Google's New Privacy Policy Illegal in Europe Regulator Says

By Peter Bernstein March 01, 2012

It is now official. Reuters is reporting today that data protection agencies in European countries have concluded Google Inc's new privacy policy is in breach of European law. The story quotes EU Justice Commissioner Viviane Reding as saying on BBC Radio Four that he and his European counterparts — including France's data protection watchdog, the CNIL, which reportedly has informed Google it would lead a European-wide investigation into this matter — have come to the conclusion that they are “deeply concerned, and that the new rules are not in accordance with the European law, and that the transparency rules have not been applied."

As I wrote back on Feb. 17, Google’s announcement in January that it was simplifying its privacy policy so as to consolidate 60 guidelines into a single one for all its services had drawn EU ire, and the possibility of the policies being found illegal under Europe’s strict privacy laws. This included concerns that users would not be able to opt out of the new policy if they wished to continue using Google's services.

Rueters went on to quote Reding as saying the Google policy violated EU law, "In numerous respects. One is that nobody had been consulted, it is not in accordance with the law on transparency and it utilizes the data of private persons in order to hand it over to third parties, which is not what the users have agreed to." She added that, "Protection of personal data is a basic rule of the European Union. It is inscribed in the treaties. It is not an if, it is a must."  

Google kind of responds

Google earlier posted a blog defending its policy by Alma Whitten, Director of Privacy, Product Engineering. It is worth reading in its totality since in the face of EU objections it instituted its new policies today. Here are a few tidbits:

  • "Our privacy policy is now much easier to understand"
  • "We've included the key parts from more than 60 product-specific notices into our main Google Privacy Policy -- so there's no longer any need to be your own mini search engine if you want to work out what's going on."
  • “The new policy doesn’t change any existing privacy settings or how any personal information is shared outside of Google. We aren’t collecting any new or additional information about users. We won’t be selling your personal data. And we will continue to employ industry-leading security to keep your information safe.”

If you don’t think information sharing will improve your experience, you can use our privacy tools to do things like edit or turn off your search history and YouTube history, control the way Google tailors ads to your interests and browse the web “incognito” using Chrome. You can use services like Search, Maps and YouTube if you are not signed in. You can even separate your information into different accounts, since we don’t combine personal information across them. And we’re committed to data liberation, so if you want to take your information elsewhere you can.

Reding gets the last word

Reding had fuel for her fire. In fact, she did not mince words and cited facts supporting the contention that most users were unaware of what they were signing up to when they used popular Internet services like those of Google:

  • "Seventy percent of users rarely, or never, use terms and conditions which very often are written in small print, very complicated, not understandable for the normal user, and users are worried," she told the BBC.
  • "Eighty percent of British citizens say they're concerned about what is going on now." 

The commissioner’s final quote summed it all up, "We know data is the bloodstream of these new industries ... but at the same time there are basic European rules ... which have to be applied, and unfortunately we always see that those rules are just not observed, and illegality is taking over."

What’s next?

Where we go from here is anyone’s guess. At the Mobile World Congress currently going on in Barcelona, various speakers, including Google Chairman and former CEO Eric Schmidt during a keynote address, cautioned the audience that over 60 countries are not censoring the Internet and more a likely to do so. Unstated was the notion that not allowing Google to implement its new privacy policies was a form of governmental censorship of people’s rights to use services as they see fit.

Inquiring minds want to know if the EU will stop the new policy from going into effect in Europe. Will Google be forced to have one set of rules for places like the U.S. and another for other parts of the world? Will Google relent completely and ditch the consolidation? Unfortunately, inquiring minds are going to have to wait a bit. 

Finally, while Google is facing the EU firing squad at the moment, this is not just about them. They happen to be a timely target. Individual privacy has been and will continue to be one of the most important, if not the most important, policy issue of 2012. The friction between the desirability of using “big data,” especially as extracted from people’s surfing and transactional habits which is the oil that greases the value creation engine for Internet services, versus the rights of individuals to have control over that information is only likely to grow.

 In the U.S. there is an old saying that, “rules were made to be broken.” This has been used as justification in the technology world as a reason the U.S. leads the world in innovation. While it may apply to things like the rules of physics, Google needs to be careful when it comes to actual law. Hold on to your hats. This is going to be a wild one.

Edited by Carrie Schmelkin
Related Articles

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More

Putting the Flow into Workflow, Paessler and Briefery Help Businesses Operate Better

By: Cynthia S. Artin    9/14/2018

The digital transformation of business is generating a lot of value, through more automation, more intelligence, and ultimately more efficiency.

Read More

From Mainframe to Open Frameworks, Linux Foundation Fuels Up with Rocket Software

By: Special Guest    9/6/2018

Last week, at the Open Source Summit, hosted by The Linux Foundation, the Open Mainframe Project gave birth to Zowe, introduced a new open source soft…

Read More

Unified Office Takes a Trip to the Dentist Office

By: Cynthia S. Artin    9/6/2018

Not many of us love going to see the dentist, and one company working across unified voice, productivity and even IoT systems is out to make the exper…

Read More

AIOps Outfit Moogsoft Launches Observe

By: Paula Bernier    8/30/2018

Moogsoft Observe advances the capabilities of AIOps to help IT teams better manage their services and applications in the face of a massive proliferat…

Read More