FREE REPORT 7 Top A.I. Stocks for 2024

Google’s Weird Week of Privacy and Security Headaches

Even though there has been no harm done to users, publicity about privacy and security issues generated unwanted attention

By Brandy Betz Feb 4, 2012, 7:00 am EDT

Advertisement

Google (NASDAQ:GOOG) has endured a hectic several days of negative press pegged in part to concerns about the safety of an Android smartphone app and ongoing clamor over the company’s newly announced privacy policy.

Complaints about the privacy policy, which Google announced last week and is scheduled to go into effect on March 1, seem to have a bit more staying power than snafus over the Android app–a piece of software, called Android.Counterclank, that turned out to be little more than an aggressive advertising network.

The new privacy policy, which is designed to unify the company’s privacy protocols across the 60 Google services that are available for free to the public, defines how Google would use the personal data it collects as people use the services. Google’s general aim is to use the data to target advertising to users, but a principal source of conflict has been over the fact that users can’t opt out of the policy unless they stop using all Google services.

The company responded to Congress after lawmakers expressed concerns that the new policy lacks an opt-out method. And data protection authorities in the European Union on Friday asked Google to delay the launch of the policy until they’ve confirmed it doesn’t break the EU’s data protection rules. Competitor Microsoft (NASDAQ:MSFT), meanwhile, is using the privacy policy controversy to frame its new ad campaign.

Exploiting the privacy issue

Google’s response to Congress was weak in that it merely explained the rather complicated workarounds service users can employ to prevent the data sharing. Google had firmer ground to stand on when rebuking Microsoft. Corporate communications VP Frank Shaw had bragged in an official Microsoft blog that his company allowed users to choose how data is collected and used. He noted that Microsoft’s products, including the free email service Hotmail and the cloud-based Office 365, wouldn’t utilize user emails or documents to generate targeted ads.

Google quickly responded that Microsoft’s own privacy policy contains the line “information collected through one Microsoft service may be combined with information obtained through other Microsoft services.”

A rough stretch for Symantec, too

The Android fracas stemmed from an analysis by security specialist Symantec (NASDAQ:SYMC), which early in the week claimed that certain Android applications contained a data-stealing Trojan program, but then backed off that claim by week’s end.

The fact that these stories were able to gain traction hints at growing consumer and investor awareness of privacy and security issues, and the perils that await companies that don’t deal with them carefully.

Google has received flack in the past for failing to monitor the safety offerings in its online app store, Android Market, although the Counterclank misdiagnosis weighed more heavily on Symantec. The larger point is, in the modern news cycle the appearance of a security issue (real or perceived) can create a public relations problem for the affected company.

The SEC recommended last fall that companies suffering security breaches should publicly admit to the issue as an aid to the security industry; since that recommendation, half a dozen companies have swept their breaches under the table. Symantec itself hid one such problem entirely after hackers gained access to the source code of several of its products in 2006. A public acknowledgement of what happened occurred only this past month after the hackers offered proof of their exploits.

Symantec-owned authentication service VeriSign made the news this week for a rash of hackings that occurred in 2010. VeriSign maintains the domain name system (DNS), an online database for routing Internet traffic, and only whispered a hacking disclosure in late 2011. Executives said the DNS was likely not breached but there wasn’t a way to know for sure. Other network security companies have been targeted, and one attack granted hackers access to 300,000 users of Gmail, Google’s free email service.

Never-ending vigilance

Internet users with malicious intent aren’t known for having a give-up attitude, but neither are security and privacy specialists. Google, Microsoft and Facebook, for example, have joined a dozen other companies in creating technical standards to help prevent phishing, a common email scam technique where the scammer pretends to be a trusted source in hope of getting personal, financially valuable information from the recipient.

And while there have long been email security measures in place, there has been a lack of unifying standards between domain owners and email services. The Domain-based Message Authentication, Reporting & Conformance (DMARC) standards aim to create a unified feedback loop that recognizes legitimate senders while weeding out impersonators.

There will, of course, always be security wins and losses for companies. The challenges faced by Google over the past several days are a reminder that the important thing is to stay ahead of the PR cycle.

Article printed from InvestorPlace Media, https://investorplace.com/2012/02/googles-weird-run-of-privacy-security-and-related-pr-headaches-goog-symc-msft/.

©2024 InvestorPlace Media, LLC