EU Questions Google Privacy Policy

An anonymous reader writes "The BBC is running a piece noting that the EU is scrutinizing Google's privacy policy this month. The company's policy of keeping search information on their servers for up to two years may be violating EU privacy laws. A data protection group that advises the European Union has written to the search giant to express concerns. The EU has a wide range of privacy protections that set limits to what information corporations may collect and what they may or may not do with it. In the US on the other hand privacy laws generally cover government actions while the business sector remains largely unregulated. Is it perhaps time to follow the European example and extend privacy laws to include corporations?"

Absolutely not.

[TodMinuit]

Is it perhaps time to follow the European example and extend privacy laws to include corporations?

No. Don't like it, don't use it. It's your job to look after your privacy, not the Governments.

Re:Absolutely not.

[Frosty+Piss]

Not everyone is a Libertarian. Some people are Socialists.

Re:Absolutely not.

[daeg]

While I generally concur, something at least needs to be done to simplify the legal system. There is no reason a privacy policy cannot be a short, concise, two sentences.

"[Company] collects information which you may wish to remain private. [Company] retains the information for up to 2 years, and information may be made available to outside vendors without your consent."

Almost everyone can understand that. It's still a high reading level (generally), but far simpler than the 8 page privacy policy most companies have.

Re:Absolutely not.

[AuMatar]

No, it isn't my job and it shouldn't be. I have a *right* to privacy. Corporations have no right to keep, much less distribute, most of the information they store.

Re:Absolutely not.

[TodMinuit]

The right to privacy is the right to be free from outside intrusions into your personal matters. Willingly giving up private data by, say, searching the Internet is in no way a violation of your right to privacy.

Re:Absolutely not.

[dwater]

IMO, it's not at all obvious that the act of searching for something gives up an private data.

Re:Absolutely not.

[siddesu]

_willingly_ giving up privacy data is the key. willingly implies knowlingly. do you _know_ what kind of data google collects from all its services and how it uses it to track you? if you don't _know_, then you're not willingly giving up your privacy, you're being conned into giving up your data.

I for one want to know very much how are they using the data from the web stats service google provides. I see that everyone and their dog have the scripts, and while I agree to disclose some statistics to the sites that I'm visiting, I don't remember ever agreeing to disclose the same information to google.

Re:Absolutely not.

[hcmtnbiker]

Google should effectively has part ownership to everything you do on their servers. And therefore they have the right to what to do with it, if you don't like what they do don't share information with them, it's that simple.

Re:Absolutely not.

[zzatz]

You've made an assertion without providing any supporting evidence, explanation, or argument. The only value such unsupported assertion holds is as a litmus test to demonstrate that you belong to a group with a certain idealogy. Why isn't it the government's job to play a role in protecting the right to privacy? Arguably, government's most important job is to protect the rights of all people, such as life, liberty, freedom of conscience, freedom to associate with whoever you choose, and so on.

Corporations cannot and do not exist outside of laws created by governments. Corporations are not natural persons with inherent rights. It is government that provides the legal framework that limits the liability of the shareholders in a corporation, provides corporations with the ability to own property, and provides corporations any existence as a legal entities at all. The limits on the owner's liability are balanced with limits on the powers of the corporation. There is every reason for government to define and limit what corporations may and may not do.

The Founding Fathers of the US were familiar with the ways in which governments could abuse power, so they found ways to limit and control that power. But in today's world, corporations often hold as much or more power over our lives, and it is worth considering applying the same sort of checks and balances to corporations. The Constitution of the US flat-out prohibits the Federal Government from some areas, and perhaps the same thing needs to be done with corporations.

Re:Absolutely not.

[instagib]

So, if you like something and use it, like a website on growing pot, or street racing, or Al-Jazeera, and because of some investigation your data ends up matching possible suspects, and you are arrested - you just say "well my fault, shouldn't have visited that site"? Are you really able to censor yourself in a way that nothing could interpreted as suspicious? It seems unrealistic to me. A basic regulated privacy protection might be helpful indeed.

Re:Absolutely not.

[zzatz]

No, Google does not have the right to do whatever they like with everything on their servers, and neither does anyone else. You may have heard of copyrights, patents, and trademarks. Google has copyrighted information on their servers. The law gives them limited rights to use that information, but they need permission from the copyright holder to do other things with it.

A case can be made that I hold copyright to information about me, or a right to privacy which may work like copyright. That is, Google is free to use any personal information which I provide them for internal use, but that they need my permission to distribute it to anyone else.

I'm not worried about first-hand information collection. It's the sharing and selling, and absense of responsibility for accuracy, that poses the potential for abuse.

Re:Absolutely not.

[sumdumass]

This is the Internet, it is the new century. If there was one thing we should have learned by now is that nothing is free. You have to assume the have something to gain by letting you use their services free of charge.

However, I'm not aware Google sells this information to anyone rather it does marketing research for it's advertising departments. Storing the search information to let them analyze the in for and turn an extra dollar from the advertising could mean the difference from paying a service fee to use Google (insert any search engine) verses continuing to have if free.

I'm not against a company colecting information. I think they should be upfront with it unlike the license swipes they do when you buy beer at the store the give your recorded info to their vendors so you get a bunch of coupons for shit you would never buy. I also think that if they are selling this information to another vendor for profit, you should get a cut of that profit because it is your information after all. You should be able to check what they have on you and object at any time (like the shopping center loyalty cards claiming I have 3 dozen boxes of condoms that I purchased in the last 2 months) and you should be protected if anyone got any information that wasn't directly authorized or was able to use this to fraud you or someone else using your name. There is no reason to go through the hell of fixing an identity theft issue because some company kept a database and didn't lock it up.

Re:Absolutely not.

[sm4096]

This argument is critically flawed. Just because they collected information does not mean they could do with it as they please... Even ignoring copy-write, it may be desirable for Information that is gathered and refined, and distilled from public domain to be restricted. As a example, monitoring security even from public areas, for the purpose of planning a attack could be used as evidence for treason. More intrinsically there could exist other reasons it is desirable to restrict collecting of this information. I used that example because some people do not place much value in privacy.

Re:Absolutely not.

[someone1234]

Yeah, but your own government is run by private companies, so what do you do.

Re:Absolutely not.

[h2g2bob]

The largest part of the data laws is this:
1. Tell people what data you are collecting from them
2. Keep the data you collect safe

This allows you to "look after your privacy", as you suggest.

Re:Absolutely not.

[martin-boundary]

Utterly nonsensical. Privacy is like security, it's the job of the government to provide it to everybody, period.

Re:Absolutely not.

[powermacx]

You don't think your government should care. I am glad mine does.

From the (amended in 1994) Argentinian Constitution:
"Any person shall file this action to obtain information on the data about himself and their purpose, registered in public records or data bases, or in private ones intended to supply information; and in case of false data or discrimination, this action may be filed to request the suppression, rectification, confidentiality or updating of said data."

http://en.wikipedia.org/wiki/Habeas_Data

Re:Absolutely not.

[AuMatar]

Using a search engine is not willingly giving up my data. Unless you have a signed contract by me saying I give it up, I haven't given you permission to take any data from me.

