Google 'breached EU law' by merging privacy policies: report

Google 'breached EU law' by merging privacy policies: report

Summary: European antitrust authorities are reportedly ready to determine that Google's move to merge more than 70 privacy policies into one is unlawful.

TOPICS: Google, Legal, Privacy, EU

Google could be facing the sharp end of the European stick in the coming days after making sweeping changes to its privacy policies earlier this year, according to one report citing sources.

The Guardian reported that European data protection commissioners are only days away from firing the legislative cannons at Google following the move in March, that at the time came under heavy criticism from European data protection agencies, privacy groups and consumers alike.

The Mountain View, CA.-based search giant switched over its new privacy policy on March 1 after combining and merging existing privacy policies from various Google services.

The move allowed Google to easily tie users' data from one service to another, allowing a more enhanced experience for the end user, Google claims, while at the same time allowing for more targeted advertising suited for the user. 

However, critics claim that the new "data-sharing policy" allows Google to build up a more specific and accurate picture of its users. While the data remains anonymous to the likes of advertisers, privacy groups have warned that the collection of data by governments agencies makes it far easier to pinpoint who the user is.

Google Apps for Government, Education and Business users would be "unaffected" by the changes, the company said, while Google Wallet and Google Chrome still have separate standing privacy policies that govern how data is stored or shared with others.

Google may be fined a mere few hundred thousand euros, but could be forced by Europe to roll back the changes it made, described by a lawyer speaking to the London-based newspaper as like trying to "unscramble the egg."

Companies, such as Google, can however be served with notices of enforcement, requiring the company in question to change their business practices in Europe. 

Charged with the investigation, the French data protection authority, the Nationale de l'Informatique et des Libertes (CNIL), said it would deliver its verdict by September

Google, meanwhile, is also embroiled in an antitrust suit with Europe, as is Microsoft.

Microsoft also faces a strong rebuke and a likely chance of a heavy fine after the software giant admitted it had failed to include a crucial update in the latest version of Windows, that offered European consumers a choice of browser. The update was part of an earlier settlement with Europe on anticompetitive matters. 

In a speech given in Brussels on Monday, EU Competition Commissioner Joaquin Almunia said: "In the information and communication industries, our work with Google is proceeding; whereas we are currently reviewing the case regarding Microsoft's failure to keep commitments it took back in 2009 and I want to take a decision soon on the next steps."

A decision on Microsoft's breach of its antitrust commitments is expected early next year.

Google did not return calls for comment. European Commission spokesperson was also unavailable at the time of writing. If we hear back, we'll update the post.

Topics: Google, Legal, Privacy, EU

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • EU always making life more complicated.

    If they do declare that a company cant change policy of a user after they join and cant give them the option to leave the service which is what my interpretation of what they are saying, then they are changing mine and many other people interpretations of data and privacy protection rules.

    They will be making life a hell of a lot more difficult for start ups, may be even force them to maintain multiple privacy agreements depending on when a user signed up for as long as they user stays with them, rather than just given users the option of accepting the new policy or leaving your service and deleting their account and data.

    At the very least it will mean that new start ups will be force to make their privacy agreements much more broader than necessary for the service that they are initially launching to take into account possible expansion of services, possibly giving users less privacy in the end.

    I hope Google fights this and wins because if they lose then the EU can forget having a vibrant internet start up scene, it just becomes to risky, to complicated and potentially very costly.
  • Our Politicians need to take lession from the EU

    Stop trying to steal more from the citizens who really don't have much.. instead pass more stupid and complicated laws and sue the big corporations like Apple, Microsoft, Google, Samsung. But, pretty soon those will be buying congressmen and senators to avoid the suits and fines, like the oil companies already do.
  • Google is always breaking the law

    Google has morals when it comes to invading privacy. At least they only sell it anonymously, but the way they hand over info on their users on request to authorities, much of it deceitfully collected, seems a little ripe for abuse, given past abuses we know our gvt and others have committed. its wrong for then to collect info without full disclosure and consent. I suppose if You use stock android with google apps you are implicately consenting to full-on 24/7 spyware but they lied about what they were going to collect with their streetcars and violated Safari users to hack it to leave tracking cookies even if cookies were off. The carrieriq debacle was deceitful, helping carriers and manufacturers, turning a blind eye as spyware was layered over their users devices hidden. Apple had it too but they made it unhidden, and let you review and approve or not. Android had iit hidden very well and it seemed like google knew about it and remained quiet. I know there is debate whether they knew anything, or gave technical help and remained quiet, but I think it's the latter.
    It's unpopular to mention their lack of morals when they spy and collect data, and their sudden lawful willingness to hand over illegally obtained info to "authorities".
    At least in the US, the treasure trove of data they provide on their users probably means little US laws protecting any right to privacy. EU may be different. Countries that have seen first hand the abuse of less intrusive spying probably are rightfully concerned.
    • Ha. Forgot no edit here

      Anyway, if we had any real privacy laws google would be breaking them. It seems like it's illegal when other people hack into others' computers and install spyware. Google hacked Safari to put tracking cookies even though they were turned off. If it was a law to not hack into wifis and steal people's user names, emails, passwords google would have broken that. No wifi passwords so others can share internet IS NOT saying you agree to give others your emails, passwords and medical records. All the spyware their apps run can't be good for any kind of privacy, but at least users of stock android with google apps are willingly agreeing to it.
      I consider it wrong when a company drives atriums eavesdropping on data to profile you or installs spyware even when you say no though.
  • Some prefer the Menlo Park NJ Development Model

    Say you could lock up all the experimenters in a building like Thomas Edison did, would Congress have privacy concerns? No Way Google could lock up 6000 independent explorers in a SF Convention Center for a year and get any realistic test environment. Will some one hack Glass for illegal peeping? Probably yes? Menlo Park CA is not your great grandfather's industrial engineer.