The Electronic Privacy Information Center (EPIC) has this unfortunate habit of making absolutely insane arguments that really destroy its credibility elsewhere. At times it does good work in responding to egregious violations of privacy, but at times it just makes itself look like a total kook organization -- such as when it sued the FTC for not investigating Google over EPIC's ridiculously bizarre claims of privacy violations just because Google changed its privacy policy. EPIC is never one to let go, and its latest self-defeating strategy is to demand the FTC investigate Google and Yahoo... for letting the NSA hack their data centers.
As was widely discussed last month, the NSA had found a backdoor way to effectively hack into the networks that connect Google and Yahoo's data centers, allowing the NSA to pull down all sorts of data, without either company knowing about it. It seems quite reasonable to go after the NSA and the US government about this, but in the twisted mind of EPIC, this is a violation of Google's privacy policy. I'm not joking. EPIC, along with a number of other privacy groups (some of whom focus nearly their entire efforts on trying to make Google less useful) have sent a ridiculous letter to the FTC. It points out that the FTC has previously ordered these companies to "adopt comprehensive privacy programs," and then argues that those privacy programs have been violated because of the NSA hacks.
These companies have represented that user data is only disclosed to law enforcement subject to a lawful process. But there is every reason now to believe that millions of consumer records were unlawfully obtained by the National Security Agency. Of course, once the records are in possession of these firms there is nothing that users can do to limit the subsequent improper release or avoid the misuse. And there is clearly no benefit to users in the improper and unlawful disclosure of their personal information.
[....] Finally, the Commission should pursue this investigation because it routinely holds itself out as the defender of consumer privacy in the United States. It is inconceivable that when faced with the most significant breach of consumer data in U.S. history, the Commission could ignore the consequences for consumer privacy.
Talk about taking a blame the victim approach. EPIC, CDD, Consumer Watchdog, Privacy Rights Clearinghouse, Consumer Federation of America, Public Citizen (?!?) and the Privacy Times, who all signed onto this letter look ridiculous. They're saying that the FTC needs to investigate Google and Yahoo for violations of their privacy policies, because the NSA hacked into their data centers. Go after the NSA and the rest of the US government for doing that. But blaming the companies who didn't even know about this isn't just ridiculous, it's counterproductive.
These groups are so focused on trying to do anything to attack Google that they're making the situation worse. Based on this kind of ridiculous attack, pretty much any company is now better off making their privacy policies worse. The crux of EPIC's stupid argument is that this violates their privacy policies. You know the best way to avoid that? Change your privacy policy so that revealing as much information as possible isn't a violation. Furthermore, blaming the hacking victims for the hack takes the attention away from where it belongs: on the NSA and the administration for doing this in the first place.
Given that the FTC and the NSA are both a part of the administration, it's not impossible to imagine a scenario where the only ones actually punished for hacking into these data centers are Google and Yahoo, while the NSA gets away with the whole thing. Is that really what these organizations want? EPIC, CDD and Consumer Watchdog in particular like to set themselves up as "defending consumers." But they're doing the opposite here. They're inevitably making life worse for consumers. Hopefully, as it has in the past, the FTC sees through these ridiculous arguments.
Permalink | Comments | Email This Story