And truthfully, I disagree even with your premise. Unless you have the ability to do the same transaction without giving up your data, it isn't a willing exchange but coercion.

Re:Absolutely not.

Arguably, government's most important job is to protect the rights of all people, such as life, liberty, freedom of conscience, freedom to associate with whoever you choose, and so on. A limited government, in general, does not define specific rights that the people have and that the government must protect. It assumes that the people have all of those rights except those they have given to the government. The government does not give you the right to life, liberty, and the pursuit of happiness. You have given the government parts of those rights as necessary to operate the state. If you haven't delegated a right to the government, then it is yours by default.

The Founding Fathers were smart enough to write the Constitution so that the government had no part in protecting rights. It always annoys me when somebody spouts off that protecting rights is the most important job of the government. While the government today does that to a small degree, it was not designed for that purpose and it is far from its most important job (hint: read the Preamble). When people talk about rights being protected by the Constitution, what they really mean is that the Constitution expressly prohibits the government from taking an action. This is far from *actively* protecting rights.

Re:Absolutely not.

[dwater]

Why should we trust google?

I prefer they just don't collect the information in the first place, though I'm not sure how we can be sure that they don't. They can still put up adverts, if they want.

In any case, I don't see any option for me to pay for a google service without adverts.

Re:Absolutely not.

[sumdumass]

The constitution describes the government's job or role in america. Along with the declaration of independence and such that led us into the country we are. I don't see anything in the constitution that says protecting people privacy from everyone else. Now state or local governments might have something but none that I'm familiar with.

Arguably, government's most important job is to protect the rights of all people, such as life, liberty, freedom of conscience, freedom to associate with whoever you choose, and so on.

I'll give you the argument you asked for. I don't believe it is the government's job to do any of these. It is however their job not to impose restrictions on it. You need to have your own freedom, not the freedom the government describes for you. And that is exactly what happens when it becomes the government's job to protect these things. We are already over regulated and over restricted because the government felt it need to protect the people form something. Now some things which effected health and safety of the people are a no brainer, but we have long past that.

In fact, when people cry and moan that they cannot do anything or can't succeed in life, I can't answer with anything other then thats what happens when we look to the government for everything. And typically, they push some reply to the effect of the government should do something about it which gets us into more trouble.

Corporations cannot and do not exist outside of laws created by governments. Corporations are not natural persons with inherent rights. It is government that provides the legal framework that limits the liability of the shareholders in a corporation, provides corporations with the ability to own property, and provides corporations any existence as a legal entities at all. The limits on the owner's liability are balanced with limits on the powers of the corporation. There is every reason for government to define and limit what corporations may and may not do.

We extend these rights to corporations because they act as an autonomous vehicle in most cases and are completely dislocated from the investors. There is no reason why you should goto jail or have to file bankruptcy if I barrow $20 for an invention, it kills a bunch of people and I get sued into oblivion. To assume you should he held liable is wrong at best and naive to be more precise. Especially if you have no say into anything other then giving me $20 to get started. And to an extent the government already defines and limits the powers of any corporation.

I am not against laws regulating what they can do with the information and I'm not against laws describing how safe they must keep it. But regulating corporations because you can doesn't make much sense when they are the one giving jobs and using materials that cause jobs to be made/availible.

The Founding Fathers of the US were familiar with the ways in which governments could abuse power, so they found ways to limit and control that power. But in today's world, corporations often hold as much or more power over our lives, and it is worth considering applying the same sort of checks and balances to corporations. The Constitution of the US flat-out prohibits the Federal Government from some areas, and perhaps the same thing needs to be done with corporations.

I'm not apposed to limiting corporations or having checks and balances involved with them. However, I have this suspicion that we have to different ideas of checks and balances and we wouldn't agree with each other much at all. Some people have a dislike for corporations, I'm not one of them. There are bad corporations out there but it isn't reflective the the entirety of them. And I think we need to consider this as much as we do race. Certain racial classifications tend to have a higher percentage of the race convicted of crimes. But it would be insane to consider everyone of that race a criminal. With a fe

Re:Absolutely not.

[General+Wesc]

_willingly_ giving up privacy data is the key. willingly implies knowlingly. do you _know_ what kind of data google collects from all its services and how it uses it to track you? if you don't _know_, then you're not willingly giving up your privacy, you're being conned into giving up your data.

I certainly know what information I'm giving them. What I don't know is how much they store and how effectively they piece it all together. Why do I need to know what Google is doing with my data? I gave them my data, and so long as they don't violate an agreement I made with them, they aren't conning me.

Re:Absolutely not.

[babbling]

I actually see the current state of things in the US as a loophole. As long as the government outsources their spying, they can go unregulated. They can subpoena companies at any time and gain access to any data that those companies have.

Re:Absolutely not.

[sumdumass]

Why shouldn't we trust Google?

And why would you think they need an alternative to their current business model if you don't like it? Your option is to find another search engine or whatever you use Google for. When your hungry for steak, you don't necessarily goto a fish shack for dinner complaining you couldn't get steak, you goto a steak house instead.

Re:Absolutely not.

[dwater]

Trouble is, we don't really know what Google does with this.

It's more like going to a steak restaurant only to find that they serve BSE.

Re:Absolutely not.

[LynnwoodRooster]

So if I ask you how to get to Grand Central Station, you do not have the right to remember that I asked you that?

See, you kind of ASK Google to find information FOR YOU. You're requesting a service of them. They keep that request. You VOLUNTARILY GAVE THE REQUEST to them. How you can expect to keep that "private" from them, after you willingly gave it to them, is a bit incomprehensible to me.

Re:Absolutely not.

[sumdumass]

As far as I know, this information can't directly link you personally. IT is IP addresses looking for X or Y. So even if they did do something with the information, it isn't likely you could gain much from it. Well, that is unless you goto goggle saying I have an IP and a court order, gimme everything on them. But then the courts have been involved and the only chances the government has to violate your privacy is when the courts are involved.

There might be more to it then just an IP. They might have a user name from some operating systems or a MAC address to go with it. Google has a privacy statement, I wonder what it says.

here is a link to their privacy policy. This is just the outline and the detailed ones are linked to from there. It appears though that they use all personal information in house and require all third parties to comply with their policy. Also they claim to aggregate the information without personal stuff and offer it to third parties. The claim about the only time they will give personal information out it

We may also share information with third parties in limited circumstances, including when complying with legal process, preventing fraud or imminent harm, and ensuring the security of our network and services.

Of course there might be more in the full policy. And it also appears there are some options when signing up thier stuff about your personal information. SO maybe going to another site isn't the only other option.

Re:Absolutely not.

[siddesu]

Good for you. I certainly don't know what data they have about me, where are they getting it from, and how are they putting it together. I much rather have a legal mechanism that requires them to tell me what data they have about me if I ask, and enables me to have it removed, then not.

I used to live in a society in which detailed files on people were customarily kept, and used to make people behave. From my experience, allowing any company (or organization, for that matter) to have data files on people without any option of the people to control what's in those files and who's accessing them isn't the smart thing to do.

But to each their own.

Re:Absolutely not.

