Google: In early 2010, Google tried to jump on the social networking bandwagon by releasing its own new service, Google Buzz. But the biggest buzz about the new service focused on privacy because Google pre-populated "following" lists with frequent chat and email contacts and made that information public by default. Media articles called Buzz a “privacy nightmare” and warned that Buzz “managed to completely overstep the bounds of personal privacy.” Within weeks of launch, Google Buzz became the subject of a class action lawsuit and an FTC privacy complaint.

Google was unprepared for the negative reaction to Buzz’s privacy flaws and had to scramble to fix the product.  However, faced with such a hostile reaction, Google quickly fixed some of the big problems with the service. Buzz now "suggests" followers to new users rather than automatically following gmail contacts, and it no longer automatically shares private information from other Google services like Picasa Web Albums. Google has also added a more prominent settings tab to Buzz and promised to give Buzz users who signed up before these changes a second chance to evaluate their privacy settings (though, as of mid-March, they had not yet done so).

Google: In 2007 Google became the target of public outcry when it tried to close down its video service that incorporated DRM technology. Because users would have been unable to continue to use their previously purchased content once Google terminated the service, Google was forced to fully refund all payments for the service as well as keep the service active for an additional six months.

YouTube/Google: As part of an ongoing suit against YouTube/Google for copyright infringement, in 2007 Viacom sought and obtained a discovery order forcing YouTube to disclose all "video-related data from the logging database," including information identifying the users who watched each video. YouTube continued to fight for the privacy of its users and in 2008 reached an agreement with Viacom to anonymize the IDs and IP addresses of non-Google employees in any data conveyed to Viacom.

Google: When Google stood up for the privacy of its users by fighting an overbroad civil subpoena from the government that demanded millions of private search queries, the company reaped a bonanza of positive public and media attention. In the end, the court held that the government was only entitled to 50,000 URLs with no personal information.

Ask, Google, Microsoft, Yahoo!: Major search engines have started to recognize the importance of limiting data-retention periods for all data. Ask developed the AskEraser, allowing users to conduct online searches without the company logging any information. Microsoft deletes the full IP address, cookies, and any other identifiable user information from its logs after 18 months. Yahoo! is now planning to anonymize all search records after three months. Google now engages in a very limited form of log anonymization after nine months for those using the search engine and not logged into a Google account. After 18 months, the company deletes a portion of the stored IP address and de-identifies the cookie information stored in its logfiles.

Google: The company was pilloried in the press for making millions of its Google toolbar users vulnerable to a malicious software attack because of its toolbar's silent, automatic update mechanism. In 2006, a researcher found a flaw in the toolbar update mechanism of the Firefox browser. But since the Google toolbar software, unlike that used by Yahoo! or Facebook, did not provide notice to and obtain consent from users prior to updating the toolbar, Google toolbar users who used the Firefox browser could not control when the toolbar was updated and faced increased risk.