"Inferring privacy preferences for new software, based on prior actions in old software, is a recipe for failure."

From this thread: http://news.ycombinator.com/item?id=1121034

Anyways, here is my take. Buzz isn't a new product so much as it's a new feature of Gmail. It's as much a new product as any new feature of Gmail is. It's also tied into most of the areas Gmail is, and tied into the rest of Google, and uses Google Profiles.

Google made the assumption that because this wasn't so much a complete new product, but rather an extension to an existing one, that it should use existing permissions. And looking at it that way, I can easily see them doing what they did.

What they didn't suspect, or expect I'm sure, is that people would see it not as a Gmail feature, but rather as a completely different system unrelated to Gmail and rather, tacked onto it.

I can see how Google looks at Buzz as merely an extension to Gmail. Gmail is, after all, their communications tool, including email, chat, and eventually (we know this is coming), Wave. Buzz is merely another way to communicate, and because so much of Gmail already includes so many other connections, Buzz being a framework to share things that Email, Chat, and what not are effective at, they built it with a familiar way of doing things. They then assumed (and I'm assuming all of this, mind you) that because they were building on top of an existing structure, that much of the privacy concerns that have arisen were already in use by the people that were concerned with it.

So, the question is, not whether Google was right or wrong, but rather, where do we draw the line? When does a new feature become a new product that requires new permissions, and when is a feature merely a feature that can use existing permissions. After all, there is so much that they do add where we don't blink an eye or concern ourselves with permissions or privacy, despite the potential for problems down the line.

I understand what they did, and why they did it (if my assertions are correct). However, there is more to learn here than to just say "Make everything private." The reality is, most users make assumptions about privacy (this is excellent proof of that), and so do companies. I honestly don't think Google went with Buzz and said "Let's destroy users privacy." I also hope this heightens people's awareness to the state or privacy on the web.

Any new feature, product, whatever that exposes private information should be opt-in. Period.

But what if the information wasn't private before, merely public, but not in the same context? This is what I think happened with Buzz. Nothing new was made public. It's just the public things weren't really public before.

This is the question: if up until now, you had an option that set things to 'public', but they weren't really public, should a new feature unset your previous choices? Should a new feature change your privacy settings?

What are you talking about? Buzz exposes your up-till-now private email contacts by listing them on your public profile page, unless you take the time and effort to understand that it's doing so and follow the convoluted opt-out process. That's why everyone's upset.

Where does my contact list appear on my profile page? I can't find it. I can find my followers, but they aren't the same as my contacts.

By default, your followers were auto-populated from your contact list, potentially revealing who you most email.