[Lavene]

I would think a lot of us (as in slashdot readers) know what information we leave behind. We also know how to avoid it by using proxies, spoof our useragent etc. So if we are concerned about our privacy we can do something about it. My mom however can not. She haven't got a clue about IP, user agent, cookies and what have you. There is no way she can protect her self and claiming that she agrees to give up that information becomes meaningless. My mom uses her common sense. If a site states a warning: "Your IP will be logged" it scares her and she closes her browser. She doesn't know what it means only that she will not have whatever-it-is logged. Trying to explain to her that her IP is always logged somewhere anyway just produces a blank stare.

She does not like the idea of someone being able to look at what she does online however innocent it is but she has no way of understanding what is 'safe' and what is not. And things like the google privacy policy might just as well be written in greek because it's meaningless to her.

Privacy protection should absolutely be a government issue. After all we elect our governments to work on our behalf. Like you say in the US: "We. the people".

Re:Absolutely not.

[Psx29]

I think there should be a law that says privacy policies cannot exceed 1KB

Re:Absolutely not.

[VON-MAN]

Simplify the legal system? Are you totally mad?

Nobody is better of with simpler laws! Not big business, not politicians and not the lawyers. Just imagine, someone from the general public reads your policy or the law, and really understands it. Do you understand the potential dangers there?

No, simpler laws is in nobodies interest. At least not somebody who has something to say about it.

Re:Absolutely not.

[VariableGHz]

do you _know_ what kind of data google collects from all its services and how it uses it to track you? if you don't _know_, then you're not willingly giving up your privacy, you're being conned into giving up your data.

I could guess. I recall reading that some of their records keep until something like 2038, while Yahoo and Microsoft retain it for much less like 2 to 3 years. Other things they could track, IP address, browser information, etc. People who are hardcore about protecting privacy use proxys and don't just jump right into Google running IE6. I tried out using the Scroogle Scraper for a while, but it just got too annoying after a while since it doesn't have the ability to go to the next page, so the results are somewhat limited -- but it does promise: No cookies, No search-term records and the access log is deleted within 48 hours. Not bad, don't forget to recycle your tinfoil hat.

Re:Absolutely not.

[VON-MAN]

"so long as they don't violate an agreement I made with them, they aren't conning me"

Yes, that is very "insightful". However, since you have no way of knowing what google does, you don't know if google is conning you.

Re:Absolutely not.

[AuMatar]

You aren't a corporation, and you aren't storing the information in a database for later data mining. There's a world of difference.

Re:Absolutely not.

Some people have a dislike for corporations, I'm not one of them.

You should and this is coming from a pro-capitalist, Ayn Rand fanboy. If you libel Disney, you can be sued at the cost of a small fortune. If Equifax libels you (your finanical status), they have government-granted immunity. Tough cookies. This is one example of the numerous anti-freedom, anti-capitalist, asymmetric abuses that corporations successfully lobby through government. Granted, it is the people's fault for letting this happen, that is no less a reason to hate the trigger men.

Re:Absolutely not.

Do you KNOW what information someone collects about you when they meet you? You may not _realize_ it, but you do _know_ what information they could collect about you. If you meet someone and they note your hair color, are they invading your privacy by collecting information about you that you don't "know" about? Of course not. You simply do not realize that they noted your hair color. How long they retain this information and how they decide to use it is also entirely up to them. The fact of the matter is, we _know_ what information Google could potentially be gathering from us, but we don't _realize_ exactly what information they choose to keep.

Re:Absolutely not.

[zzatz]

Perhaps I did express myself clearly. Rights are not entitlements. For example, you have a right to publish your thoughts, but you are not entitled to a printing press.

The basis of the Constitution is that people have inalienable rights, and it specifies one form of government derived from those rights. It enumerates certain rights, but in no way claims that the list of rights is exhaustive. Courts can and have held that other rights are inalienable and thus covered by the Constitution. These are not privileges granted by the government to the people, they are rights of the people. People are not given rights by the Constitution, they are born with inalienable rights.

Privacy has been ruled to be an inalienable right by the Supreme Court, even though it is not specifically listed in the Constitution. Of course, most of our familiar rights weren't listed in the original version. The First Amendment did not create the right to speak freely, we always had that right, it is inalienable. The First Amendment simply acknowledged it, similar to codifying common law into statute law. Some state constitutions, such as California's, do list privacy. Others don't. I'm convinced that privacy is an inalienable right.

Law is made where rights collide and conflict. As often put, your right to swing your fist ends at my nose. In the US, privacy is a right, but one that is poorly defined and with unknown boundaries. I think that European laws provide good guidance, and would like to similar laws here. My image and voice cannot be used without my permission, outside of fair use exemptions. How is other personal information any different?

Re:Absolutely not.

[siddesu]

meeting someone isn't the same thing as your information being retained by a corporation, and in a context in which you aren't even aware of them collecting. it is more like you meeting someone, while at the same time someone else behind the door is sitting quietly and taking notes of your meeting.

thankyouvermuch, but I don't like it ;)

Re:Absolutely not.

[VJ42]

I much rather have a legal mechanism that requires them to tell me what data they have about me if I ask, and enables me to have it removed, then not Say what you like about privacy here in the UK, but we have the data protection act, which does exactly that (if I give them aproximate times and places, I can even make people trawl through CCTV footage and show me any pictures of me they have). And if I don't want info x to be on the database of company y, then I can tell them to remove it.

Re:Absolutely not.

[Jerome+H]

As far as I know, this information can't directly link you personally. IT is IP addresses looking for X or Y.

Never heard of cookies ? Agree you can disable them or wipe the out from your system... but most people don't.

Re:Absolutely not.

[nospam007]

So if I ask you how to get to Grand Central Station, you do not have the right to remember that I asked you that?
--
Sure but not the right to mark me with a number, get a photo of me, store my photo in a database, sell it to the railway and every pizzeria on the way to the station and bore me to death with useless spam in the future.

I once searched for xxl t-shirts for a friend without pc on ebay and now it's full of "lose 100 pound in 10 weeks" stuff I don't want to see. And there I even pay for the service.

Re:Absolutely not.

[sumdumass]

Actually, your misinterpreting events. Equifax isn't libeling you, someone or something else reports this information to them and whoever done it is the one who libels you. And Equifax has a process to challenge their claims and make the report correct. Similarly, If you libel Disney, and then make the assertion that the information you printed was wrong, then they cannot sue you anymore. Well, they can but it won't be as effective.

This is like you printing a statement I said and then you being sued for it, even though you later said I was off my rocker. This isn't a government granted immunity, it is the order of events.

Re:Absolutely not.

[General+Wesc]

I do if I don't make any agreements with them.

Of course, I have.

Re:Absolutely not.

[LynnwoodRooster]

What if I ask for that information up-front, and the right to take a picture of you, and to use that information as I see fit? Because that's what is happening here with Google... They don't get your e-mail address unless you give it to them. They don't get ANY personal information unless you give it to them.

Re:Absolutely not.

[sumdumass]

Ok, I think maybe we are closer in agreement then I originally thought.

Law is made where rights collide and conflict. As often put, your right to swing your fist ends at my nose. In the US, privacy is a right, but one that is poorly defined and with unknown boundaries. I think that European laws provide good guidance, and would like to similar laws here. My image and voice cannot be used without my permission, outside of fair use exemptions. How is other personal information any different?

