Image via Shutterstock
After reviewing the policy, EU data protection authorities say they want to see “clearer information” and “improved control over the combination of data across its numerous services.” Google also needs to change the tools used to collect data “to avoid an excessive collection of data.”
Despite requests from the CNIL, Google failed to offer “satisfactory answers on key issues such as the description of its personal data processing operations or the precise list of the 60+ product-specific privacy policies that have been merged in the new policy,” according to a CNIL statement.
“The investigation also showed that the combination of data is extremely broad in terms of scope and age of the data,” the CNIL claimed.
The new policy does not draw distinctions among search engine queries, telephone communications or credit card numbers. The data can be used for different uses, such as academic research, advertising, product development and security, the CNIL added.
Google also failed to offer retention periods for the personal data. The letter suggested that Google subscribers should be able to choose when data is combined by clicking on relevant buttons. Google should also provide a single opt-out button. Google should also change tools so data is restricted to what’s been authorized.
The AFP reported that Google has three or four months to comply with the EU regulators’ requests. If it fails to comply, there will be “a phase of litigation," the CNIL warned.
The letter sent to Google was signed by 27 European data protection authorities. Several of the concerns in the letter were also backed by APPA (Asia Pacific Privacy Authorities) and Canada's federal Privacy Commissioner.
Big Brother Watch, a UK-based privacy advocacy organization, backed the move by European regulators. "It's absolutely right that European regulators focus on ensuring people know what data is being collected and how it is being used," Nick Pickles, the group’s director, told the BBC. "Unless people are aware just how much of their behavior is being monitored and recorded it is impossible to make an informed choice about using services.”
In related news, Google recently tested a unified search tool that works across several of its products, such as Gmail, Google Calendar and Drive cloud storage services, news reports said.
Also, the EU still is investigating whether Google violated rules or laws by listing its own services high in search results. In addition, the U.S. Federal Trade Commission (FTC) may launch its own inquiry on paid ads in Google search results.
And in another controversy involving Google and French authorities, the parties reached a settlement earlier this year about racism concerns involving the auto-complete feature.
Last year, Fortinet's FortiGuard Labs global threat research team made a series of predictions about cyber threats in 2016. We are now halfway through…
The advent of wearable technology has recently generated a number of creative products. Consumers check for email messages using "smart" watches and i…
Earlier this year, the European Union passed the General Data Protection Regulation - landmark legislation addressing data protection and privacy conc…
We're a couple years out on an unprecedented boom in broadband, with new wireless schemes, 5G, high-flying drones and constellations of satellites cov…
As adoption of wearables becomes more mainstream in the Middle East, it brings added complexity to BYOD in an enterprise. One of the more interesting …