• »
  • Google might face hundreds of thousands of dollars in fines in France for privacy violations. Small potatoes to the company, but the ruling could portend a more difficult relationship between Europe and Google. On the day of Google's 15th birthday, the French regulatory agency CNIL prepares to sanction the company. (Credit: Google/Screenshot by CNET) Following Google's refusal to implement privacy policy changes demanded by the French privacy commission CNIL, the data privacy protection group says that it will sanction the company. Google could owe France E150,000 for the violation, and then another E300,000 if it still refuses to comply three months after the first fine. However, CNIL has not ruled on what sanctions, if any, it will demand of the company. That news is expected sometime in the next week. Not surprisingly, Google says that it's in compliance with the law. "Our privacy policy respects European law and allows us to create simpler, more effective services. We have engaged fully with the CNIL throughout this process, and we'll continue to do so going forward." CNIL regulators disagreed with that assessment. "On the last day of the three-month time period given to Google, Inc., the company contested the reasoning followed by the CNIL, and notably the applicability of the French data protection law to the services used by residents in France," the agency wrote on its Web site. The next step is for CNIL to appoint a rapporteur to initiate the possibility of sanctions, which could include the fines. CNIL is asking that Google: Define specified and explicit purposes; Inform users with regard to the purposes of the processing implemented; Define retention periods for the personal data processed; Not proceed, without legal basis, with the potentially unlimited combination of users' data; Fairly collect and process passive users' data; Inform users and then obtain their consent in particular before storing cookies in their terminal. Privacy experts are watching the case closely, because it could be the first in a new round of attempts by European governments to keep large American data-and-services companies like Google and Facebook in check with stricter enforcement of existing laws. The case is important, said the Electronic Privacy Information Center's executive director Marc Rotenberg, "because the changes that Google made to its privacy policies in March of 2012 were opposed by many people." Rotenberg is referring to Google's unified privacy policy, which gave it the legal protection to share user data between its different services such as Gmail and YouTube, and is at the heart of the CNIL decision. Sarah Downey, a privacy and law analyst with privacy-focused startup Abine, said that some of what CNIL is demanding is "very reasonable." "Google should be able to answer how long they hold on to your data," she said. Justin Brookman, the head of the Center for Democracy and Technology's Project on Consumer Privacy, said that Google is "probably more concerned about [Federal Trade Commission] enforcement than European regulator enforcement," noting that the company had to pay a $22 million dollar fine for tracking cookie violations in Safari. While Downey said that Google should be able to answer basic questions about what it's doing with your data, Brookman explained that Google might not know, and that could be part of why it's willing to take the hit from European regulators. "From Google's perspective, they're probably not sure what they're going to do with the data right now. 'People trust us with the data, but we're going to do awesome things with it because we're Google.'" Related stories: Google's reading of Gmail e-mail can be challenged, judge rules Google celebrates 15 years of its biggest product: You Congress unveils bill to limit NSA's powers John McAfee wants to make the Internet unhackable California gives teens an 'eraser button' to hide online skeletons Brookman did lament Google's lack of forthrightness in how long it keeps user data, echoing Downey, CNIL, and other privacy experts. "It's ironic and hypocritical that Google wants to be able to talk about what's happening with the NSA, but they don't want to talk about what's happening with their own company," said Downey. While the Electronic Privacy Information Center's executive director Marc Rotenberg said that it's important not to rush to conclusions on how CNIL will sanction Google, he did say that the situation has become more complex because of the NSA spying. "From the European perspective, [the NSA spying] is pretty much a nightmare because you worry about your commercial and confidential information becoming available to your international competitors," he said. Even after CNIL makes a decision about what to do with Google, the company is not likely to stay out of regulator's crosshairs for long. One potential target, said Rotenberg, is the company's new Search engine algorithm, Hummingbird. "Hummingbird is completely a black box. They have no idea what it does, nobody has access to the code and no one can evaluate it," he said. "I'm not trying to gang up on Google here. But it's an enormous irony that they want more to be available, but are very private with their own data." Also being discussed are what Downey described as "big changes" to the European Union's privacy rules. One of these, the hotly debated "right to be forgotten," would let you remove yourself from the Internet. "It seems like Google is just going to keep getting in trouble," she said, but doesn't think that potential changes will affect how the company handles user privacy. "Will it change how Google does business? I don't see why it would," she said.

