European Regulators Say Google’s New Privacy Policy Is Confusing ‘Even For Trained Professionals’

 The fight between Google and European authorities is getting even more intense!

Earlier this month, in my post titled “Europeans increasingly rejecting Google due to lack of privacy“, I informed you of a group that sent a letter to Google asking the company to delay their new privacy policy. The Article 29 Working Party is made up of data protection authorities from the member states of the European Union.

You can read my earlier post – click here

After the group found out that Google had plans to change its privacy policies, they politely asked Google to “pause” their plans to carry out the change because they needed a sufficient amount of time to fully investigate Google. Europeans take their online privacy very seriously. They wanted enough time to complete their analysis to make sure their citizens were protected from any violations or exploitation of their personal data.

However, despite the efforts of the European data protection authorities, Google sent back a letter telling them that the company would not stop their plans to implement their new privacy policy. Google claimed that they already gave the European regulators enough time and that they met with them before the change to its privacy policies was publicly announced. Google basically told the group “No and get lost!”

Google was well aware that the Working Party didn’t really have authority itself to enforce its recommendation.

Oh no you didn’t!

Hold on, not so fast!

Well, fast forward almost 4 weeks later and the European privacy regulators are back with a vengeance! The Article 29 Working Party decided to give its French data protection member the lead task to investigate Google. The scathing preliminary result of that investigation was released yesterday to the media. The French privacy agency is called the National Commission for Computing and Civil Liberties (CNIL) – and they did not mince words. In a letter addressed to Google (dated February 27th, 2012), the French agency is brutally honest with their assessment:

“The CNIL and the EU data protection authorities regret that Google did not accept to delay the application of this new policy which raises legitimate concerns about the protection of the personal data of European citizens.”

CNIL found that Google’s new privacy policy is actually not more transparent and comprehensive. They suggest that Google is actually being deceptive with their new privacy policy because it does not give users the whole truth. It isn’t enough to tell users the bare minimum about what the new privacy policy will mean to them, you have to tell users exactly how their personal data is going to be used. The French agency is concerned about what Google is hiding from its users.

I previously wrote about how Google has a problem telling its users the whole truth. For more on that – click here

“By merging the privacy policies of its services, Google makes it impossible to understand which purposes, personal data, recipients or access rights are relevant to the use of a specific service. As such, Google’s new policy fails to meet the requirements of the European Data Protection Directive”

They said that said Google’s new privacy policy actually raises more fears and concerns about the company’s actual practices. They question the lawfulness of Google’s intended changes to its privacy policy.

“The CNIL and the EU data protection authorities are deeply concerned about the combination of data across services and have strong doubts about the lawfulness and fairness of such processing. They intend to address these questions in detail with Google’s representatives”

Furthermore, the group made sure to address Google’s lie about meeting with European regulators before they unveiled plans to change their privacy policy:

“Contrary to public statements by Google representatives suggesting that data protection authorities across the EU had been ‘extensively pre-briefed’, not all authorities were  informed, and those that were informed only heard about the changes a few days before the announcement. They saw the contents of the new privacy policy at best a few hours before its public release, without any opportunity to provide any constructive feedback”

Oh SNAP! Ha-ha…Google must be really red-faced right about now.

And, for your information, the French authority has the power to fine companies up to 300,000 euros (or about $400,000) for each breach of privacy. It can also ask a court to stop the company from violating privacy laws. Other European countries can enforce their laws in similar ways too.

The French agency concluded that Google’s privacy policy is too vague and difficult to understand, “even for trained privacy professionals“.  They said they will send a full questionnaire to Google before mid-March and they reiterated their recommendation to Google to stop their plans in introducing their new privacy policy.

Hey Google, don’t try to pull a fast one on European privacy protection groups – they can knock you out, ha!

To read the full letter CNIL sent to Google, click here (PDF)

CNIL’s website – click here

For more information:

New York Times, “France Says Google Privacy Plan Likely Violates European Law” – click here

The Telegraph, “Google privacy overhaul ‘unlawful’, say regulators” – click here

BBC,Google ‘fails to meet EU rules’ on new privacy policy” – click here

Advertisements
Tagged , , , , , , , ,

One thought on “European Regulators Say Google’s New Privacy Policy Is Confusing ‘Even For Trained Professionals’

  1. […] The European Union’s Justice Commissioner, Viviane Reding, told BBC Radio Four that Google’s new more intrusive privacy policy breaches privacy laws that are meant to protect European citizens. She made this judgment public on the World At One program the same day Google fully implemented its new privacy policy and two days after a French data protection agency released a report finding Google’s new privacy policy ‘deeply concerning’ (for more on this – click here). […]

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: