Update 3: Here's the story of how panicking just enough may have saved Google's answer to Facebook and Twitter.

Update 2: Google has made further changes that address most -- but not all -- of our concerns.

Update 1: Google released some privacy fixes for Buzz. They're a nice start, but we don't think they go far enough. Read more here: Sorry, Google's Improvements To Buzz Don't Fix Privacy Flaw

Earlier: There is a huge privacy flaw in Google's new Twitter/Facebook competitor, Google Buzz.

When you first go into Google Buzz, it automatically sets you up with followers and people to follow.

A Google spokesperson tells us these people are chosen based on whom the users emails and chats with most using Gmail.

That's fine.

The problem is that -- by default -- the people you follow and the people that follow you are made public to anyone who looks at your profile.

In other words, before you change any settings in Google Buzz, someone could go into your profile and see the people you email and chat with most.

A Google spokesperson asked us to phrase this claim differently. Like this: "In other words, after you create your profile in Buzz, if you don't edit any of the default settings, someone could visit your profile and see the people you email and chat with most (provided you didn't edit this list during profile creation)."

(Freaking out already? Here's how to IMMEDIATELY make these list private and then edit them >)

When you first post to Google Buzz, there is a dialogue box that reads "Before participating in Buzz, you need a public profile with your name and photo."

It also says -- albeit in tiny gray letters against a white background, "Your profile includes your name, photo, people you follow, and people who follow you."

But it does not say that these publicly viewable follower lists are made up of people you most frequently email and chat with.

Even if it did say that, we doubt most users bother to read the text in the dialogue box before clicking "save profile and continue."

(This is why it's always safest for Web services providers to make it so sharing information is always an "opt-in," rather than "opt-out," setting. Just ask Facebook, which still remembers Beacon.)

There is also a "Welcome To Buzz" panel that shows who you are following and who is following you. In a long bit of unbolded text, it says "Buzz is a new way to share updates, photos, videos and more, and start conversations about the things you find interesting. You're already set up to follow the people you email and chat with the most."

If a user notices the box, it might help users "catch" that they might be following people they don't want the world to know they're following. But you don't have to close the box to use Buzz. Closing the box does not trigger a warning or anything else that alerts the user they've agreed to publish a list of the people they email and chat with most.

It looks like this:

The whole point is: Google should just ask users: "Do you want to follow these people we've suggested you follow based on the fact that you email and chat with them? Warning: This will expose to the public who you email and chat with most." Google should not let users proceed to using Buzz until they click, "Yes, publish these lists."

In my profession -- where anonymous sourcing is a crucial tool -- the implications of this flaw are terrifying.

But it's bad for others too. Two obvious scenarios come to mind:

Imagine if a wife discovering that her husband emails and chats with an old girlfriend a ton.

Imagine a boss discovers a subordinate emails with executives at a competitor.

A Google spokesperson tells us the followers lists are public by default so that people can quickly find new people to follow. Obviously, that's a good thing for Google, which is hoping to get as many people using Google Buzz as soon as possible. It's also meant to be helpful for users. And for those who are unconcerned with telling the world who they email most, it is. But for everyone else, it's terrible.

It gets to a deeper problem with Google Buzz: It's built on email, which is a very different Internet application than a social network.

The good news for Google is that this is a very easy problem to fix. Google must either shut off auto-following, or it must make follower lists private by default as soon as possible.

In the meantime, here's how to IMMEDIATELY make these list private and then edit them >

Update: We've updated this post to emphasize that there are a few instances where Google does allow users to opt-out of inadvertently publishing a list of the people they email and chat with most.

We continue to believe these chances to opt-out do not force the user to make a real choice about this setting.

We believe Google could and should simply make this feature "opt-in" so that people know what they're doing.

We're stunned the people at Google don''t agree. We bet they change their minds.

On that point, here's a statement from Google:

"We thought very carefully about how to create a great experience in Google Buzz with as minimal setup as possible. We designed our auto-following system to enable users to immediately see content from the people they email and chat with most, so when they start using Buzz, it "just works." If users are automatically followed to anyone they'd rather not follow, it's easy to remove these individuals during the auto-following step by clicking on the "edit" link and then clicking "unfollow" next to their names.



After that, the first time the user creates a post or comment, we ask them to create a profile, principally so they have a name to display next to their post. There's more information on why you need a profile here: http://mail.google.com/support/bin/answer.py?hl=en&answer=17073. In this profile creation step, we inform users that the lists of people they follow and people following them will be displayed on their profile, and make it easy to view and edit these lists. We also make it possible to hide the lists of people they're following and people following them from their profile."

Photo: Kevin Steele