Google ordered to look again at privacy policy by EU regulators

 

Kevin Rawlinson
Thursday 18 October 2012 09:44 BST
Comments
Internet search firm Google has been ordered to look again at its controversial privacy policy by European Union regulators after it was criticised over its collection of internet users' personal information, according to reports.
Internet search firm Google has been ordered to look again at its controversial privacy policy by European Union regulators after it was criticised over its collection of internet users' personal information, according to reports. (GETTY IMAGES)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

Internet search firm Google has been ordered to look again at its controversial privacy policy by European Union regulators after a report criticised its collection of internet users’ personal information.

In the report, released today, an EU data protection commissioner accused Google of not respecting data protection.

“It is not possible to ascertain from the analysis that Google respects the key data protection principles of purpose limitation, data quality, data minimization, proportionality and right to object,” read a statement from the EU regulator.

The regulator added: “Indeed, the Privacy policy suggests the absence of any limit concerning the scope of the collection and the potential uses of the personal data. The EU Data protection authorities challenge Google to commit publicly to these principles.”

It said that Google “provides insufficient information to its users on its personal data processing operations”, adding that Google users cannot tell how their personal data are used.

“The Privacy Policy makes no difference in terms of processing between the innocuous content of search query and the credit card number…of the user,” it said, adding: “passive users (i.e. those that interact with some of Google's services like advertising or ‘+1' buttons on third-party websites) have no information at all.”

The French regulator Commission Nationale de l’Informatique et des Libertés (CNIL), which was appointed to lead the investigation on behalf of the EU, demanded that Google modify its practices.

It asked Google to give “clearer and more comprehensive information about the collected data and purposes of each of its personal data processing operations” and demanded the firm should allow users to choose when their data are combined between Google products.

It also said that users should be given the right to opt-out and that Google should modify its own systems so that data entered by users in one of the firm’s products cannot be passed to another without consent.

Google faced investigation after it combined all of the privacy policies related to individual products - numbering 60 – into a single, uniform policy, allowing it to transfer users’ data between different areas of and products belonging to the company. It was criticised when it emerged that people had no option but to accept the new terms.

No mention was made of any of the potential sanctions open to the CNIL, which include financial penalties, should Google fail to comply. The CNIL investigated Google on behalf of the Article 29 Data Protection Working Party, which represents European authorities.

Peter Fleischer, Google’s global privacy counsel today said: “We have received the report and are reviewing it now. Our new privacy policy demonstrates our long-standing commitment to protecting our users’ information and creating great products. We are confident that our privacy notices respect European law.”

Google was informed of the demands in a letter sent to its CEO Larry Page yesterday, Reuters reported.

Earlier this month, a spokesman told Bloomberg News its policy provided users with “clear and comprehensive information about how we use data…we are confident that our privacy notices respect the requirements of European data protection laws”.

The company has clashed with CNIL in the past over the collection of data by its Street View camera cars. Despite its protestations last year that the data scoop was done in error and voluntarily highlighted, it was handed the CNIL’s maximum fine of €100,000 (£80,700).

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies

Comments

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in