly don’t see Google as abusing its power right now, no. And also it’s brought many benefits to consumers.
Such a statement unfortunately badly undercut Chairman Liebowitz’s own credibility.
When the “WiSpy” abuses came to light, he should have publicly committed to a thorough investigation that was completely above reproach.
Governments around the world are now ramping up their Google “WiSpy” investigations, as are nearly 40 U.S. state attorneys general led Connecticut’s Richard Blumenthal. On Thursday, Blumenthal issued a blistering indictment of Google and its constantly changing explanations on what personal data it collected through Street View.
Obama’s FTC & privacy: A clear pattern of action. So why the silence on Google?
The FTC’s decision this week is also striking given the Commission’s repeated eagerness to pursue cases against companies for similar practices, often less far-reaching than “WiSpy.” For example, during the Obama Administration’s tenure, the FTC has brought the following privacy-related actions:
In 2010, the FTC charged Twitter, Inc. with putting its customers’ privacy at risk by failing adequately to safeguard their personal information. According to the FTC, Twitter’s lapses in data security allowed hackers to obtain unauthorized administrative control.
In 2009, the FTC brought charges against Sears Holding Management Corporation for failing to disclose the full scope of personal information Sears was collecting, including that Sears’ software tracked “the text of secure pages . . . and select header fields that could show the sender, recipient, subject, and size of web-based email messages” and that Sears “transmit[ted] nearly all of the monitored information . . . to [its] remote computer servers.”
In 2009, the FTC charged CVS Caremark Corporation for failing to maintain reasonable and appropriate measures to secure the information it had collected. The FTC pointed to the company’s failure to train employees with respect to data security and the absence of measures to assess compliance.
What’s abundantly clear is that a thorough investigation – including any role White House officials may have played in pressuring the FTC to back off on privacy at Google’s urging – is now warranted.