Belfast Telegraph

Tuesday 31 May 2016

Home News World

Google faces EU privacy action

Published 03/04/2013

Google merged 60 separate privacy policies from around the world into one universal procedure last year
Google merged 60 separate privacy policies from around the world into one universal procedure last year

Google's new privacy policy is under legal attack from regulators in its largest European markets who want the company to overhaul practices they say let it create a data goldmine at the expense of unwitting users.

Led by the French, organisations in Britain, the Netherlands, Germany, Spain and Italy have agreed on the joint action, with the ultimate possibility of imposing fines or restrictions on operations across the entire 27-country European Union.

Last year, the company merged 60 separate privacy policies from around the world into one universal procedure. The European organisations complain that the new policy does not allow users to figure out which information is kept, how it is combined by Google services or how long the company retains it.

The fines' financial impact on Google would be limited - French privacy watchdog CNIL has the right to fine the company up to 300,000 euro (£255,000), approximately the amount it earns in three minutes, based on its projected revenue of 61 billion dollars (£40 billion) this year. Britain can fine up to £500,000 but rarely does.

But successful legal action would hurt Google's image and could block its ability to collect such data until it addresses the regulators' concerns. Google dominates the European market for internet searches. According to one survey, as much as 95% of searches in Europe are carried out through Google, compared with about 65% in the United States. European regulators have demanded specifics for anyone using Google on what is being collected and a simpler presentation.

Tensions between privacy and the swiftly evolving ability of companies to spin online usage data into vast profits are ramping up, especially in Europe, where privacy laws tend to be strong and nearly every country has a regulatory body. But internet users have consistently shown a willingness to give up privacy in exchange for convenience and new online services that Google and other tech companies offer.

Google says it merged its myriad privacy policies in March 2012 for the sake of simplicity, and that the changes comply with European laws.

Each of the six European states bringing legal action against Google has to make its own decision on how to handle perceived violations. "No one is against Google's objective of simplicity. It's legitimate. But it needs to be accompanied by transparency for consumers and the ability to say yes or no," Isabelle Falque Pierrotin, head of French privacy regulator CNIL, said in a recent interview. "Consumers have the right to know how the information is being used and what's being done with it."

But regulations tend to lag technology, and the delay is more pronounced in a digital age when small bits of information can offer increasingly powerful - and lucrative - insights into the psyches of consumers or voters. Proposed Europe-wide data protection legislation will take until at least 2015 to be fully implemented. In the meantime, said Ms Falque Pierrotin, the national privacy regulators must ensure that European consumers are not vulnerable. Johannes Caspar, a German data protection commissioner, said the company's policies were vague - it used the word "may" dozens of times on a single page when describing its rights to data. "Many users don't even know what is happening with their data and might worry that their private information is used to produce personality profiles of them," Mr Caspar said.

In March, Google agreed to a seven million dollar (£4.6 million) fine to settle a 38-state investigation in the US into software that intercepted emails, passwords and other sensitive information sent over unprotected wireless networks in neighbourhoods worldwide. Google blamed an engineer who rigged a data collection programme for its online mapping service that then collected communications on Wi-Fi networks from early 2008 until the spring of 2010. Two weeks ago, a European Parliament committee signed off on continent-wide legislation that would include a "right to be forgotten", requiring companies that operate online to show internet users the personal information collected and, if requested, delete it. It is no simple request when information is gathered from countless computers and mobile devices and stored on servers all around the world.

From the web

Read More

From Belfast Telegraph