End the Lie

EU regulators: Google privacy policy has legal ‘irregularities’ and may not be ‘in compliance’ with law

Decrease Font Size Increase Font Size Text Size Print This Page

By End the Lie

The new Google privacy policy, which was updated earlier this year, is now coming under fire from regulators in the European Union.

U.S. Senator Charles Schumer previously called for an investigation into this privacy policy to be carried out by the Federal Trade Commission (FTC) although any such investigation would be questionable at best.

Note: if you want to block Google’s tracking methods follow the guides found here and here.

Seeing as Google has such a tight relationship with the United States government and was cleared of wrongdoing by the Federal Communications Commission (FCC) related to their spying on Americans, any investigation carried out by an American government entity would likely be laughable.

However, the European Union’s data protection and privacy regulators have stepped up to the plate, challenging the legality of the new integrated Google privacy policy.

The French Commission Nationale de l’Informatique et des Libertes (CNIL) was tasked with the investigation. Representatives of CNIL noted in a press conference that users are forced to agree to Google’s new privacy policy while users should be given the choice to opt-out of the policy.

Of course Google’s response to such challenges is, essentially, that users can simply opt out of using their services entirely if they have a problem with their new policies.

The CNIL representatives said that the new Google privacy policy has legal “irregularities” and indeed may not actually be “in compliance” with EU law. Furthermore, they argue that the scope of Google’s policy is “too wide” and that the company should give users more control over their personal data.

The group also published a dozen or so recommendations for Google’s policy and the Article 29 Working Party, a group of data protection regulators from every member state, said that the 27 EU authorities have already “unanimously adopted the findings of the audit.”

Among other recommendations, “the CNIL suggested Google should strengthen the consent sought for combining data for the purposes of service improvement and advertising; provide a centralized opt-out solution; and adapt the combination rules to distinguish between security and advertising,” according to CNET.

They also pointed out that Google does not make it clear how long they retain user data for. None of this is surprising and honestly I think most of the recommendations will not be implemented because Google’s business is, in fact, data mining.

Isabelle Falque-Pierrotin, CNIL president, stated that Google has “not demonstrated its commitment” to the European Data Protection Directive’s principles. The European Data Protection Directive governs data transfer and storage laws in all 27 states that are members of the European Union.

In anticipation of what will likely be a common objection to the CNIL’s recommendations, she pointed out that it is “not the goal to declare war on Google and stifle innovation,” but they are still dedicated to reminding Google of its “responsibilities.”

Unfortunately, the CNIL stopped far short of demanding what some sources claimed they would.

On October 15, 2012 the British Guardian reported that Google would “be told by EU to unravel data policy” according to their sources, but that obviously did not happen.

Not only did they fall far short of actually calling on Google to “unravel” their privacy policy, they also said that they will give Google three to four months to follow their recommendations.

“We have received the report and are reviewing it now,” said Peter Fleischer, Google’s global privacy counsel. “Our new privacy policy demonstrates our long-standing commitment to protecting our users’ information and creating great products. We are confident that our privacy notices respect European law.”

Interestingly, EU regulators actually brought up similar concerns about Google’s new privacy policy before it actually became active on March 1 of this year. At the time, Google called the EU’s concerns a “surprise” and went ahead with the implementation of their privacy policy anyway.

The regulars are calling on Google to seek “explicit consent” from users when combining their data across the various Google services, which is the exact opposite of what Google did previously.

Google simply implemented the policy and told users that they either would agree or close their account. It will be quite interesting to see if and how Google complies with the EU regulator’s recommendations.

Did I forget anything or miss any errors? Would you like to make me aware of a story or subject to cover? Or perhaps you want to bring your writing to a wider audience? Feel free to contact me at [email protected] with your concerns, tips, questions, original writings, insults or just about anything that may strike your fancy.

Please support our work and help us start to pay contributors by doing your shopping through our Amazon link or check out some must-have products at our store.

4 Responses to EU regulators: Google privacy policy has legal ‘irregularities’ and may not be ‘in compliance’ with law

  1. Anonymous October 17, 2012 at 3:48 PM

    Google = criminal. Simple as that.

  2. Anonymous October 17, 2012 at 3:53 PM

    everyone be sure to check out the guides on here to block the google tracking you might want to link up to those they are heplful

  3. Anonymous October 17, 2012 at 4:10 PM

    anyone else think it’s hilaroius that their motto is “don’t be evil”?

  4. Nora October 17, 2012 at 6:08 PM

    Hypocritical and hilarious! If you’ve ever read their privacy policy, you will have no doubt about whether they’re evil or not. Any time some company thinks they are “entitled” to your private information, and that they should be able to make money off of selling it to third party marketers, you can be sure they are evil. I boycott Google. Don’t even use their stupid browser.


Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>