Consumer Cases
Privacy? Proposed Google/DoubleClick Merger
On April 20, 2007, EPIC, CDD, and US PIRG filed a complaint (pdf) with the Federal Trade Commission, requesting that the Commission open an investigation into the proposed acquisition, specifically with regard to the ability of Google to record, analyze, track, and profile the activities of Internet users with data that is both personally identifiable and data that is not personally identifiable. EPIC further urged the FTC to require Google to publicly present a plan to comply with well-established government and industry privacy standards such as the OECD Privacy Guidelines. Pending the resolution of these and other issues, EPIC encouraged the FTC to halt the acquisition. The three groups filed a supplement (pdf) to the complaint with the Commission in June.
On September 17, 2007, at the National Press Club, EPIC, the Center for Digital Democracy, and US PIRG announced a second supplement (pdf) to the groups’ original complaint (pdf) and subsequent supplement (pdf) with the FTC concerning the proposed Google-DoubleClick merger. The amended complaint detailed new facts supporting the conclusion that the FTC should block Google’s proposed acquisition of DoubleClick.
The FTC has made a “second request” in its review of Google’s merger with DoubleClick (the world’s largest Internet advertising technology firm). According to FTC Chair Majoras’s statement (pdf) on the merger review process, “the majority of investigations in which the FTC issued a second request resulted in a merger challenge, consent order, or modification to the transaction, suggesting that the FTC generally issues second requests only when there is a strong possibility that some aspect of the investigation would violate the antitrust laws.”
At a hearing on “An Examination of the Google-DoubleClick Merger and the Online Advertising Industry: What Are the Risks for Competition and Privacy?” on September 27, 2007, Sen. Herb Kohl said (pdf), “Some commentators believe that antitrust policymakers should not be concerned with these fundamental issues of privacy, and merely be content to limit their review to traditional questions of effects on advertising rates. We disagree. The antitrust laws were written more than a century ago out of a concern with the effects of undue concentrations of economic power for our society as a whole, and not just merely their effects on consumers’ pocketbooks. No one concerned with antitrust policy should stand idly by if industry consolidation jeopardizes the vital privacy interests of our ciitzens so essential to our democracy.”
On December 21, 2007, the FTC approved the proposed merger without conditions in a 4-1 opinion (pdf). EPIC responded (pdf), saying that the unique circumstances of the online advertising industry required the FTC to impose privacy safeguards as a condition of the Google- Doubleclick merger. EPIC said that the FTC “had reason to act and authority to act, and failed to do so.”
At a hearing before the European Parliament on January 21, 2008, EPIC President Marc Rotenberg testified (pdf) that the European Commission must establish privacy safeguards because the US Federal Trade Commission failed to do so (pdf) during the US merger review. Mr. Rotenberg also said that Google was beginning to reveal the characteristics of an “information monopolist” and that it was important for governments to act to preserve the rights of citizens and to safeguard competition and innovation in the information economy. .
EPIC’s Complaint
On April 20, 2007, EPIC, CDD, and US PIRG filed a complaint (pdf) with the Federal Trade Commission (FTC), urging the Commission to open an investigation into the proposed acquisition of DoubleClick by Google. The groups urged the FTC to assesses the ability of Google to record, analyze, track, and profile the activities of Internet users with data that is both personally identifiable and data that is not personally identifiable. The groups stressed that the increased collection of personal information of Internet users by Internet advertisers poses far-reaching privacy concerns that the FTC should address. The groups further noted that Google fails to follow previously agreed upon standards for online advertising conduct, and urged the FTC to to require Google to publicly present a plan to comply with these standards. Pending the resolution of these and other issues, EPIC encouraged the FTC to halt the acquisition.
