Federal Agency Fines Google $25,000 For “Deliberately” Impeding Investigation

It was reported yesterday that the US Federal Communications Commission (FCC) fined Google $25,000 for not cooperating with an investigation over Google’s massive invasion of privacy involving its Street View service.

The FCC said that Google “deliberately impeded and delayed” its investigation. Google made it very difficult for investigators to gain access to employees and hid important evidence. Google did not answer emails and the company even tried to hide the identities of the employees involved in the privacy violations from two years ago.

In 2010, Google’s Street View cars collected very private information from unencrypted home computers. When Google was caught doing this it apologized and said that it didn’t deliberately try to capture private data. Soon after the US Federal Trade Commission (FTC) investigated and sided with Google’s explanation that it was a mistake. Although the US didn’t take the massive privacy violation seriously, European countries were more concerned.

Now the FCC has come out and exposed Google’s refusal to cooperate with the investigation. This is really embarrassing for a company that claims it’s so transparent about everything it does and is cooperative with regulators. This is not the first regulators have complained about Google’s secrecy, arrogance, and unwillingness to cooperate with investigations. The French data protection agency currently investigating Google’s new privacy policy said that Google neglected to contact them before implementing their controversial and intrusive privacy policy.

The $25,000 Google is now forced to pay will do nothing to the company’s bottom line. Google raked in about $40 billion last year. Over 90% of Google’s revenues come from advertising – this means that Google makes money by selling your personal data to advertisers. This is the reason Google consolidated their privacy policies into a singular policy – it makes it easier for the company to figure you out and it’s more profitable. A Google spokesman said that the company is on a mission to combat against “the faceless Web”.

Google paying a $25,000 fine is like an average person paying a one cent fine – but don’t get too hung up on the amount of that fine. The biggest hit Google received from this new report by the FCC is its reputation. Most people think way too highly of this company and if more reports like this come out to expose Google’s dirt then the better it will be for the general public.

I love what Christina DesMarais, PCWorld, wrote in her article:

“…if Google’s uncooperative behavior is true as the FCC maintains, the obvious question is, ‘What is Google hiding?’ Consumers and advocacy groups have often criticized Google’s seemingly insatiable appetite for personal information, such as its recent consolidation of its privacy policies so as to have a better view into user behaviors and preferences. Because of the amount of attention those privacy concerns have garnered, you’d think a policy of transparency on Google’s part would bode well with those who have doubts about whether or not the company can be trusted with increasing amounts of personal data.”

Things that make you go hmmm…

For more information:

The New York Times, “Google Is Faulted for Impeding U.S. Inquiry on Data Collection” – click here

PCWorld, “Google Hit With $25K Fine, But FCC Finds Street View Data Collection Not Illegal” – click here

CNET, “FCC nails Google with $25K fine for dragging heels in StreetView probe” – click here

The US Federal Trade Commission Releases Online Privacy Report

For more information:

SlashGear, “FTC echoes public siren call for De-Personalized Web” – click here

Washington Post, “FTC releases final privacy report...” – click here

Washington Post – click here

European Regulators Say Google’s New Privacy Policy Is Confusing ‘Even For Trained Professionals’

 The fight between Google and European authorities is getting even more intense!

Earlier this month, in my post titled “Europeans increasingly rejecting Google due to lack of privacy“, I informed you of a group that sent a letter to Google asking the company to delay their new privacy policy. The Article 29 Working Party is made up of data protection authorities from the member states of the European Union.

You can read my earlier post – click here

After the group found out that Google had plans to change its privacy policies, they politely asked Google to “pause” their plans to carry out the change because they needed a sufficient amount of time to fully investigate Google. Europeans take their online privacy very seriously. They wanted enough time to complete their analysis to make sure their citizens were protected from any violations or exploitation of their personal data.

However, despite the efforts of the European data protection authorities, Google sent back a letter telling them that the company would not stop their plans to implement their new privacy policy. Google claimed that they already gave the European regulators enough time and that they met with them before the change to its privacy policies was publicly announced. Google basically told the group “No and get lost!”

Google was well aware that the Working Party didn’t really have authority itself to enforce its recommendation.

Oh no you didn’t!

Hold on, not so fast!

Well, fast forward almost 4 weeks later and the European privacy regulators are back with a vengeance! The Article 29 Working Party decided to give its French data protection member the lead task to investigate Google. The scathing preliminary result of that investigation was released yesterday to the media. The French privacy agency is called the National Commission for Computing and Civil Liberties (CNIL) – and they did not mince words. In a letter addressed to Google (dated February 27th, 2012), the French agency is brutally honest with their assessment:

“The CNIL and the EU data protection authorities regret that Google did not accept to delay the application of this new policy which raises legitimate concerns about the protection of the personal data of European citizens.”

CNIL found that Google’s new privacy policy is actually not more transparent and comprehensive. They suggest that Google is actually being deceptive with their new privacy policy because it does not give users the whole truth. It isn’t enough to tell users the bare minimum about what the new privacy policy will mean to them, you have to tell users exactly how their personal data is going to be used. The French agency is concerned about what Google is hiding from its users.

I previously wrote about how Google has a problem telling its users the whole truth. For more on that – click here

“By merging the privacy policies of its services, Google makes it impossible to understand which purposes, personal data, recipients or access rights are relevant to the use of a specific service. As such, Google’s new policy fails to meet the requirements of the European Data Protection Directive”

They said that said Google’s new privacy policy actually raises more fears and concerns about the company’s actual practices. They question the lawfulness of Google’s intended changes to its privacy policy.

“The CNIL and the EU data protection authorities are deeply concerned about the combination of data across services and have strong doubts about the lawfulness and fairness of such processing. They intend to address these questions in detail with Google’s representatives”

Furthermore, the group made sure to address Google’s lie about meeting with European regulators before they unveiled plans to change their privacy policy:

“Contrary to public statements by Google representatives suggesting that data protection authorities across the EU had been ‘extensively pre-briefed’, not all authorities were  informed, and those that were informed only heard about the changes a few days before the announcement. They saw the contents of the new privacy policy at best a few hours before its public release, without any opportunity to provide any constructive feedback”

Oh SNAP! Ha-ha…Google must be really red-faced right about now.

And, for your information, the French authority has the power to fine companies up to 300,000 euros (or about $400,000) for each breach of privacy. It can also ask a court to stop the company from violating privacy laws. Other European countries can enforce their laws in similar ways too.

The French agency concluded that Google’s privacy policy is too vague and difficult to understand, “even for trained privacy professionals“.  They said they will send a full questionnaire to Google before mid-March and they reiterated their recommendation to Google to stop their plans in introducing their new privacy policy.

Hey Google, don’t try to pull a fast one on European privacy protection groups – they can knock you out, ha!

To read the full letter CNIL sent to Google, click here (PDF)

CNIL’s website – click here

For more information:

New York Times, “France Says Google Privacy Plan Likely Violates European Law” – click here

The Telegraph, “Google privacy overhaul ‘unlawful’, say regulators” – click here

BBC, “Google ‘fails to meet EU rules’ on new privacy policy” – click here