The courts have always held privacy is an expectation and to some degree you have to maintain that expectation. Changing into a bathing suit inside a change booth give you an expectation of privacy, changing on the beach in front of everyone doesn't. If I video tape that act and show it to people, I have only infringed on your privacy in one instance.

Similarly, you have some expectation of privacy in your own home, a bathroom/restroom and so on. To complicate things, there are situation were there is an illusion of privacy but there isn't actually one. A bank ATM location might be one were cameras watch you but your somewhat dislocated from others viewing you. The problem is when you involve other people or do something in places were you no longer have that expectation. Imagine that you told me in a private conversation that you though some girl was hot and wanted to get to know her better even though you and her were married. I am now privilege to this information because you told me. If I tell your wife, or her husband, I am not violating your privacy at all. Even If I tell her. Well, that is unless there is an agreement before you tell me and I agree not to tell anyone else.

When dealing with companies, Especially on the Internet were you have that illusion of privacy, you have effectively told them the same thing you told me, except for the information might have changed. They then take this information and do something with it. Some companies toss it out, some write it down and attempt to sell you sex aids, and some might sell this information to others who would want to sell you something. But when you involved them, you more or less gave them privilege to that information.

I don't disagree that some of the information should be held to a higher standard then "i have the hots for her" would have. Items like bank account numbers, credit services, personal finance or personal health information and such should be limited in every way. I think for the most part they are. But searching for ways to kill your wife, how to beat a speeding ticket, most romantic flowers and such are on a different level. Same with you purchasing a gallon of milk, a six pack of condoms and a spatula. But it is these personal numbers that you assume is private information because they link your banking or medical records, state identification, social security numbers and such that are a concern already have laws on their use. These have a larger potential of damaging you if placed in the wrong hands. But the fact is, when you deal with someone else, unless there is a law already involved or some agreement in place(privacy policy), you have handed over this information willingly to these people and it is really no different then you telling me which girl turns you on. You wouldn't expect hippa laws to save your medical privacy if you told every ugly girl in the bar that you have some STD to get them away from you.

I can understand concerns and fears about certain information. You are told to keep that private from the moment you get it. What I don't understand is essentially going to a ball game that will be televised and then complaining your picture was on TV when the camera pans the audience. There is no expectation of privacy there. But if the when certain private information is "required" to do business or participate in an otherwise public activity, the stuff you expect to be private should need your permission to be used in a way other then you expressly agreed to. Google has a privacy policy link on their main page, when using their services, you are essentially agreeing to those terms. Unfortunately, if your using firefox or possibly other browsers, the policy link is missing on the default start page.

Re:Absolutely not.

[Ravnen]

Firstly, you're assuming the average Google user realises that whatever they search for will be saved, and can be personally linked to them for 18-24 months, and perhaps longer depending on how effective the 'anonymising' is. This is not a reasonable assumption.

Secondly, in the EU at any rate, we have this idea that there are certain rights that cannot be given up. One cannot give up basic rights to freedom by signing a contract agreeing to become someone else's slave, for example. This is the same sort of issue, just on a more modest level. Agreeing to use Google's search engine cannot take away the right to privacy.

Re:Absolutely not.

[sumdumass]

I'm not sure cookies shows anything. But even if they do, you have the option of deleting them. And if you don't, it just means you gave that term of privacy up.

If you don't close the curtains before getting dressed and someone merely walking down the street sees you naked doesn't mean they violated your privacy. So because of an action you would have neglected to do, on purpose or by accident, you would have gave up that notion of privacy. I don't see why Cookies and the notion of not deleting them should be viewed any differently.

Re:Absolutely not.

[wykthorr]

For god's sake don't do it. It can cause a whole lot of problems. I think I don't have to mention how much I hate it.(as you might have guessed I'm from the EU).

Re:Absolutely not.

[hcmtnbiker]

This argument is critically flawed. Just because they collected information does not mean they could do with it as they please... Even ignoring copy-write... The second you submit someone anything, any piece of work, you almost always forfeit your rights to it. You can see this on disclaimers for almost anything, submitting editorials to newspapers, even making warcraft and starcraft maps, you technically forfeit your rights the second you distribute it. Google is doing nothing different then this, they are clearly saying what they are doing. This argument has stood up in court (at least US ones) before, and i presume it will again. The argument at hand is about data people willingly give google, not what thier crawlers pick up.

Re:Absolutely not.

The rights to the information I search may not be mine to give to Google... Anyhow in following legislation it doesn't matter how information is gathered.

Anyhow the law here is simpler. The law I am interested in particular does not make it illegal to collect the personal information. I may have even given it freely. However I can request all the information they have on me to see what they are doing with it. There are limits to how they can share it as well.

for reference...
http://www.pipa.gov.ab.ca/index.cfm?page=legislati on/act/index.html

but for the good stuff...
5(1) An organization is responsible for personal information that is in its custody or under its control.
(5) In meeting its responsibilities under this Act, an organization must act in a reasonable manner.

Division 4: Use of Personal Information

16. Limitations on use
16(1) An organization may use personal information only for purposes that are reasonable.

(2) Where an organization uses personal information, it may do so only to the extent that is reasonable for meeting the purposes for which the information is used. ....
But whats cooler is we can ask....
  The applicant may ask for a copy of the record, or ask to examine the record, that contains personal information about the applicant.

Section 11: Limitations on collection
  11(1) An organization may collect personal information only for purposes that are reasonable.

(2) Where an organization collects personal information, it may do so only to the extent that is reasonable for meeting the purposes for which the information is collected.

This is not unreasonable. So if they happen to information in Alberta they can not just do with it as they please.

Anyhow google can choose not to collect information here or comply with the act and requests made under it. Yeah every now and then governments protect peoples privacy... For all my stupidity and spelling mistakes I do get the odd moment of perspective.

Re:Absolutely not.

So you go to www.google.com without being aware of it?

Re:Absolutely not.

You are wrong. Whether someone gives Equifax/Experian/Transunion the false information is irrelevant. The CRAs should be responsible for their statements - the same as anyone else. Under the "Fair Credit Reporting Act" it is only the attorney generals that can sue for providing false information. If you, as an individual, provide false, third-party information are you sheltered from all but an attorney general because you have some bogus "process to challenge"? Of course not. These corporation have an unreasonable layer of protection.

If I want to prevent others from opening credit in my name, I need a criminal report - more or less (in my state, at least) - showing why this is necessary. So they maintain a situation in which I am responsible for fixing mistakes and I am NOT allowed to add extra security to prevent taking credit out in my name (beyond name/address/soc.sec/birthdate/etc.). It is only the extra laws passed in their favor that allow them to get away with this level of asshattery.

Re:Absolutely not.

[Jerome+H]

I'm not sure cookies shows anything. If I look into my cookies I see an ID in the PREF cookie, they could track me with this.

I don't see why Cookies and the notion of not deleting them should be viewed any differently. Because most of the users don't know how to disable/delete them and probably don't even know what they are.

Re:Absolutely not.