EPIC’s June 2007 Supplement to the Original Complaint
On June 6, 2007, EPIC, CDD, and US PIRG filed a supplement (pdf) to the groups’ original complaint (pdf) with the Federal Trade Commission (FTC) concerning the Google/DoubleClick merger. The new complaint explains the need for the FTC to consider consumer privacy interests in the context of a merger review involving the Internet’s largest search profiling company and the Internet’s largest targeted advertising company. The complaint provides additional evidence about Google and DoubleClick’s business practices that fail to comply with generally accepted privacy safeguards, and proposes further steps that the Commission should take if the merger is to be approved.
EPIC’s September 2007 Supplement to the Original Complaint
On September 17, 2007, at the National Press Club, EPIC, the Center for Digital Democracy, and US PIRG announced a second supplement (pdf) to the groups’ original complaint (pdf) and subsequent supplement (pdf) with the FTC concerning the proposed Google-DoubleClick merger. The amended complaint detailed new facts supporting the position that “Google and DoubleClick have engaged in unfair and deceptive trade practices in violation of Section 5 of the Federal Trade Commission Act [. . . and] Google and DoubleClick have failed to establish adequate privacy safeguards to protect the interests of Internet users.” The groups said, “[P]ending the establishment in fact of such protection, the Commission should block the proposed merger.”
FTC Authority to Act
The FTC’s primary enforcement authority with regards to privacy is derived from 15 U.S.C. § 45, commonly known as section 5 of the Federal Trade Commission Act (FTCA). Section 5 of the FTCA allows the FTC to investigate “unfair methods of competition in or affecting commerce, and unfair or deceptive acts or practices in or affecting commerce.” Although this law does not grant the FTC specific authority to protect privacy, over the last number of years it has been used to bring public attention to significant privacy issues and to provide a legal basis so as to reform business activities that threaten consumer privacy.
Antitrust Experts on Privacy Review by FTC
- “Some commentators believe that antitrust policymakers should not be concerned with these fundamental issues of privacy, and merely be content to limit their review to traditional questions of effects on advertising rates. We disagree. The antitrust laws were written more than a century ago out of a concern with the effects of undue concentrations of economic power for our society as a whole, and not just merely their effects on consumers’ pocketbooks. No one concerned with antitrust policy should stand idly by if industry consolidation jeopardizes the vital privacy interests of our ciitzens so essential to our democracy.” Sen. Herb Kohl (PDF) at a hearing on “An Examination of the Google-DoubleClick Merger and the Online Advertising Industry: What Are the Risks for Competition and Privacy?,” September 27, 2007.
- “Albert A. Foer, president of the American Antitrust Institute, said the government has historically avoided taking non-competition issues into account when reviewing mergers. Still, he noted that the FTC is a consumer protection agency and may ‘very well’ be interested in hearing privacy concerns.”Albert A. Foer, president of the American Antitrust Institute. Alexei Alexis, FTC Exam of Google-DoubleClick Deal Should Order Use of ‘Opt-In’ Data Policy, Groups Say, Electronic Commerce & Law, Vol. 12, No. 24, June 13, 2007.
- “The issues [antitrust and privacy] are not unrelated, in that one of the claims of the opponents of the deal is that giving the combined entity access to the data gathered by both companies not only creates a privacy problem, but also creates a barrier to entry to others who want to compete in the Internet advertising business.” Brokerage Stifel, Nicolaus & Company, Inc. Google-DoubleClick Goes to the FTC: Approval Still Looks Likely, But Potential for Privacy Conditions Rises (PDF), Washington Telecom, Media, & Tech Insider, June 1, 2007.
- “The privacy concern is, ‘Will one entity have so much control that the information is going to be centralized?,’ ” said Andrew Klevorn, an antitrust attorney with Eimer Stahl in Chicago. “Will they have too much informational power?” Google comes under scrutiny, San Francisco Chronicle, May 30, 2007.
- “The privacy issue is also the competitive issue,” said Blair Levin, an analyst at brokerage Stifel, Nicolaus. “The biggest barrier to entry is not money or engineers or the networks, but the information on the behavior of people on the Internet.” FTC study of Google purchase may focus on privacy, Los Angeles Times, May 30, 2007.
