Internet company Google [corporate website; JURIST news archive] announced Tuesday that it has reached a settlement [text, PDF] in a class action lawsuit regarding privacy breaches relating to its Google Buzz social networking program. The settlement is in response to a complaint [text, PDF] filed in July alleging that the Buzz application within Gmail exposed private user data, including contact lists, to other Gmail users. Under the settlement, Google will place $8.5 million dollars into a common fund to distribute to organizations that provide education regarding Internet privacy. Google sent out a notice [text, PDF] to all of its Gmail users notifying them of the terms of the settlement and stressing that the settlement does not provide for payment of damages to individual users. The notice advised users that they could opt-out of the settlement by December 6 to pursue further litigation or choose to be included and forfeit that right. The US District Court for the Northern District of California [official website] will hold a fairness hearing regarding the settlement on January 31, and users also have the option to contact the court with objections or ask to speak at the hearing. Class members include any Gmail users who were given the opportunity to use Buzz before November 2. Google stressed that the settlement did not mean that the company was admitting liability for the privacy breach and that the company has since resolved all privacy issues with the Buzz application.
Google has also recently come under investigation for privacy breaches relating to its Street View program. On Wednesday, the UK Information Commissioner's Office (ICO) [official website] announced that the company committed a "significant breach" [JURIST report] of the country's Data Protection Act [text] when Street View vehicles inadvertently collected personal information over WiFi networks including passwords, e-mails and URLs. Last week, the US Federal Trade Commission (FTC) [official website] announced that it had ended an inquiry [JURIST report] into the company's internal policies and procedures that led to the breach. Last month, Canadian Privacy Commissioner Jennifer Stoddart [official website] announced that the Street View breach violated [JURIST report] the country's Personal Information Protection and Electronic Documents Act [text, PDF]. In July, Australian authorities completed their investigation [JURIST report] into Google's collection and storage of private data, concluding that the company violated the Australia Privacy Act [government backgrounder]. In August, the South Korean National Police Agency (SKNPA) [official website, in Korean] raided the Google South Korean headquarters [JURIST report] after accusing Google of illegally acquiring user data. Spain also announced in August that it was launching an investigation [JURIST report] into potential violations of the country's privacy law.