European Regulators Want Changes in Google's New Privacy Policy

By Ed Silverstein October 16, 2012

European regulators told Google that it can either fix its new privacy policy or face possible fines within a few months.

France’s CNIL this week warned Google that it could face legal action if it did not make the needed changes. The CNIL – which took the lead in the EU inquiry on the policy – claimed that Google's new privacy policy has “incomplete information and uncontrolled combination of data across services.” The findings come after several months of study of the policy – led by the CNIL.


Image via Shutterstock

Google's new privacy policy was put in place on March 1, 2012. Google took its 60 separate privacy policies and turned them into a single policy. The new privacy policy offers Google advertisers “access to a much richer pool of data from users across its many services,” the BBC said.

After reviewing the policy, EU data protection authorities say they want to see “clearer information” and “improved control over the combination of data across its numerous services.” Google also needs to change the tools used to collect data “to avoid an excessive collection of data.”

Despite requests from the CNIL, Google failed to offer “satisfactory answers on key issues such as the description of its personal data processing operations or the precise list of the 60+ product-specific privacy policies that have been merged in the new policy,” according to a CNIL statement.

In addition, Google’s privacy policy has no limit on “the scope of the collection and the potential uses of the personal data,” CNIL said. Google also failed to provide adequate information on personal data processing operations. It is not clear which categories of personal data are processed and the purposes for which the data are processed, the regulators said.

“The investigation also showed that the combination of data is extremely broad in terms of scope and age of the data,” the CNIL claimed.

The new policy does not draw distinctions among search engine queries, telephone communications or credit card numbers. The data can be used for different uses, such as academic research, advertising, product development and security, the CNIL added. 

Google also failed to offer retention periods for the personal data. The letter suggested that Google subscribers should be able to choose when data is combined by clicking on relevant buttons. Google should also provide a single opt-out button. Google should also change tools so data is restricted to what’s been authorized.

The AFP reported that Google has three or four months to comply with the EU regulators’ requests. If it fails to comply, there will be “a phase of litigation," the CNIL warned.

The letter sent to Google was signed by 27 European data protection authorities. Several of the concerns in the letter were also backed by APPA (Asia Pacific Privacy Authorities) and Canada's federal Privacy Commissioner.

"We have received the report and are reviewing it now," Peter Fleischer, Google’s global privacy counsel, said. "Our new privacy policy demonstrates our long-standing commitment to protecting our users' information and creating great products. We are confident that our privacy notices respect European law."

Big Brother Watch, a UK-based privacy advocacy organization, backed the move by European regulators. "It's absolutely right that European regulators focus on ensuring people know what data is being collected and how it is being used," Nick Pickles, the group’s director, told the BBC. "Unless people are aware just how much of their behavior is being monitored and recorded it is impossible to make an informed choice about using services.”

In related news, Google recently tested a unified search tool that works across several of its products, such as Gmail, Google Calendar and Drive cloud storage services, news reports said.

Also, the EU still is investigating whether Google violated rules or laws by listing its own services high in search results. In addition, the U.S. Federal Trade Commission (FTC) may launch its own inquiry on paid ads in Google search results.

And in another controversy involving Google and French authorities, the parties reached a settlement earlier this year about racism concerns involving the auto-complete feature.




Edited by Brooke Neuman

TechZone360 Contributor

SHARE THIS ARTICLE
Related Articles

Super Bowl Sunday - Game on for TV Everywhere

By: Bob Wallace    1/22/2015

NBCUniversal is using the largest annual live sports viewing stage - the Super Bowl - to pitch consumers the benefit of a cable TV subscription - by o…

Read More

Corporate Video Usage Widens and Gets Creative

By: Tara Seals    1/22/2015

At least 40 percent of organizations that use real-time video applications are employing it in more than a dozen use cases.

Read More

Eat Your Heart Out Apple: Dell Tablet to Film Hollywood Movie

By: Rob Enderle    1/19/2015

I don't mean the tablet will be used in the film, I mean it will be used as the camera to create the movie. The tablet in question is the Dell Venue 8…

Read More

Obama Administration Wants To Crack Down On Fruits Of Hacking

By: Oliver VanDervoort    1/19/2015

The law also makes it a felony to traffic in information such as passwords and trafficking will now include posting a link. Basically, the new law wou…

Read More

OneWeb Satellite Broadband Venture Secures Funding, Generates Questions

By: Doug Mohney    1/16/2015

Will the world be surrounded by the largest satellite network ever created? OneWeb, formerly known as WorldVu Satellites, secured an undisclosed amoun…

Read More