Google Rebuked by EU Privacy Watchdogs Over Data Protection

By Stephanie Bodoni and Heather Smith - Oct 15, 2012 11:07 PM GMT+0530

Google Inc. (GOOG) was told by European Union regulators to bolster its privacy policy in a warning that may trigger a new round of clashes with data-protection watchdogs across the bloc.

The company “empowers itself to collect vast amounts of personal data about Internet users” without demonstrating that this “collection was proportionate,” the privacy regulators said in a letter today to Chief Executive Officer Larry Page, obtained by Bloomberg News.


“Google should modify its practices when combining data across services,” according to the letter. The company should clarify why and how it combines data, and report on how it processes users’ personal information, the regulators said.

Google, operator of the world’s largest search engine, is facing privacy investigations by authorities around the world as it debuts new services and steps up competition with Facebook Inc. (FB) for users and advertisers. Google changed its system this year to create a uniform set of policies for more than 60 products, unleashing criticism from regulators and consumer advocates concerned it isn’t protecting data it collects.

Google spokeswoman Niki Fenwick declined to comment on the letter today.


Street View

Google has also faced scrutiny over its Street View mapping service after cars it sent out to take photos collected so- called payload data from unrestricted Wi-Fi networks. The company said it was done mistakenly. CNIL issued its heaviest sanction after the incident, fining the company 100,000 euros ($129,000) in 2011.

Google described the policy, which took effect on March 1, as “providing users with clear and comprehensive information about how we use data,” according to an Oct. 11 e-mail from Brussels-based spokesman Al Verney. “We are confident that our privacy notices respect the requirements of European data protection laws,” he said.

Google should work with data-protection authorities when it devises services that could impact users’ privacy, and was asked to give CNIL a schedule for when it “will update its privacy policy and practices to implement our recommendations,” according to the letter.


Sanction Powers

Some European authorities, like CNIL, can impose fines for non-compliance, though the letter contained no details on the consequences of refusing to change the policy. Google twice rebuffed CNIL requests to wait to implement the changes until it could assess whether they comply with the bloc’s standards.

“There’s a bit of ‘payback’ here as well,” said Greg Sterling, an analyst at Opus Research in San Francisco. “Google decided to go ahead and implement the new policy despite being asked to delay it by European regulators who wanted more time to study it.”



Disclaimer : This message (including attachment if any) is confidential and may be privileged. If you have received this message by mistake please notify the sender by return e-mail and delete this message from your system. Any unauthorized use or dissemination of this message in whole or in part is strictly prohibited. E-mail may contain viruses. Before opening attachments please check them for viruses and defects. While Napier HealthcareSolutions India Ltd. (Napier) has put in place checks to minimize the risks, Napier will not be responsible for any viruses or defects or any forwarded attachments emanating either from within Napier or outside.