Search


Intersection: Sidewalks & Public Space

Chapter by Melissa Ngo

"The Myth of Security Under Camera Surveillance"


  • Categories


  • Archives

    « Home

    Update: Google Responds to European Regulators on Questions About Its Privacy Policies

    In January, Google announced changes in its privacy policies that would affect users of its services, such as search, Gmail, Google+ and YouTube. Advocates and legislators questioned the changes, saying that there were privacy issues, and criticized (pdf) the Internet services giant for not including an opt-out provision. The critics included 36 U.S. state attorneys general, who wrote to (pdf) Google raising privacy and security questions about the announced privacy policy changes. The EU’s Article 29 Data Protection Working Party wrote to (pdf) Google about the privacy policy changes, which affect 60 Google services. The Working Party, which includes data protection authorities from all 27 European Union member states as well as the European Data Protection Supervisor, asked Google to halt implementation of these changes while the data protection authority in France (the National Commission for Computing and Civil Liberties, CNIL) investigates. Google refused and its new privacy policies went into effect in March.

    Last month, CNIL sent Google a lengthy questionnaire (CNIL pdf; archive pdf) about the privacy policy changes. The questionnaire “aims at clarifying the consequences of this new policy for Google’s users, whether they have a Google Account, are non authenticated users, or are passive users of Google’s services on other websites (advertising, analytics, etc.),” CNIL says.

    Now, Google has partially responded in a letter (pdf) to CNIL officials. The letter, from Google Global Privacy Counsel Peter Fleischer, addresses about a third of the questions asked by CNIL and the online services giant says it will answer the rest of the questions “as soon as complete.” In the letter, Fleischer response to the Working Party’s request for Google to halt its implementation of the new privacy policy changes while CNIL investigates:

    We realise that the decision not to pause has disappointed the Working Party. But after such an extensive notification it was difficult to see how such a pause was practically possible. At a practical level, “pausing” would have required us to launch yet another mammoth notification campaign, and would have proved confusing to our users.

    Fleischer also says, “We are convinced that the overall package of our privacy notices respects completely the requirements of European data protection laws.”

    You can read Google’s full response (pdf) for its answers to questions, such as: “Please provide the complete list of Google’s processings and services covered by the new privacy policy”; “For the following categories of data please detail the service(s) in which such data is processed and the purpose(s) of this processing”; and “Please describe when, how and in which services sensitive data may be collected by Google.”

    I will publish the company’s answer to the rest of the CNIL questions when those answers are released.

    What happens next? Jacob Kohnstamm, chairman of the Article 29 Working Party and head of the Netherlands’ data protection authority, told Reuters that Google could face a range of sanctions in the investigation. Reuters reports, “The CNIL can either issue an administrative caution, giving the company anything from a week to a few months to rectify their actions, or an outright fine, Kohnstamm said, explaining that many countries in the EU approach breaches differently.”

    Possibly related posts:

    One Response to “Update: Google Responds to European Regulators on Questions About Its Privacy Policies”

    1. Predictable Privacy Reactions to Google Drive Surface Like Clockwork Says:

      [...] a new privacy policy that would be unified across all of its products. Folks were concerned then. The EU is actually very concerned, as are a few members of the US Congress. Google Drive launched under that same policy and anyone [...]

    Leave a Reply