[sumdumass]

They can track computer id23345956340929 went here or there. Then can't track Jerome who lives at this address searched for free porn and went to these sites on this date. This has little to no difference then having the search data and the ip address.

The difference is in saying jerome walked through that door or the fifth person to walk through that door today. And unless you are always the fifth person, your not directly identified. Now, it is my understanding that google with your permission will associate some of this to your log in name and so on if you use some of their services that require a login. And when this is the case, you have an option to opt out when signing up for them.

And it doesn't matter why you don't delete your cookies, it matters if you do or not. Like I said before, If you don't close the curtain that blocks the view from the street when your getting dressed, then any who sees you undressed have done so by your actions. If you wish to remain private, you must takes steps to do so.

That is just ignorant

[MonGuSE]

What you use or don't use is irrelevant as to what a company does with your data. Ever heard of information clearing houses? Basically huge databases set up just to collect individuals private data from everything the IRS, Criminal records, news reports, previous addresses, published papers, bank account info, credit accounts, investments everything. You can't keep companies from actively doing that without living completely off the grid.... Think about your statements next time.

Re:That is just ignorant

[tvjunky]

Ever heard of information clearing houses? Umm, no?

Greetings from Europe :)

Re:That is just ignorant

In Europe, only the government is allowed to store massive amounts of private information on people. This information is much safer with the government. After all, it is not like the governments of Europe have ever abused the rights of their citizens or anything. And I am sure no-one could ever steal that information from the government, either, as government security is infailable.

Ahh, to be European... Your fanatical trust in the benevolence of the government is only matched by your complete unwillingness to learn from history. You think that the continent that spawned Imperialism, Fascism, and Communism would have learned not to trust the government by now.

Re:That is just ignorant

Ahh, to be US-American... Your fanatical trust in the benevolence of capitalism is only matched by your complete unwillingness to learn from current events. You think that the country that spawned Neo-Imperialism, share holder value and fast food would have learned not to trust the companies by now.

Re:That is just ignorant

[harmlessdrudge]

Name ONE European govt that stores massive amounts of private information on people. You can't because there isn't one. There isn't a single govt. in Europe that has at its fingertips unified access to all of the information it holds about its citizens, just as the US doesn't. Do you usually invent such things? Credit reference agencies like Experian operate legally in Europe as do many other services that provide information about people. All operate subject to laws about what they can and cannot do. They are subject to much fewer restrictions in the US. Your comment "You think that the continent that spawned Imperialism, Fascism, and Communism would have learned not to trust the government by now." is sophomoric. You forget that these movements were popularly supported. One of their characteristics was idiotic characterisation of others followed by their oppression. Continents don't learn. People do, unless they uneducated, credulous, speak only one language, have never traveled outside their home country and perhaps, have a habit of just inventing what they want to believe. If which case they are people who would have no credible claim to say that would resist the next moron ideology. Furthermore, it is precisely the European experience of war that has driven the creation of the EU or "European Project" and EU wide standards, including EU directives on privacy. The Europeans have discovered that cooperation is a good basis for peace, justice and prosperity. Europe has learned some lessons the US has yet to learn.

Re:That is just ignorant

Interesting comments in London (where Eric Schmidt made some controversial remarks) on where Google may going:

http://wombatdiet.net/2007/05/24/green-revolution- in-trafalgar-square/

Re:That is just ignorant

[VON-MAN]

We spawned you, hahahahaha!

Re:That is just ignorant

[Raydome777]

The United Kingdom has a law (Data Protection Act (1984)) whose main point is to prevent companies from building those sort of databases. If you hold personal data about an individual you are under a legal obligation to to allow access to that individual access to that data so that they can check it is accurate, guarentee its security and you have have a good story on the information's relavance.

Obviously, this was all put in place before the Internet so its all a bit pointless, but I guess where the BBC is coming from is that, to UK ears, googles policy of storing your search history feels contrary to the law.

Re:That is just ignorant

[nevali]

No; the only real purpose of the Act is to make sure that the information in these massive databases is correct, under the auspices of doing some sort of favour to the public. It does nothing to stop them collecting information that you unwittingly make available, directly or otherwise.

There is a relatively ineffective legal framework governing how collected information can be disseminated, but it's not really stopped the likes of, say, the credit reference agencies from doing what they've always done--which invariably is far more insidious than anything Google gets up to (when Google starts being able to identify me and my habits by my postal address and provides a history of my activities to my bank when I apply for a loan, then I worry).

The Act really is about doing the collating companies a favour. You, as a member of the public, are encouraged to tell them when they've got their information about you wrong. They need never bother checking again: embittered citizens--marching on about how they've achieved some sort of victory by getting their postal address updated in some database--will do it for them!

Re:That is just ignorant

[KDR_11k]

Corporations are not any more (and usually much less) trustworthy than the government. Trust or distrust your govt, letting corporations have your information is pretty much guaranteed to be worse. Especially when it comes to corporations who work against you as opposed to for you where even the old capitalist mantra of "vote with your wallet" has no chance anymore.

Re:That is just ignorant

> In Europe, only the government is allowed to store massive amounts of private information on people.

While there is a problem in that direction, that is not all there is to it. At least in Germany the government is not allowed to have a full directory of everyone living there. While all that information is stored at a local level there still has to be a significant amount of work involved to aggregate it. Sure there are efforts underway that will undermine this (is there every any part of democracy that is not under attack in some way? In the worst case even by someone who means to do good...), but I don't have the impression that you in the US are free of that kind of problem...

Re:That is just ignorant

[janrinok]

No. It has to be correct, BUT it must be protected, the individual has a right to know what is being kept and, if it is wrong, can have it corrected. They must also declare what exactly is being held, so your comment "It does nothing to stop them collecting information that you unwittingly make available, directly or otherwise" is patently untrue. I am a data custodian. Are you?

Re:That is just ignorant

[nevali]

That does nothing about information in the public domain...which is all of the interesting stuff anyway. Beyond that, pretty much every company has a clause in its T&Cs that says it will merrily share any information you give with selected partners, even if they're not allowed to use it for marketing purposes. Plus it's not like anybody reads the agreements anyway, especially outside of online services. The way that modern business works means that getting goods and services isn't just about paying money any more, it's about paying money and handing over information. Don't hand it over, you'll have to go elsewhere... if you can find somewhere.

Seriously, the DPA has no teeth. It does information collecting services more favours than it hinders them.

Re:That is just ignorant

[janrinok]

Information about me is NOT in the public domain. Nor is it the most interesting information about me. And in Europe (which IS the subject of this thread) information cannot be held in a database without the person concerned being able to challenge it - it doesn't matter whether it is in the public domain or not, you cannot aggregate information unless you have consent. Of course, I am sure that various intelligence agencies will ignore this but Google is not not an IA, not does it have my consent, therefore IN EUROPE this is a valid concern.

Re:That is just ignorant

[nevali]

I think you'll find there is information about you in the public domain, you'd be in a distinct minority if there wasn't--good luck finding out who's got it, though! Beyond that, note that the likes of banks, credit reference agencies, etc., have special permission to go rifling through the hidden part of the electoral roll.