- “The combination of DoubleClick’s Internet surfing history generated through consumers’ pattern of clicking on specific advertisements, coupled with Google’s database of consumers’ past searches, will result in the creation of ‘super-profiles,’ which will make up the world’s single largest repository of both personally and non-personally identifiable information,” Mindy Bockstein, executive director of the NY State Consumer Protection Board. “In the best interest of consumers, we call for a halt to the merger until the Federal Trade Commission (“FTC”) has fully investigated Google’s planned use of the data post-merger.” Letter from NY State Consumer Protection Board to FTC Urging Delay of Google/Doubleclick Merger (PDF), May 1, 2007.
- “We think antitrust authorities should take a hard look at this deal and the implications,” said Jim Cicconi, senior executive vice president for external affairs at AT&T. “If any one company gets a hammerlock on the online advertising space, as Google seems to be trying to do, that is worrisome.” Microsoft Urges Review of Google-DoubleClick Deal, New York Times, April 16, 2007.
- “This proposed acquisition raises serious competition and privacy concerns in that it gives the Google-DoubleClick combination unprecedented control in the delivery of online advertising and access to a huge amount of consumer information by tracking what customers do online,” Microsoft General Counsel Brad Smith said. “We think this merger deserves close scrutiny from regulatory authorities to ensure a competitive online-advertising market.” Companies want scrutiny of Google-DoubleClick deal, CNet News.com, April 15, 2007.
- “Today, just a very few telecom giants have an enormous amount of personal information on virtually every American’s phone calls. As the market concentrates, the threat to our privacy grows. These considerations should be paramount to all of us who have the responsibility to review these mergers,” Sen. Herbert Kohl, Chairman of the Subcommittee on Antitrust, Competition Policy and Consumer Rights of the Senate Judiciary Committee. Statement of the Honorable Herbert Kohl at a Hearing on AT&T/BellSouth Merger, June 22, 2006.
Impact of Search Engines
Internet search engines, such as those offered by Google, Yahoo, and Microsoft, are the primary means by which individuals access content on the Internet. Search terms entered into the main Google search engine alone may reveal a plethora of personal information such as an individual’s medical issues, associations, religious beliefs, political preferences, sexual orientation, and investments monitored. In 2005, more than 60 million American adults used search engines on a typical day. The number is no doubt much higher today.
FTC Review of EPIC DoubleClick Complaint (2000 – 2001)
The Federal Trade Commission has previously investigated DoubleClick Inc. for violations of the Federal Trade Commission Act. On February 10, 2000, EPIC filed a complaint with the FTC concerning the information collection practices of DoubleClick. EPIC alleged that DoubleClick was unlawfully tracking the online activities of Internet users and combining surfing records with detailed personal profiles contained in a national marketing database. EPIC asked the FTC to investigate the practices of the company, to destroy all records wrongfully obtained, to invoke civil penalties, and to enjoin the firm from violating the Federal Trade Commission Act. On February 14, 2000, DoubleClick revealed in a document filed with the Securities and Exchange Commission that the FTC was investigating the company’s privacy practices.
On March 2, 2000, DoubleClick CEO Kevin O’Connor released a statement that said that the company made a “mistake by planning to merge names with anonymous user activity across Web sites in the absence of government and industry privacy standards.”‘ The FTC investigation into the company’s privacy practices continued.
On January 22, 2001, the FTC released a letter announcing that it had closed its investigation of DoubleClick. The letter listed a number of commitments DoubleClick agreed to make, including a commitment to abide by the NAI Privacy Principles.
