backtop


Print 5 comment(s) - last by Trisped.. on Oct 17 at 6:53 PM

Regulators demand Google offers an opt-out to its inter-service data-set merger

Google Inc. (GOOG), the king of internet software services, is taking fire from privacy regulators in a number of European Union member states over its new privacy policy.

I. Privacy Regulators Accuse Google of "Risking" User Privacy

The controversy stems from the fact that the March update radically changed how Google handled user data.  Previously, every service (e.g. YouTube, Gmail, Google Search, etc.) had its own privacy policy, and the data collected was kept more or less autonomous.  

With the update, Google rolled the policies across all its services into a single policy. It also hinted that it may be merging its cross-service data into a single gargantuan data set, which will mine a number of sensitive private details, including location, interests, age, sexual orientation, sexual habits, relationship status, religion, political views, health concerns, employment status, and more.

That change has EU regulators alarmed.

Data Mining
Google is looking to mine your sensitive personal data to a greater extent
than has ever before been possible. [Image Source: Amazon.com]

In a letter signed by 24 of the EU's 27 data regulators, plus representatives from Croatia and Liechtenstein, the officials write, "Combining personal data on such a large scale creates high risks to the privacy of users.  Therefore, Google should modify its practices when combining data across services for these purposes."

Google handcuffs
Regulators accuse Google of risking user privacy for profit. [Image Source: Gizmodo]

Significantly, the EU stopped short of saying Google's actions currently are violating EU antitrust laws.  But it did offer up a list of 12 requests that it would like Google to comply with in order to safeguard users.  Most of those requests involve clarifying the details of how certain kinds of sensitive information (say credit card numbers) would be mined and curated.

II. EU to Google: Give Users an Opt Out

But the crucial suggestion is that Google make clear whether it is planning to merge its cross-service data sets (Google hasn't quite said that it is, although most analysts believe that is what it's planning based on the latest terms of service (ToS) language). Moreover, they ask that Google give EU users an opt-out of the data set merger.

That's something, which will likely frustrate Google.  After all, a larger richer data set means better tracking and more ad revenue -- more money in Google's pocket.  If users opt out the cross-service tracking, they will potentially gain greater privacy, but likely at the cost of Google's profits.

opt out
The EU wants Google to allow users top opt out of the data-set merger.
[Image Source: My eCRM]

Thus some expect Google will fight the opt-out request, unless it is mandated.  Chris Watson, a lawyer at CMS Cameron McKenna LLP, tells Reuters, "Google is being very aggressive and are playing for high stakes because these (privacy policy) changes are very valuable to their advertising business.  They may be prepared to test the legal position in Europe to see what they can get away with."

In a statement released to Engadget, Peter Fleischer, Google's global privacy counsel, did not yet commit to any changes, commenting, "We have received the report and are reviewing it now. Our new privacy policy demonstrates our long-standing commitment to protecting our users' information and creating great products. We are confident that our privacy notices respect European law." 

So all things considered, this letter may prove only an open statement in a game of chicken played by EU regulators and Google, both of which are eyeing the other waiting for them to back down.

The debate may eventually be mirrored in the U.S., where Congress has asked Google similar privacy questions, both regarding its wired and mobile presence.

Sources: Reuters, Google [via Engadget]



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

They already have the data
By nedsand on 10/16/2012 4:36:16 PM , Rating: 3
They already have the data, they already mine it. I can't imagine there wasn't some part of the previous ToS that stated the data could be shared within the company. What's the big deal of putting it all together? People need to realize that once they put their info on the net it isn't private anymore. Still waiting for the day that Google mines my cell phone GPS data and reminds me that I need to pee.




"And boy have we patented it!" -- Steve Jobs, Macworld 2007














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki