Google to EU Privacy Watchdogs: You Can't Stop Us
Despite a request to pause its plans to alter its privacy policies and enable more cross-product data tracking, Google said it would proceed with its agenda. Boiled down to its essence, Google’s response – sent in a letter to the chairman of Europe’s Article 29 Working Party – amounts to, “We gave you plenty of notice, and we’re going ahead as scheduled.”
In the letter from Google Privacy Counsel Peter Fleischer, the company wrote:
“As you will know, we had extensively pre-briefed data protection authorities across the EU prior to the launch of our notification to users on 24 January 2012. At no stage did any EU regulator suggest that any sort of pause would be appropriate. Since we finished these extensive briefings, We have notified over 350 million Google account holders, as well as providing highly visible notices to all our non-authenticated users. In addition, the policy does not come into effect until 1 March 2012, as we wanted to leave more than adequate time for our users to be able to read and understand the policy before it’s fully implemented.”
On Feb. 2, Jacob Kohnstamm, chairman of the Article 29 Working Party, sent a curt letter to Google CEO Larry Page, requesting “a pause in the interests of ensuring that there can be no misunderstanding about Google’s commitments to information rights of their users and EU citizens, until we have completed our analysis.” That analysis was to be performed by the French data agency, Commission nationale de l’informatique et des libertés.
The Article 29 Working Party is a European Union body representing several data authorities charged with promoting cross-Europe privacy practices.
Google’s response to the group included language that also appeared in a recent letter sent to U.S. lawmakers, in response to their request for detailed information about the company’s privacy changes.
“[Google is] committed to this. They feel they have to do this,” said Justin Brookman, director of the Center for Democracy and Technology’s Consumer Privacy Project, one of the organizations briefed by Google about its planned policy changes before it announced them. However, he suggested, Google should be clearer that certain data sharing will not happen. For instance, although Google will not combine login data relating to user activity in services like Gmail, YouTube, or Google search with DoubleClick data, the company has not stressed that publicly.
Last week Google said that starting March 1, 60 of the more than 70 privacy policies associated with its various platforms and services will be condensed into one, simpler policy. The consolidation makes cross-platform data tracking – much of which has already been active across some Google products – more transparent to users.
Google’s response this week to an inquiry from eight U.S. House Members about its policy announcement did not go down well. “Despite Google’s recent response, it still appears that consumers will not be able to completely opt-out of data collection and information sharing among Google’s services. Congress and consumers need more details, and I look forward to meeting with Google to get clarification about what the options are for consumers who wish to say no to these new changes,” said Rep. Ed Markey, co-chair of the privacy caucus, in a statement.
The uproar over Google’s privacy plans comes on the heels of a call from Neelie Kroes, VP of the European Commission, for a global do-not-track framework. The standard should be suitable for all providers of digital goods and services and satisfy laws around the world, she said. Throwing down the gauntlet, Kroes also called for an agreement on the DNT standard by June.
“Good luck to those of you developing the standard,” said Kroes, in a Jan. 24 English-language video statement.