Google’s Business Practices
Google operates the largest Internet search engine in the United States. According to a comScore press release, Google captured almost 50% of the U.S. search engine market in March 2007, with approximately 3.5 billion search queries were performed on Google web sites. Google’s services include:
- Google search: any search term a user enters into Google;
- Google Desktop: an index of the user’s computer files, e-mails, music, photos, chat, and web browser history;
- Google Talk: instant-message chats between users;
- Google Maps: address information requested, often including the user’s home address for use in obtaining directions;
- Google Mail (Gmail): a user’s e-mail history, with default settings set to retain e-mails “forever”;
- Google Calendar: a user’s schedule as inputted by the user;
- Google Orkut: social networking tool storing personal information such as name, location, relationship status, etc.;
- Google Reader: which ATOM/RSS feeds a user reads;
- Google Video/YouTube: videos watched by user;
- Google Checkout: credit card/payment information for use on other sites.
Google stores its users’ search terms in connection with their Internet Protocol (IP) address, a unique string of numbers that identifies each individual computer connected to the Internet. When a user enters a search term into Google’s search engine, Google’s servers automatically log the user’s web request, IP address, browser type, browser language, the date and time of the request and one or more cookies that may uniquely identify the user’s browser. As a user’s Web request includes the requested search term, Google’s logs link a user’s personally-identifiable IP address with their search terms. A January 2006 poll of 1,000 Google users found that 89% of respondents think their search terms are kept private, and 77% believed that Google searches do not reveal their personal identities. These numbers indicate that Google’s practices violate the public’s expectation of privacy with respect to the collection and use of search history data. Though Google tracks its users’ search activity in connection with their IP address, Google does not currently use this data to engage in behavioral targeting.
DoubleClick’s Business Practices
DoubleClick is a leading provider of Internet-based advertising. The company places advertising messages on Web sites. DoubleClick reaches an estimated 80 to 85 percent of the users of Internet. Its customers include Time Warner’s AOL and Viacom’s MTV Networks.
DoubleClick tracks the individual Internet users who receive ads served through DoubleClick. When a user is first “served” an ad, DoubleClick assigns the user a unique number and records that number in a “cookie” file stored on the user’s computer. As that user subsequently visits other Web sites on which DoubleClick serves ads, he or she is identified and recorded as having viewed each ad. DoubleClick stores a user’s history for two years. Using the unique numbers contained in cookies, DoubleClick’s “DART” (Dynamic, Advertising, Reporting, and Targeting) technology enables advertisers to target and deliver ads to Web users based on pre-selected criteria.
Google and Privacy
According to comScore, three out of every 10 (30.1 percent) of U.S. Internet users streamed video from YouTube.com, recently acquired by Google, in March 2007 alone. YouTube Chief Marketing Officer Suzie Reider recently revealed that YouTube will expand the amount of user demographic data it retains later this year. Reider stated, “We’ll never have had [sic] that much data about that much content. [. . .] By Q3 we’ll have a tremendous amount of metrics and data around every video. There’s lots you can glean from looking at who’s looking at what. It’s a real-time focus group that happens all day, every day.” (quote from AdAge).
European Review of Google Merger
On May 16, 2007, the European Union’s Article 29 Data Protection Working Party launched an investigation into Google’s privacy practices. In a letter (pdf) to Google, chair of the Article 29 Working Party, Peter Schaar asked whether the company has “fulfilled all the necessary requirements” to abide by EU privacy rules. Mr. Schaar explained, “As you are aware, server logs are information that can be linked to an identified or identifiable natural person and can, therefore, be considered personal data in the meaning of Data Protection Directive 95/46/EC. For that reason, their collection and storage must respect data protection rules.” EU Directive 95/46/EC states that individuals’ personal information can only be collected for “specified, explicit and legitimate purposes.” Information that is collected can only be kept in identifiable form for as long as is “necessary for the purposes for which the data were collected or for which they are further processed.”
