Google in European Privacy Watchdog’s Crosshairs Yet Again

posted on JULY 5, 2013

Despite having put forth an effort in 2012 to put European countries at ease about data collection its data collection efforts, Google finds itself back in hot water over privacy concerns.

The UK’s Information Commissioner’s Office (ICO) has told Google of the perceived inadequacies in their current privacy policies and similar organizations from Germany, France and Spain have followed suit. Of course, with France being accused of having their own PRISM like way of gathering data on their citizens this rings a little hollow but that’s for another day.

The Guardian reports

Privacy watchdogs in the UK, Germany and Italy have told Google to rewrite its privacy policy in Europe or face legal sanctions, 15 months after the search giant unilaterally altered them to unify data collection.

Now the Information Commissioner’s Office in the UK says that the new privacy policy, introduced in March 2012, raises “serious questions” about compliance with the UK Data Protection Act, and has given Google until 20 September to recast it.

Meanwhile, the head of the powerful equivalent in Hamburg, Professor Johannes Caspar, announced that he will call Google into a legal hearing because the new policy “violates the company’s commitment to full transparency about the use and handling of the data”.

Google is probably scratching their little Googly heads about how to please the folks in Europe since they get blasted by the European Union then by individual countries. Although, when you give it some thought it has similar issues in the US with federal and then state law concerns.

At any rate, it’s another showdown for Google which has until September 20 to make this right. What is their response?

Google said in a statement: “Our privacy policy respects European law and allows us to create simpler, more effective services. We have engaged fully with the authorities involved throughout this process, and we’ll continue to do so going forward.”

But a spokesperson did not explain how its policy could simultaneously respect European law and be the target of censure from five European privacy authorities.

According to the Guardian story it appears as if Google went ahead with its 2012 solution to the European privacy concerns despite warnings that what was proposed was not enough.

Google said in January 2012 that it would rewrite its privacy policies to unite them across its disparate sites such as YouTube, Maps, Shopping, Mail and Search so that people’s data use would be unified. Despite warnings from the CNIL and others that the change might not be lawful, it implemented the change in March 2012.

On Thursday, the ICO said: “we believe that the updated policy does not provide sufficient information to enable UK users of Google’s services to understand how their data will be used across all of the company’s products. Google must now amend their privacy policy to make it more informative for individual service users.”

So the question begs why did it take this long to figure this out and if it took the ICO this long why are they only giving Google until Sept. 20 to put together a response?

The ICO defended the 15 months it had taken to determine that Google’s policy does not comply with privacy laws: “It’s not just about examining what is and isn’t in the privacy policy itself. It’s also about examining what the products and services actually do with the data.”

Oh ok. That’s fair.