European Regulators Want Changes in Google's New Privacy Policy

By Ed Silverstein October 16, 2012

European regulators told Google that it can either fix its new privacy policy or face possible fines within a few months.

France’s CNIL this week warned Google that it could face legal action if it did not make the needed changes. The CNIL – which took the lead in the EU inquiry on the policy – claimed that Google's new privacy policy has “incomplete information and uncontrolled combination of data across services.” The findings come after several months of study of the policy – led by the CNIL.


Image via Shutterstock

Google's new privacy policy was put in place on March 1, 2012. Google took its 60 separate privacy policies and turned them into a single policy. The new privacy policy offers Google advertisers “access to a much richer pool of data from users across its many services,” the BBC said.

After reviewing the policy, EU data protection authorities say they want to see “clearer information” and “improved control over the combination of data across its numerous services.” Google also needs to change the tools used to collect data “to avoid an excessive collection of data.”

Despite requests from the CNIL, Google failed to offer “satisfactory answers on key issues such as the description of its personal data processing operations or the precise list of the 60+ product-specific privacy policies that have been merged in the new policy,” according to a CNIL statement.

In addition, Google’s privacy policy has no limit on “the scope of the collection and the potential uses of the personal data,” CNIL said. Google also failed to provide adequate information on personal data processing operations. It is not clear which categories of personal data are processed and the purposes for which the data are processed, the regulators said.

“The investigation also showed that the combination of data is extremely broad in terms of scope and age of the data,” the CNIL claimed.

The new policy does not draw distinctions among search engine queries, telephone communications or credit card numbers. The data can be used for different uses, such as academic research, advertising, product development and security, the CNIL added. 

Google also failed to offer retention periods for the personal data. The letter suggested that Google subscribers should be able to choose when data is combined by clicking on relevant buttons. Google should also provide a single opt-out button. Google should also change tools so data is restricted to what’s been authorized.

The AFP reported that Google has three or four months to comply with the EU regulators’ requests. If it fails to comply, there will be “a phase of litigation," the CNIL warned.

The letter sent to Google was signed by 27 European data protection authorities. Several of the concerns in the letter were also backed by APPA (Asia Pacific Privacy Authorities) and Canada's federal Privacy Commissioner.

"We have received the report and are reviewing it now," Peter Fleischer, Google’s global privacy counsel, said. "Our new privacy policy demonstrates our long-standing commitment to protecting our users' information and creating great products. We are confident that our privacy notices respect European law."

Big Brother Watch, a UK-based privacy advocacy organization, backed the move by European regulators. "It's absolutely right that European regulators focus on ensuring people know what data is being collected and how it is being used," Nick Pickles, the group’s director, told the BBC. "Unless people are aware just how much of their behavior is being monitored and recorded it is impossible to make an informed choice about using services.”

In related news, Google recently tested a unified search tool that works across several of its products, such as Gmail, Google Calendar and Drive cloud storage services, news reports said.

Also, the EU still is investigating whether Google violated rules or laws by listing its own services high in search results. In addition, the U.S. Federal Trade Commission (FTC) may launch its own inquiry on paid ads in Google search results.

And in another controversy involving Google and French authorities, the parties reached a settlement earlier this year about racism concerns involving the auto-complete feature.




Edited by Brooke Neuman

TechZone360 Contributor

SHARE THIS ARTICLE
Related Articles

4 Biohacking Facts You Should Know About in 2017

By: Special Guest    8/18/2017

When it comes to biohacking, a more recent development in science, it involves combining the idea of hacking with biology. In today's world, biohackin…

Read More

Rest Your Weary Fingers: Voice Activation is Coming to a CRM Near You

By: Special Guest    8/9/2017

We spend a lot of time talking to our gadgets these days. Whether we're seeking directions from Siri or weather updates from Alexa, speech is quickly …

Read More

Kevin Kennedy Stepping Down, Will New Leadership Help Guide Avaya Back into Prominence?

By: Erik Linask    8/7/2017

After more than eight years as Avaya's chief executive, Kevin Kennedy will be stepping down from that role as of October 1, 2017. He'll be replaced by…

Read More

Micro-CT Scans Allow Researchers to Study Live Insects in 3D

By: Kayla Matthews    8/7/2017

The things we don't know about the natural world could fill textbooks. That's why excitement is the most appropriate response when we discover new way…

Read More

Gogo Making Air Travel More Productive

By: Erik Linask    8/4/2017

Gogo created tremendous hype when it first enabled in-flight connectivity on American Airlines, back in 2008. But, anyone who has used in-flight Wi-Fi…

Read More