Earlier this year, Google announced that it was changing its privacy policy, and would maintain user-specific information from Web searches for a period of 18 to 24 months. Google previously stored this information for as long as it was useful. After the 18- to 24-month period, the company claims that it will obscure the data, making it more difficult to identify individuals. This change “does not seem to meet the requirements of the European legal data protection framework,” Mr. Schaar wrote. The Working Party requested a detailed explanation from Google as to 1) “why this long storage period was chosen” for the server logs, 2) “the purposes for which server logs need to be kept,” and 3) “Google’s legal justification for the storage of server logs in general.” Also, the Working Party questioned whether the 30-year lifetime of the “Google cookie,” which tracks users, “goes beyond what seems to be ‘strictly necessary’ for the provision of the service.”
Mr. Schaar pointed to the “Resolution on Privacy Protection and Search Engines,” (pdf) which urged data minimization and addressed several issues with regard to server logs and the detailed profiling of users. “The Article 29 Working Party fully supports this Resolution and would appreciate the detailed views of Google on the steps which it has taken to fully implement its recommendations.” The Working Party will discuss the investigation into Google’s privacy practices at its meeting in June and requested that the company respond before then. European Justice Commissioner Franco Frattini is backing the investigation.
In a September 26, 2007 letter to the European Commissioner for Competition, the Data Protection Commissioner of the German federal state of Schleswig-Holstein urged the rejection of the proposed Google-DoubleClick merger. “At present we have to assume that in the event of a takeover of DoubleClick the databases of that company will be integrated into those of Google, with the result that fundamental provisions of the European Data Protection Directive will be violated,” said Thilo Weichert.
The European Parliament will hold a hearing on the proposed Google-DoubleClick merger on January 21, 2008. EPIC has been invited to testify.
FTC Review of EPIC Microsoft Passport Complaint (2001 – 2002)
On July 26, 2001, EPIC and twelve organizations submitted a complaint (pdf) to the FTC, detailing serious privacy implications of Microsoft Windows XP and Microsoft Passport. The complaint alleged that Microsoft “has engaged, and is engaging, in unfair and deceptive trade practices intended to profile, track, and monitor millions of Internet users,” and that the company’s collection and use of personal information violated Section 5 of the Federal Trade Commission Act.
After Microsoft announced a series of changes to Windows XP and Passport in response to the complaint, EPIC et al. submitted a supplement (pdf) to the FTC further detailing specific ways Microsoft XP and Passport would harm consumer interests.
The privacy and security risks outlined in the complaint were: facilitation of online profiling through a sign on requirement into Passport in order to view web content; covert sharing of consumer’s personal information within the MSN network; an increase in the amount of unsolicited commercial e-mail from the sharing of e-mail addresses within the MSN network (with no option for the consumer to opt-out of such a system); and Microsoft’s failure to establish adequate security standards to ensure that personal information held by Microsoft, such as credit card data, were protected from disclosure to a third party.
In August 2002, the FTC announced a settlement in its privacy enforcement action against Microsoft. The settlement required that Microsoft establish a comprehensive information security program for Passport, and prohibited any misrepresentation of its practices regarding information collection and usage.
The agreement was significant because the FTC did not uncover any security breaches, but acted nonetheless based on the potential for a security problem. This action demonstrated that the FTC has the authority to protect online privacy, and that the commission will hold companies to a very high standard in their representations to consumers about privacy policies. Since the FTC settlement of the EPIC complaint against Passport, industry groups have moved toward decentralized
identity systems that are more robust, provide more security, and are better for privacy. For more information, see EPIC’s page on Microsoft Passport Investigation Docket.
FTC Review of EPIC ChoicePoint Complaint (2004-2006)
In December 2004, EPIC filed a complaint with the Federal Trade Commission against databroker ChoicePoint. EPIC urged the agency to investigate the compilation and sale of personal dossiers by data brokers such as ChoicePoint. EPIC argued that the dossiers may constitute “consumer reports” for purposes of the Fair Credit Reporting Act, thus subjecting both the information seller and the buyer to regulation under the Act. Furthermore, EPIC argued that it is incumbent upon the Commission to analyze whether the sale of these dossiers circumvents the Act, giving businesses, private investigators, and law enforcement access to data that previously had been subjected to Fair Information Practices.