The simple fact is that unless you close your bank accounts, break the law by not registering on the electoral roll or the council tax register, live in accommodation in somebody else's name--or on the streets, don't have a telephone, and avoid anywhere that there's CCTV (rather difficult in the UK, at any rate), you're going to find it impossible from preventing third parties access to your personal information. Additionally, unless you pay extremely close scrutiny 100% of the time, you're not going to know who has it.

The DPA gives you the ability to get a copy of it, and make sure that it's correct. It prevents most organisations from keeping hold of it for longer than a few years (by which time it's likely irrelevant anyway), and it prevents them from distributing it unless you unwittingly gave them permission to do so like so many people do without realising it.

The statement of "it doesn't matter whether it is in the public domain or not, you cannot aggregate information unless you have consent" is either patent bollocks, or you have a warped view of "public domain"that doesn't match anybody else's. At all.

Re:That is just ignorant

[janrinok]

You might be correct if I lived in the UK......

Re:That is just ignorant

[nevali]

The UK was an example close to hand; to the best of my knowledge no country in the EU fares any better.

Re:That is just ignorant

[janrinok]

OK, an example. If I give my date of birth to someone maintaining a database they must protect that information. My date of birth is probably also available in the public domain. Nevertheless, that item of data has the same protection as any other. It CANNOT be used by that company in an unacceptable way nor can it be traded, exchanged or used in any other fashion according to EU law. Furthermore, if there is no clear justification for company X retaining my date of birth as information they must, by law, remove it from their database. Your view of the EU legislation, and I suspect the UK's implementation of it, is very pessimistic. The current law has been upheld in court. I am a UK citizen but I have chosen to no longer live in the UK hence my reluctance to quote UK law in this thread. Aggregation is irrelevant - the current law applies to ALL collections of data, regardless of the source. If you shouldn't be holding it you are probably breaking the law if you do.

A government concerned with it's citizens privacy?

[kungfujesus]

Wow! I now owe my friend 20 bucks! Damn, I never thought I'd lose that bet.

Where's the victim?

[sevenfactorial]

In the case of Google in particular, their retaining information about the search habits of users seems to have hurt no one.

Why exactly they would want to keep and associate search records with individuals for two years or more seems an absolute mystery to me, and perhaps it's slightly creepy. But to my knowledge there's not a single instance of this data having been abused for blackmail, investigation for sedition, investigation for drug use, etc. All of these are clearly possibile, however.

This whole question makes you aware of what a new medium the internet is. Should the content of a Google search be considered public or private information? My inclination is to consider it public. If people want a privacy friendly search engine, let them pay for one.

At any rate, as all this is evolving, why not give Google the benefit of the doubt. I say wait and see if there's actually a problem.

Re:Where's the victim?

[jlarocco]

Why exactly they would want to keep and associate search records with individuals for two years or more seems an absolute mystery to me, and perhaps it's slightly creepy. But to my knowledge there's not a single instance of this data having been abused for blackmail, investigation for sedition, investigation for drug use, etc. All of these are clearly possibile, however.

<sarcasm>I agree 100%. We should wait for it to become a huge, entrenched problem first. Then, when this information is being lost and leaked onto the net, and people are being blackmailed and investigated with retained information left and right, we should fix it then. Thus far, corporations have a nearly pristine track record of managing private information. If it ain't broke, don't fix it.</sarcasm>

Or, maybe it hasn't been a problem because 99.9999% of companies in Europe are obeying the laws?

Oh, and can some raving Google fanboy please explain this:
Google caves in to oppressive laws of communist Chinese government == good
Google breaks consumer friendly laws of democratic EU == also good?!? WTF?

What exactly does Google have to do for you all stop mindlessly promoting them as some friendly "not evil" corporation, and realize they're no different than MS, Adobe, Sony, and all the rest?

Re:Where's the victim?

[Andrew+Kismet]

As far as I can tell, they use the data to generate trend information, work on localisation, and generally find out where they need to focus the 80% of their 80/20 time.

As long as I know what data they're storing, I have no problem with them keeping my data for up to two years. Maybe I'll regret that two years from now, but it's very unlikely.

Re:Where's the victim?

[instagib]

retaining information about the search habits of users seems to have hurt no one

I agree that Google themselves are not a "risk" - they use the data for ad targeting. But what if they are forced to reveal data, or get hacked, or just make a mistake?

The data they have from searches can be as complete as who searched when what, and clicked which result. Certain types of lawyers can create major problems for someone out of a data set like this.

Re:Where's the victim?

[siddesu]

How, pray tell, do you know what google uses this data for? Are you on their board or something? Unless you have no access to that kind of information, you don't know. There is still this case of American phone companies providing phone call data _willingly_ to the US government. Did you know about that before someone blew the whistle? And this happens in a country in which government abuse of private information is very much under control, compared to the rest of the world.

Don't be so naive, every large corporation (and many small ones) are intimately in bed with the establishment. It is just not good business not to be ;)

Re:Where's the victim?

Well, as long as you can tell I'm happy. After all, you have access to these databases, right?

google.cn

[wizardforce]

google probably uses the search associations for ads or something- but at the rate that people use tor, cookie cullers etc. it seems to be a mute point.

At any rate, as all this is evolving, why not give Google the benefit of the doubt. I say wait and see if there's actually a problem.

they need to be watched just like any other company- just because their motto is do no evil [google.cn] doesnt mean they need to abide by that. especially if their laast stockholder vote says anything - do no evil just became do slightly less evil than otherwise.

Re:google.cn

[hcmtnbiker]

they need to be watched just like any other company Are you saying we should violate Google's right to privacy on the notion that it is *possible* that there is a problem? Tell me if I'm wrong, but isn't that just slightly hypocritical?

Re:google.cn

[wizardforce]

Are you saying we should violate Google's right to privacy on the notion that it is *possible* that there is a problem?

since when was my right not to be essentially spied on a violation of Google's privacy?

Re:google.cn

[zzatz]

A person has a right to privacy. Google is not a person.

Re:google.cn

Google, as a corporation, doesn't have privacy. Unless they're working on some classified government projects, the only "privacy" they can have is spelled out in contracts with their employees. If some Google employee released all kinds of information about Google's inner-workings and financial information, the worst they could do is sue for breach of contract.

It just doesn't make sense for a corporation to have privacy because they're big collections of people working together. It's like saying "We should respect Chicago's privacy." WTF would that even mean?

Re:google.cn

[sumdumass]

They are a corporation. In America a corporation is a substitute person and we have extended them most all of the rights persons have.

You can debate the right or wrongness of this. But until the laws and rules are changed, prepare to be disappointed a lot.

Re:google.cn

[wizardforce]

do no evil just became do slightly less evil than otherwise.

that was meant in reference to google's earlier stance on google china where it was decided that refusing to cooperate with china's censorship of its people was not worth it. it was in fact voiced on slashdot on more than one occasion on slashdot that this wasnt very good thing for google to do it. it was not meant as a flame in any way shape or form, just a comment on google's history and how it reflects on the current topic.

Re:google.cn

[sumdumass]

Hmm.. So a big collection of people don't have the same rights as a single person. Interesting.

Re:google.cn

[KDR_11k]

Private data of others is not considered part of your private sphere. Whether Google is a real or a virtual person doesn't matter, if they hold onto the personal data of others they have to obey the regulations.

