As expected, a group of European data privacy advocates have asked for search giant Google to clarify what and how much information the company extracts from its customers.
September 1, 2016 , 11:52 am
August 30, 2016 , 12:23 pm
August 25, 2016 , 5:33 pm
The watchdog consortium, which represents data regulators from all of the EU’s 27 countries, announced the claims this morning at a news conference in Paris, the headquarters of CNIL.
If the company fails to address the complaints, it could be hit with fines or legal action, according to a report from the New York Times earlier today. The Times discussed the issue with Jacob Kohnstamm, the head of the Dutch Data Protection Authority, who hinted regulators would likely take legal action if Google failed to reshape their policy.
“After all, enforcement is the name of the game,” Mr. Kohnstamm told the paper.
Falque-Pierrotin echoes those sentiments, claiming fines could also be imposed.
In what was seen by privacy advocates as a dramatic move earlier this year, Google announced in January that in March it would synthesize 60+ privacy policies into one and treat its users as a single entity across all of its platforms (YouTube, Blogger, Google+, etc.).
The EU was skeptical from the get go, asking Google to delay the policy changes before repeatedly pressing the company into revealing more information about its data acquisition techniques. While Google responded to questionnaires sent by CNIL, the commission claims Google failed to adequately outline its intent and acknowledge “key data protection principles,” according to a press release today.
Europe is mostly taking issue with the fact that Google combines data from users across all services without their explicit consent and doesn’t set limits on how long it retains certain data.
The letter goes on to outline 12 things Google should do to clarify the purpose and combination of data, including simplifying opt-out mechanisms, limiting the combination of data for passive users and implement an article from the European ePrivacy Directive.