In February 2005, EPIC supplemented the ChoicePoint complaint and raised three additional issues relevant to the rise of commercial databrokers. First, an article written by Robert O’Harrow Jr. of the Washington Post quoted ChoicePoint representatives saying that the company acts like an “intelligence agency” and that the data industry should be subject to new regulations because of how personal information is being used. O’Harrow’s article demonstrated the reliance on commercial data brokers for decision-making, and the growing importance that the brokers’ data be accurate and their practices accountable to the public. Second, the letter included a dialogue from Declan McCullagh’s Politechbot.com mailing list concerning the December 2004 complaint. A list message from a private investigator who uses ChoicePoint noted that the company maintains an audit trail of clients who access personal information. The EPIC supplement points out that law enforcement users are not subject to the audit trails, and that EPIC is unaware of a single case where a commercial databroker has turned in a user for prosecution as a result of an audit showing prohibited use of the service. Last, the EPIC supplement included a transcript of a recent television broadcast, “Someone’s Watching,” that aired on Dec. 18, 2004, on the Discovery Times Channel. The broadcast shows two private investigators using a commercial databroker to access a stranger’s Social Security Number, employment details, and other information without any legal justification.
In 2005, based on the EPIC complaint, the FTC alleged (pdf) that ChoicePoint did not have reasonable procedures to screen and verify prospective businesses for lawful purposes and as a result compromised the personal financial records of more than 163,000 customers in its database. Because of this breach, the FTC alleged that ChoicePoint violated the Fair Credit Reporting Act by furnishing the financial records to subscribers that did not have a permissible purpose to obtain them. The FTC additionally alleged that ChoicePoint engaged in unfair or deceptive practices in violation of Section 5 of the Federal Trade Commission Act.
In January 2006, the FTC announced a settlement (pdf) with ChoicePoint, requiring the company to pay $10 million in civil penalties and provide $5 millions for consumer redress. It is the largest civil penalty in FTC history. ChoicePoint was also required to verify, “(1) the business identity of the subscriber, and (2) that the subscriber is a legitimate business engaged in the business certified and has a permissible purpose for obtaining consumer reports.” The FTC also required ChoicePoint to establish, implement, and maintain “a comprehensive information security program that is reasonably designed to protect the security, confidentiality, and integrity of the personal information it collects from or about consumers.”
Additional Parties to the Complaint
Center for Digital Democracy
The Center for Digital Democracy (CDD) is a nonprofit organization working to ensure that the digital media systems serve the public interest. CDD is committed to preserving the openness and diversity of the Internet in the broadband era, and to realizing the full potential of digital communications through the development and encouragement of noncommercial, public interest programming. For more information on CDD’s position on the Google/DoubleClick merger, visit CDD’s Jeff Chester’s blog entries on the subject.
U.S. Public Interest Research Group
The U.S. Public Research Group (U.S. PIRG) serves as both the federal advocacy office for and the federation of non-profit, non-partisan state Public Interest Research Groups, with over one million members nationwide. U.S. PIRG is a strong supporter of fair, competitive marketplace practices, including compliance with the OECD Guidelines for the Protection of Privacy.
Resources
- European Commission Directorate on Competition, Press Release, Mergers: Commission clears proposed acquisition of DoubleClick by Google, March 11, 2008.
- Peter Swire, Center for American Progress, Video, “What Happens to Your Information?” February 11, 2008.
- Marc Rotenberg, EPIC, Testimony (PDF) Before the European Parliament on Proposed Google/DoubleClick Merger, January 21, 2008.
- Marc Rotenberg, EPIC, Statement (PDF) in Response to FTC Opinion Approving the Google-DoubleClick Proposed Merger, December 21, 2007.
- Commissioner Pamela Jones Harbour, Dissent (PDF) from FTC Opinion Approving the Google-DoubleClick Proposed Merger, December 21, 2007.