Re:google.cn

[ContractualObligatio]

Every person in that big collection has the same rights. What's your point?

Re:google.cn

> Hmm.. So a big collection of people don't have the same rights as a single person. Interesting.

Of course they don't otherwise you couldn't do any statistics at all. I sure hope that everyone can agree that publishing the average income of all U.S. citizens is something completely different that publishing that of a single person (and of course publishing the income of every citizen would be something different again, but that would be protected by the individuals right to privacy, there is no need to give companies a right to privacy for that).

Re:google.cn

[sumdumass]

Nobody said they don't have to obey regulations. But it isn't as if they are subclass or anything. The point is, legally there are little differences between a corporation and a person and the rights they both hold.

Re:google.cn

[sumdumass]

The point is, a big collection of people should equal the same rights expected by an individual person. You family should have the same rights to privacy as you do. It shouldn't be restricted or deliminated because you have a mother, father, a couple of siblings, and possible another relative living in the same house.

A corporation as a collection of people is no different. When you remove the rights of an entity because of it's size, you have removed the rights of all the individuals that comprise that entity. How does you have the right to privacy unless you invested money in some company sound to you?

Re:google.cn

[sumdumass]

Thats totally apples and oranges. If you make $36 k a year and I say someone make $36 k a year, I haven't pointed to you in any way. Only the people who you have informed of this fact wold know. It is the same if I say people in Westchester earn $36k a year on average. It is in no way reflecting a statement of the person AC make $36k a year.

Similarly, a collection of people have the same rights as an individual. The difference is that saying an average of $36k is less identifying then saying one person over there makes $36k.

Re:google.cn

[ContractualObligatio]

That big collection of people does have the same rights, each and every one of them. My family has the same rights to privacy as me. It wasn't restricted or "deliminated" when I still lived with my family, nor will it be when I get married.

The many and various individuals in a corporation do not lose their rights to privacy for being part of that corporation, nor do the shareholders or customers of that corporation. In particular, your suggestion that you might lose your rights for investing in a company suggests that you misunderstand the principle. The EU has laws protecting individual's privacy, which corporations have to adhere to. Investing in a company would not only *not* take away any privacy rights, it would place restrictions on the data that company is allowed to hold about you in order to *protect* them. The principle also applies to the employees.

Corporations are allowed to hold some data private, but they also have obligations in all countries around the globe. They have varying disclosure requirements depending on whether they are publically or privately held, have varying degrees of public inspection e.g. for hygiene regulations. Again, yes they can keep a lot of their own information private - but they have no equivalent to the Bill of Rights. Corporations are constructs in law, and the formation of one should not be allowed to take away an individual's privacy.

From an American perspective, this is why the wording of the Constitution is so important. Phrases something like "Congress shall pass no law abriding the right of peaceful assembly" are all through it, guaranteeing the *inherent* rights of the people. Corporations cannot be granted exceptional powers of over the rights of individuals.

This story is about the EU ensuring that the privacy rights of individuals have not been breached. As a European, it is surprising to hear so many Americans argue in favour of giving up individual rights to an unaccountable group of people. Usually it's the other way around!

That said, it wouldn't be the first time I've seen the crowd on Slashdot make unconstitutional arguments when it's against the actions of a foreign power.

Re:google.cn

[sumdumass]

I could agree but the construct of a corporation is just an extention of all the individual right the people who make it up have. The legal entity of a corporation doesn't create a fictional person, it just defines and limits liabilities on people involved based on their actions and in essence separate parts of individuals to act as one.

I'm not arguing against regulating corporations and I'm not arguing against regulating what they can do to some extent. HOwever, I am apposed to the idea that laws effecting groups of people won't effect groups of other people. The GP post I was commenting on revolved around the Idea that corporations are fictional people in which they are not and they made the argument that because they are a fictional, they don't adhere to the same principles or rights that we have. I find this to be no different then not letting a black man vote because he is only 1/5th human. And I see no difference in this Idea that groups of people forming a corperation have less right collectively then a family unit would enjoy.

A corperation is just the legal construct that allow people to conduct business and organize rules and procedures of that business while limiting a person's liability for actions another person takes. It isn't some fictional person, it is a framework of sorts. And if you tell me you think you have a small penis, I tell everyone else, outside your embarrassment, no harm or right violation is being done. It is the same if you tell a corperation the same thing. The difference is that we have personal information that we expect to remain personal and this is already limited in what they can do with. Especially when it is a requirement of doing business with them. But your surfing habits or shopping purchases aren't in that line of stuff. When you buy something at the market, If I'm standing right there and tell everyone you bought a sixpack of condoms (extra large) and a spatula, I'm not violating any of your rights. Now if the store does the same thing, they aren't either. But when the store which is a corperation tells everyone you paid with a credit car numbered 66666666665, they crossed that line.

So, I think the type of information is just as important as the information. And when you choose to make me part of you conversation, Whether it is because you purchased something, used a service I offered or we have a casual conversation, anything you disclose with the exception of financial and medical information (maybe a few others)there is no expectation of privacy at all unless we already (or otherwise) agreed to make/keep it private. If the EU has laws to the contrary, Good for them. I don't believe it is the role of government to say what you can do with information someone else offered you. And I don't see any difference between a corporation and an individual. Especially when we want to define a corperation as a group of people.

Re:google.cn

[ContractualObligatio]

Unfortunately what you say has no basis in fact. Many would argue it has no ethical basis either, certainly most of the EU. Again, it's strange to hear someone from the US comparatively weak on an individual's rights.

Defining a corporation as a group of people might be your idea, but it's simply not the case. I've got nothing against corporations, I'm paid a very nice sum of money by a major US multinational. But I'm not confused about the idea of us being a group of people with rights to my data. I don't want any of 150,000 people being able to call me at home, for instance, although of course the company has my details. Lack of respect for privacy enables people to do things like HP's identity theft scandal using Social Security numbers.

A corporation does not have an extension of all the individual rights of the people who comprise it. It is a legal construct. It does not have these rights because it is 0/5th human. Human rights are not *granted* by governments or legislation, they are *protected*. A restriction on the length of time Google can store data relating to individuals would have no impact on the rights of Google employees or shareholders; free reign to the corporation does however impact the rights of the individual. The individual has these rights, the corporation does not - fairly straightforward.

It does not follow that running web searches should be construed as giving the search company rights to your personal data. Why should this be the case? Clearly web searches from the home will contain personal information. Given a person's right to privacy and the corporations ready technical capability to respect those rights, why should there be a presumption of surrendering them?

One key reason you can pass on personal details of mine in the manner you describe is that you have a right to free speech. If I have chosen to share that fact with you, your rights also have to be respected. However, unless you've signed a loyalty card or similar, the supermarket does not have the share information about my individual purchases. If supermarkets had that right, the retail system would be forcing me to give up personal rights in order to buy essentials. To force me to use cash, or simply not use supermarkets, is an unreasonable imposition (particularly on a city dweller!). In the UK, many shops will ask for your details, partly for marketing etc but also because otherwise they have no right to track data about you, except as required for the financial transaction.

