Friday, November 29, 2013

Google's privacy policy merger against Dutch law

Google's privacy policy merger 'against Dutch law'

ZDNet - ‎6 hours ago‎
Summary: Google's recent move to unite all the privacy policies of its various services into a single offering has been slapped down by the Netherlands' privacy regulator.
Google's privacy policy violates Dutch data protection law, Dutch DPA says
Watchdog: Google Breaching Dutch Privacy Law
Google breaches Dutch privacy laws: watchdog

Google's privacy policy merger 'against Dutch law'

Summary: Google's recent move to unite all the privacy policies of its various services into a single offering has been slapped down by the Netherlands' privacy regulator.
Google's practice of combining privacy policies across its various services has been found to be in violation of the Dutch law by the Netherlands' privacy regulator CBP (College BeschermingPersoonsgegevens) after extensive research on the matter.

Read this

Microsoft updates service terms; follows in Google's footsteps
Microsoft updates service terms; follows in Google's footsteps
While Microsoft's has clearly learned from Google's privacy policy disaster, the Redmond giant's new service agreement skirts close to the edges.
In 2012, Google implemented a significant change in its privacy policy, merging the individual policies from its numerous services into one uniform document — which, according to the search giant, was convenient and easier to understand.
However, although presented as a measure to accommodate its users, the move immediately caught the attention of regulators across Europe, because it also allowed Google to combine user data from diverse services.
That in turn, allowed Google to put together an extremely detailed user profile, all without asking its users for their permission. After all, users don't have the ability to opt out of the process of their different data sets being combined, can contain extremely sensitive information, such as their payment details, location data and details about online behaviour.
Insufficiently informed
CBP chairman Jacob Kohnstamm strongly condemned the way Google handles its user data: "The way Google has combined personal data since the introduction of the revised privacy conditions on 1 March 2012 is in violation with the Dutch Data Protection Act," he said in a statement.
"Google combines personal data of internet users obtained via different kinds of Google services without properly informing its users and without asking them for permission. Our research shows that Google does not sufficiently inform its users about what personal data the company gathers and to what end. Google is creating an invisible web of our personal data, without our permission and that, by definition, is forbidden according to Dutch law."
No legal action… yet
Although Google's practices have found to be violation of Dutch Law, the privacy regulator said it currently has no intention to fine Google, provided that the company is willing to make changes.
"We have meanwhile invited Google for a hearing, after which we will decide if and how we are going to deploy any means necessary with regard to enforcement of the law," the CBP said.
Meanwhile, the Dutch branch of Google has responded to the allegations: "Our privacy policy respects European legislation and allows us to create simpler and more efficient services. During this process, we have seized each and every opportunity to engage in discussion with the CBP and we will continue to do so."
Even though the company is claiming to be operating in compliance with European legislation, the Netherlands is not the first country to attack Google over its privacy policy. Spain, Italy, UK and Germany have either threatened Google over the privacy policy matter or actually pressed charges.
Earlier this month the regional court of Berlin ruled that various clauses in Google's contracts are unlawful, stating that a total of 25 clauses in the terms of use and privacy conditions were worded too vaguely or improperly restricted the rights of consumers.

Further reading

Topics: Privacy, Google, Legal, EU

About

Martin began his IT career in 1998 covering games and gadgets, only to discover that the scope of his interests extended far beyond that. Ironically, where he used to cover 'anything with a plug', he now focuses on the wireless world. A self-pronounced Apple enthusiast who can't live without his Windows PC, he writes tech news, reviews and tutorials for the Dutch market and stories about flying elephants for his two sons.

end quote from:

Google's privacy policy merger 'against Dutch law'

ZDNet - ‎6 hours ago‎
Summary: Google's recent move to unite all the privacy policies of its various services into a single offering has been slapped down by the Netherlands' privacy regulator.
Google's privacy policy violates Dutch data protection law, Dutch DPA says
Watchdog: Google Breaching Dutch Privacy Law
Google breaches Dutch privacy laws: watchdog

No comments: