Europe calls on Google to put privacy policy changes on ice

Europe calls on Google to put privacy policy changes on ice

Summary: Only a week after Google said it would consolidate its privacy policies into a single mega-policy across its services, European data protection regulators have expressed concern.

TOPICS: Google

A group of European regulators has written to Google, asking it to suspend the introduction of its new privacy policy to ensure that it does not breach European data protection laws.

The search giant sparked controversy in January after it said it was to change its privacy policies, by consolidating its services' policies into one single policy across all of its sites, including Google+, Gmail and YouTube.

ZDNet's Larry Dignan explained this by highlighting the good, the bad and the scary. He added: "I’m all for breaking down data silos, but when Google knows more about me than my wife I get a bit worried."

Google said the privacy policy update changes how the company uses the data, rather than what it collects.

The regulators --- the Article 29 Working Party --- is made up of data protection representatives from each 27 member state, and is responsible for advising member states on data protection matters, and making recommendations to maintain the law.

The letter, addressed to Google chief executive Larry Page, reads [PDF]:

On behalf of the Article 29 Working Party I would like to inform you that we are aware of the upcoming change in your privacy policy.

Given the wide range of services you offer, and popularity of these services, changes in your privacy policy may affect many citizens in most or all of the EU member states.

We wish to check the possible consequences for the protection of the personal data of these citizens in a coordinated procedure. We have therefore asked the French data protection authority, the CNIL, to take the lead. The CNIL has kindly accepted this task and will be your point of contact for the data protection authorities in the EU.

In light of the above, we call for a pause in the interests of ensuring that there can be no misunderstanding about Google's commitments to information rights of their users and EU citizens, until we have completed our analysis.

European Justice Commissioner Viviane Reding welcomed the move, saying on Twitter that it was, "good that Europe's data protection authorities are ensuring Google's new privacy policy complies with EU law."

According to Reuters, Google finds the raising of concerns as a "surprise".

"We briefed most of the members of the working party in the weeks leading up to our announcement," said Al Verney, Google's spokesperson in Brussels.

This comes only less than a fortnight since Reding announced the proposed draft of the new Data Protection Regulation, which would be a "one-size-fits-all" law for all member states. The new Regulation includes measures to force Internet giants like Facebook and Google into acquiring explicit consent when handing over data to third-parties, while leaving out key provisions to protect European citizens from third-country law, like the United States'.

Web users will also have the "right to be forgotten". Internet companies and European data protection agencies have expressed their scepticism over the proposed measures.

The European Parliament must agree to the terms before the Regulation can be ratified into the law of member states.

Image source: Spencer E. Holtaway/Flickr.


Topic: Google

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • paid $hills and instigators are showing their ugly face again

    those 'cocerned' stooges are nothing more than google's lame competition.
    The Linux Geek
  • RE: Europe calls on Google to put privacy policy changes on ice

    This is a good thing since the US regulators can be bought off with campaign contributions. At least some governing body is willing to stand for the just cause.
  • RE: Europe calls on Google to put privacy policy changes on ice

    It is known by reading the new policy that Google now requires users to provide their smartphone#, their photograph, email address, zip code, etc for obtaining access to future services Google will offer.

    As you know, any hacker that knows your smartphone#, email address and zip code can obtain your full social security #, information from your bank accounts, etc.

    Google is copying your private data on their servers, and even they clame is safe, is still in the cloud, so any security incident could put that information on wrong hands, that's why I don't trust Google and I don't use their services anymore, they know too much information about who you are.
    Gabriel Hernandez
    • Simplifying policies is a must

      @Gabriel Hernandez

      Whilst I agree, more rights are often required than should be to use something, especially contacts and calendar syncing. They can only get what you put into public. A hacker wouldn't get my bank account with the information you suggest. It's usually through people using the same password for everything.

      There are two opposite forces. You may not be able to see if you spend the time what a particular Google service is doing. On the other hand you are more likely to understand a single policy. I believe Google said they did this in an attempt to start to tackle the biggest problem with policies and license agreements.(obfuscation and time taken to make an informed decision before using a service/product). How many agreements have you read. Heck I've queried a bank about an agreement before and found had no clue (atleast the employees I spoke to) how much the bank could abuse my rights, if they decided to.

      Sony put in a rootkit on cds and a tiny change meant it was legal in california, I could read it again now and still have no idea what it allowed or which bit allowed that.