- Federal Trade Commission, 4-1 Opinion (PDF) Approving the Google-DoubleClick Proposed Merger, December 21, 2007.
- Marc Rotenberg, EPIC, and Jeff Chester, CDD, Statement in Response to FTC Chairman Majoras’s Refusal to Recuse Herself From Review of Google-DoubleClick Proposed Merger (PDF), December 15, 2007
- Chairman Deborah Platt Majoras, Federal Trade Commission, Response to EPIC/CDD Motion to Disqualify FTC Chairman Majoras From Pending Review of Google-DoubleClick Proposed Merger, December 14, 2007
- Marc Rotenberg, EPIC, and Jeff Chester, CDD, Supplement to Motion to Disqualify FTC Chairman Deborah Platt Majoras From Pending Review of Google-DoubleClick Proposed Merger (PDF), December 13, 2007.
- Marc Rotenberg, EPIC, and Jeff Chester, CDD, Motion to Disqualify FTC Chairman Deborah Platt Majoras From Pending Review of Google-DoubleClick Proposed Merger (PDF), December 12, 2007.
- Rep. Joe Barton, Letter to Google Requesting Answers Concerning Privacy Questions of Its Proposed Merger with DoubleClick, December 12, 2007.
- Senators Herb Kohl and Orrin Hatch, Chairman and Ranking Member of the Subcommittee on Antitrust, Competition Policy and Consumer Rights of the Senate Judiciary Committee, Letter urging FTC to give “serious scrutiny” to privacy and antitrust aspects of proposed Google-DoubleClick merger (PDF), November 19. 2007.
European Commission Directorate on Competition, Page on Investigation of Proposed Google-DoubleClick Merger. - European Commission Directorate on Competition, Press Release, Mergers: Commission opens in-depth investigation into Google’s proposed take over of DoubleClick, November 13, 2007.
- Twelve Republican Members of Congress, Letter requesting a hearing on the privacy aspects of the proposed Google/DoubleClick merger (PDF), November 6. 2007.
- Center for Digital Democracy and US PIRG, Press Release, Consumer Groups Renew Call for FTC Action to Protect Consumers from Harmful Interactive Marketing Practices, including Behavioral Profiling, November 1, 2007.
- EPIC, Letter to the House Subcommittee on Financial Services and General Government urging the committee to monitor the FTC review of the proposed merger (PDF), October 26, 2007.
- Representative Ed Towns, member of the U.S. House Committee on Energy and Commerce, Letter to FTC Chairman Deborah Platt Majoras urging a critical review of the proposed Google-DoubleClick merger (PDF), October 26, 2007.
- Peter Swire, Protecting Consumers: Privacy Matters in Antitrust Analysis, analysis of online behavioral targeting, October 19, 2007.
- Thilo Weichert, Data Protection Commissioner of the German federal state of Schleswig-Holstein, Letter to the European Commissioner for Competition urging the rejection of the proposed Google-DoubleClick merger, September 26, 2007.
- Marc Rotenberg, EPIC, Testimony Before the Senate Judiciary Committee on Proposed Google/DoubleClick Merger (PDF), September 27, 2007.
- Marc Rotenberg, President, EPIC, Letter to Financial Times, “Google’s proposals on internet privacy do not go far enough,” September 23, 2007.
- EPIC, CDD, U.S. PIRG., Second Supplement to Original Complaint to the FTC Concerning Google/DoubleClick Merger (PDF), September 17, 2007.
- Canadian Internet Policy and Public Interest Clinic, Request for Audit of Google Inc. and DoubleClick Inc. (PDF), September 17, 2007.
- Jeff Chester, Center for Digital Democracy, Google’s DoubleClick Takeover: Double Data-Dealing (DOC), Comments at the National Press Club, September 17, 2007.
- Google Posting, Call for global privacy standards, Official Google Public Policy Blog, September 14, 2007.