Google might face hundreds of thousands of dollars in fines in France for privacy violations. Small potatoes to the company, but the ruling could portend a more difficult relationship between Europe and Google. On the day of Google's 15th birthday, the French regulatory agency CNIL prepares to sanction the company. (Credit: Google/Screenshot by CNET) Following Google's refusal to implement privacy policy changes demanded by the French privacy commission CNIL, the data privacy protection group says that it will sanction the company. Google could owe France E150,000 for the violation, and then another E300,000 if it still refuses to comply three months after the first fine. However, CNIL has not ruled on what sanctions, if any, it will demand of the company. That news is expected sometime in the next week. Not surprisingly, Google says that it's in compliance with the law. "Our privacy policy respects European law and allows us to create simpler, more effective services. We have engaged fully with the CNIL throughout this process, and we'll continue to do so going forward." CNIL regulators disagreed with that assessment. "On the last day of the three-month time period given to Google, Inc., the company contested the reasoning followed by the CNIL, and notably the applicability of the French data protection law to the services used by residents in France," the agency wrote on its Web site. The next step is for CNIL to appoint a rapporteur to initiate the possibility of sanctions, which could include the fines. CNIL is asking that Google: Define specified and explicit purposes; Inform users with regard to the purposes of the processing implemented; Define retention periods for the personal data processed; Not proceed, without legal basis, with the potentially unlimited combination of users' data; Fairly collect and process passive users' data; Inform users and then obtain their consent in particular before storing cookies in their terminal. Privacy experts are watching the case closely, because it could be the first in a new round of attempts by European governments to keep large American data-and-services companies like Google and Facebook in check with stricter enforcement of existing laws. The case is important, said the Electronic Privacy Information Center's executive director Marc Rotenberg, "because the changes that Google made to its privacy policies in March of 2012 were opposed by many people." Rotenberg is referring to Google's unified privacy policy, which gave it the legal protection to share user data between its different services such as Gmail and YouTube, and is at the heart of the CNIL decision. Sarah Downey, a privacy and law analyst with privacy-focused startup Abine, said that some of what CNIL is demanding is "very reasonable." "Google should be able to answer how long they hold on to your data," she said. Justin Brookman, the head of the Center for Democracy and Technology's Project on Consumer Privacy, said that Google is "probably more concerned about [Federal Trade Commission] enforcement than European regulator enforcement," noting that the company had to pay a $22 million dollar fine for tracking cookie violations in Safari. While Downey said that Google should be able to answer basic questions about what it's doing with your data, Brookman explained that Google might not know, and that could be part of why it's willing to take the hit from European regulators. "From Google's perspective, they're probably not sure what they're going to do with the data right now. 'People trust us with the data, but we're going to do awesome things with it because we're Google.'" Related stories: Google's reading of Gmail e-mail can be challenged, judge rules Google celebrates 15 years of its biggest product: You Congress unveils bill to limit NSA's powers John McAfee wants to make the Internet unhackable California gives teens an 'eraser button' to hide online skeletons Brookman did lament Google's lack of forthrightness in how long it keeps user data, echoing Downey, CNIL, and other privacy experts. "It's ironic and hypocritical that Google wants to be able to talk about what's happening with the NSA, but they don't want to talk about what's happening with their own company," said Downey. While the Electronic Privacy Information Center's executive director Marc Rotenberg said that it's important not to rush to conclusions on how CNIL will sanction Google, he did say that the situation has become more complex because of the NSA spying. "From the European perspective, [the NSA spying] is pretty much a nightmare because you worry about your commercial and confidential information becoming available to your international competitors," he said. Even after CNIL makes a decision about what to do with Google, the company is not likely to stay out of regulator's crosshairs for long. One potential target, said Rotenberg, is the company's new Search engine algorithm, Hummingbird. "Hummingbird is completely a black box. They have no idea what it does, nobody has access to the code and no one can evaluate it," he said. "I'm not trying to gang up on Google here. But it's an enormous irony that they want more to be available, but are very private with their own data." Also being discussed are what Downey described as "big changes" to the European Union's privacy rules. One of these, the hotly debated "right to be forgotten," would let you remove yourself from the Internet. "It seems like Google is just going to keep getting in trouble," she said, but doesn't think that potential changes will affect how the company handles user privacy. "Will it change how Google does business? I don't see why it would," she said.

