On March 30, 2011, the FTC announced a proposed privacy settlement with Google that would set new precedents about current FTC privacy expectations. The FTC alleged that Google violated its privacy policy, specifically a provision in which Google states that if it uses information differently from the purpose for which it was collected, Google will obtain consent. The FTC alleged that Gmail users’ personal information was made public through the Google Buzz social marketing service without their consent, and even sometimes when the users tried to opt out of the Buzz service. The FTC also alleged that Google misrepresented its compliance with its U.S.-EU Safe Harbor certification because (according to the FTC) the company failed to give consumers notice and choice before using their information for a purpose different from that for which it was collected. This is the FTC’s first case alleging substantive violations of the U.S.-EU Safe Harbor provisions and its first settlement requiring the implementation of a comprehensive “privacy by design” program for all future products and services and also requiring biannual, independent privacy audits for twenty years. The proposed settlement also would require Google to get opt-in consent for secondary uses or disclosures of data.