- Australian Competition and Consumer Commission, Letter to Online Publishers, Digital Agencies and Other Internet Service Groups Asking for Opinions on the Effect Proposed Google-DoubleClick Merger Would Have in the Australian Market (PDF), August 27, 2007.
- Canadian Internet Policy and Public Interest Clinic, Section 9 Application for an Inquiry into the Proposed Merger of Google, Inc. and DoubleClick Inc. (PDF), August 2, 2007.
- Canadian Internet Policy and Public Interest Clinic, Press Release (PDF), CIPPIC calls on Competition Commissioner to review Google-DoubleClick merger, August 2, 2007.
- Microsoft and Ask.com, Press Release, Microsoft and Ask.com Call on Industry to Join Together to Evolve Privacy Protections for Consumers, July 22, 2007.
- Googleopoly: The Google-DoubleClick Anti-Competitive Case, Scott Cleland, President, Precursor LLC — A Techcom Industry Research and Consulting Firm, July 17, 2007.
- Letter from European Consumer Groups to the European Commission Urging an Investigation of Google/DoubleClick merger (PDF), June 27, 2007.
- Google Posting, Why we’re buying DoubleClick, Official Google Blog, June 26, 2007.
- Letter from FTC to CDD and U.S. PIRG Announcing Town Hall Meeting on Behavioral Targeting (PDF), June 21, 2007.
- Press Release from Article 29 Data Protection Working Party Announcing Google Probe Will Expand to All Search Engines (PDF), June 21, 2007.
- Google, Posting to Google Blog by Peter Fleischer, Global Privacy Counsel, How long should Google remember searches?, June 11, 2007.
- Letter from Google to Article 29 Data Protection Working Party in Response to Working Party Investigation of Google’s Privacy Practices (PDF), June 10, 2007.
- Privacy International, A Race to the Bottom: Privacy Ranking of Internet Service Companies, June 9, 2007 (ranking Google dead last on privacy among top Internet companies).
- EPIC, CDD, U.S. PIRG., Supplement to Original Complaint to the FTC Concerning Google/DoubleClick Merger (PDF), June 6, 2007.
- Letter from Article 29 Data Protection Working Party to Google Opening an Investigation Into the Company’s Privacy Practices (PDF), May 16, 2007.
- Letter from NY State Consumer Protection Board to FTC Urging Delay of Google/Doubleclick Merger (PDF), May 1, 2007.
- EPIC, CDD, U.S. PIRG., Complaint to the FTC Concerning Google/DoubleClick Merger (PDF), April 20, 2007.
- Press Release, Google to Acquire DoubleClick, April 13, 2007.
- Google FAQ, FAQ: Google Acquires DoubleClick (PDF), April 13, 2007.
- TACD Statement on AOL-Time Warner Merger (PDF), February 2000 (discusses privacy issues involved in a merger between a large Internet Service Provider and a large media company).
- EPIC’s Gmail Privacy Page
- Federal Trade Commission’s page on Hart-Scott-Rodino Act pre-merger review .
Editorials on Google
- Google’s Paltry Privacy Proposal, BusinessWeek, October 12, 2007.
- Why Yahoo, not Google, should drive your search, Chicago Tribune, October 12, 2007.
- Don’t give Google double the power, San Francisco Chronicle, October 3, 2007 .
- Ultimate Internet gatekeeper?, Washington Times, September 30, 2007.
- Who’s afraid of Google?, Economist, August 30, 2007.
- Googling ‘Monopoly’, Wall Street Journal, August 21, 2007.
- Is It OK that Google Owns Us?, eWeek.com, June 17, 2007.
- Google warrants an inquiry, FinancialTimes.com, June 13, 2007.
- Watching Your Every Move, New York Times, June 13, 2007.
- FTC obligated to set Internet standards, San Jose Mercury News, June 7, 2007.
- An unsafe search, San Francisco Chronicle, June 5, 2007.
Support Our Work
EPIC's work is funded by the support of individuals like you, who allow us to continue to protect privacy, open government, and democratic values in the information age.
Donate