Posted by : Unknown Friday, September 27, 2013

Google might face hundreds of thousands of dollars in fines in France for privacy violations. Small potatoes to the company, but the ruling could portend a more difficult relationship between Europe and Google.




On the day of Google's 15th birthday, the French regulatory agency CNIL prepares to sanction the company.


(Credit: Google/Screenshot by CNET)

Following Google's refusal to implement privacy policy changes demanded by the French privacy commission CNIL, the data privacy protection group says that it will sanction the company.


Google could owe France E150,000 for the violation, and then another E300,000 if it still refuses to comply three months after the first fine. However, CNIL has not ruled on what sanctions, if any, it will demand of the company. That news is expected sometime in the next week.


Not surprisingly, Google says that it's in compliance with the law. "Our privacy policy respects European law and allows us to create simpler, more effective services. We have engaged fully with the CNIL throughout this process, and we'll continue to do so going forward."


CNIL regulators disagreed with that assessment. "On the last day of the three-month time period given to Google, Inc., the company contested the reasoning followed by the CNIL, and notably the applicability of the French data protection law to the services used by residents in France," the agency wrote on its Web site.


The next step is for CNIL to appoint a rapporteur to initiate the possibility of sanctions, which could include the fines. CNIL is asking that Google:




  • Define specified and explicit purposes;

  • Inform users with regard to the purposes of the processing implemented;

  • Define retention periods for the personal data processed;

  • Not proceed, without legal basis, with the potentially unlimited combination of users' data;

  • Fairly collect and process passive users' data;

  • Inform users and then obtain their consent in particular before storing cookies in their terminal.



Privacy experts are watching the case closely, because it could be the first in a new round of attempts by European governments to keep large American data-and-services companies like Google and Facebook in check with stricter enforcement of existing laws.


The case is important, said the Electronic Privacy Information Center's executive director Marc Rotenberg, "because the changes that Google made to its privacy policies in March of 2012 were opposed by many people."


Rotenberg is referring to Google's unified privacy policy, which gave it the legal protection to share user data between its different services such as Gmail and YouTube, and is at the heart of the CNIL decision.


Sarah Downey, a privacy and law analyst with privacy-focused startup Abine, said that some of what CNIL is demanding is "very reasonable."


"Google should be able to answer how long they hold on to your data," she said.


Justin Brookman, the head of the Center for Democracy and Technology's Project on Consumer Privacy, said that Google is "probably more concerned about [Federal Trade Commission] enforcement than European regulator enforcement," noting that the company had to pay a $22 million dollar fine for tracking cookie violations in Safari.


While Downey said that Google should be able to answer basic questions about what it's doing with your data, Brookman explained that Google might not know, and that could be part of why it's willing to take the hit from European regulators.


"From Google's perspective, they're probably not sure what they're going to do with the data right now. 'People trust us with the data, but we're going to do awesome things with it because we're Google.'"



Related stories:




Brookman did lament Google's lack of forthrightness in how long it keeps user data, echoing Downey, CNIL, and other privacy experts.


"It's ironic and hypocritical that Google wants to be able to talk about what's happening with the NSA, but they don't want to talk about what's happening with their own company," said Downey.


While the Electronic Privacy Information Center's executive director Marc Rotenberg said that it's important not to rush to conclusions on how CNIL will sanction Google, he did say that the situation has become more complex because of the NSA spying.


"From the European perspective, [the NSA spying] is pretty much a nightmare because you worry about your commercial and confidential information becoming available to your international competitors," he said.


Even after CNIL makes a decision about what to do with Google, the company is not likely to stay out of regulator's crosshairs for long. One potential target, said Rotenberg, is the company's new Search engine algorithm, Hummingbird.


"Hummingbird is completely a black box. They have no idea what it does, nobody has access to the code and no one can evaluate it," he said.


"I'm not trying to gang up on Google here. But it's an enormous irony that they want more to be available, but are very private with their own data."


Also being discussed are what Downey described as "big changes" to the European Union's privacy rules. One of these, the hotly debated "right to be forgotten," would let you remove yourself from the Internet.


"It seems like Google is just going to keep getting in trouble," she said, but doesn't think that potential changes will affect how the company handles user privacy.


"Will it change how Google does business? I don't see why it would," she said.



Translate

Like fanpage

Popular Post

Blog Archive

Powered by Blogger.

- Copyright © News and design logo -Metrominimalist- Powered by Blogger - Designed by Johanes Djogan -