From the standpoint of protecting one's rights, the way privacy has been translated into law in the EU is that companies should store no more data than is necessary, shall share the information with the appropriate individual upon request, and shall store it for no longer than necessary. In this way, the rights of the individual to privacy and dignity are protected. Note that the definition of "necessary" (or whatever specific wording is used) can vary a lot e.g. banking records stay around for a long time. Chances are that with respect to the Google thing, they'll go for something like 6 months - a compromise between the individual's rights and the corporation deriving some value in exchange for the service provided.

Your automatic assumption of giving up those rights is, well, a shame. I've enjoyed working for this US firm for some years. The US is at its best when it is both hard headed about "business is business" but also "rights are rights".

Re:google.cn

[sumdumass]

Unfortunately what you say has no basis in fact. Many would argue it has no ethical basis either, certainly most of the EU. Again, it's strange to hear someone from the US comparatively weak on an individual's rights.

What has no basis in fact? DO corporations auto-magically appear over night and then people auto-magically have a job afterwards? No, People decide to start a business and there is a legal structure to protect them from fraud and actions of other people in the business. They make this a corperation and sell share to get equity out of the business so they can expand or whatever. Some people sell their personal shares and keep the money.

And it isn't that I'm weak on corporations, it is just hat I'm looking at them realistically. Large corporations can have more influence and cause more harm but it is still the same, someone owns that corperation and it is an extention of their rights.

Lack of respect for privacy enables people to do things like HP's identity theft scandal using Social Security numbers.

No, that was lack of security that caused that. Andif your using the argument that it is your while still giving that information out ot anyone who asks, you will have the same lack of security and be hit one day by your own fault.

A corporation does not have an extension of all the individual rights of the people who comprise it. It is a legal construct. It does not have these rights because it is 0/5th human. Human rights are not *granted* by governments or legislation, they are *protected*. A restriction on the length of time Google can store data relating to individuals would have no impact on the rights of Google employees or shareholders; free reign to the corporation does however impact the rights of the individual. The individual has these rights, the corporation does not - fairly straightforward.

It is exactly an extention of an individuals right. The only difference is that a CEO or series of managers are making decisions and not you personally. This is why there is a protection. When the CEO embezzles the funds dry and the corporation has to file bankruptcy, the CEO goes to jail and the bankruptcy stops at the corporate level instead of taking everything you own too. The only legal protections afforded to corporations are the separations from the owners liability. Thats it, nothing else. It is done in law. Now there are laws concerning how the company spends money and discloses that, but that is only so the owners can fully understand what they are investing with.

It does not follow that running web searches should be construed as giving the search company rights to your personal data. Why should this be the case? Clearly web searches from the home will contain personal information. Given a person's right to privacy and the corporations ready technical capability to respect those rights, why should there be a presumption of surrendering them?

Any time you involve a separate person to you information, they become privileged to it. They have a right to it. It is no longer just yours. Now some personal information like medical and financial records have limits on what a corporation can do with them. But if you tell them your horny by surfing for porn on their search engine, it is no different then you telling the girl at the pub you want to screw her. And the data isn't always yours. You telephone number isn't, the phone company publishes it. If the company you work for gave your number to any of the 15000 employies so they could call you, there is nothing wrong. If you have an unpublished number, then they have to restrict who can access it but it doesn't mean no one could and it shouldn't.

One key reason you can pass on personal details of mine in the manner you describe is that you have a right to free speech. If I have chosen to share that fact with you, your rights also have to be r

Re:google.cn

[janrinok]

Ah, so we are debating another US problem.....

Re:google.cn

[janrinok]

You do realise that we are debating the fact that the EU has challenged this - not the US. What is the point of quoting US law: it is irrelevant to this discussion - and the majority of the world's population!

Re:google.cn

[janrinok]

You are looking at this with a US viewpoint? That isn't the thrust of this thread, which is based on something other than a US viewpoint (in this case EU). A business does NOT get to decide what is 'necessary': they must obey the law and convince a judge when someone decides that the law has been contravened. It might not be the American way - but fortunately most of us do not have to accept the American way. Quoting the 15th amendment is also irrelevant in Europe. You have looked at a map of the world recently, haven't you? Try counting the countries on it - very few of whom are in the slightest bit concerned with US law. Google is NOT a US company. If it were, then my attempts to access www.google.com would not be diverted to www.google.co.uk, or www.google.fr, www.google.com.gi, www.google.de. Each of these countries are in Europe, in which case - it must OBEY OUR LAW.

Re:google.cn

[sumdumass]

Google is a US company. They are structured under US law. When we talk about a corperation and their rights, they have the same rights a US citizen would enjoy.

A business does NOT get to decide what is 'necessary': they must obey the law and convince a judge when someone decides that the law has been contravened. It might not be the American way - but fortunately most of us do not have to accept the American way.

You never said what is necessary. Who decides that or who defines that. At least in America, even the open ended laws have ends to them. Unless your leaving something out, or don't have a proper understanding of your law, I wouldn't be championing it. So, you have shown that there is a different interpretation of necessary, what is necessary? and who defines it? If I was to start a company in the UK, how would I know what necessary is? DO i have to ask permission form the government and the judge first? and is this better why?

Quoting the 15th amendment is also irrelevant in Europe. You have looked at a map of the world recently, haven't you? Try counting the countries on it - very few of whom are in the slightest bit concerned with US law.

I don't remember quoting the 15th amendment. And yes, I have looked at a map recently, And I am aware of the countries in Europe, some of which wouldn't be the way they are if it wasn't for us. And no, that isn't a reference to ww2, i'm talking about the cold-war.

Google is NOT a US company. If it were, then my attempts to access www.google.com would not be diverted to www.google.co.uk, or www.google.fr, www.google.com.gi, www.google.de. Each of these countries are in Europe, in which case - it must OBEY OUR LAW.

Google has offices all over the world. They are however a US company. They state that all their information is kept on servers inside the US. You can find this in their privacy policy page. Redirecting a domain to a country specific domain doesn't means much as for were a company operates from. If your stuck on that, your really misinformed on the basics of the Internet. A person inside either one of those countries could register the domain and let someone else use it.

And BTW, Most US law is expressed by international treaty. This isn't because the US pushes it's laws but rather all treaties we make have to have the full force and effect of law. Now there are several treaties that make those other countries pay attention to US laws because we made the laws pursuant to the treaties. You can argue all you want about the people in those countries but it doesn't make it true. I remember some people says this about Pirate bay and the country they were located in until their servers were confiscated. So what you say or believe might not be the reality.

Re:google.cn

[sumdumass]

Are you reading the posts your replying to or just trolling through my comments page and replying to anything? You hit this comment twice and offered nothing different either time.

But reinforcing or restating things that are wrong only make you look more wrong. Google is a US company and they store their information inside the US. In effect, they are a US citizen. Now they have offices in other countries and such but the laws on multinational corporations are pretty clear on it.

And if you read the post history, you would easily see that I was replying to the prospect that google isn't a person and isn't entitled to rights of privacy. They are and they do have privacy rights. This is very relevant to the discussion and the rest of the worlds population. You see, when foreign nations recognize American companies, they need to do so in the state the exist in america. This is in the treaties that these other countries signed and enacted. It works the other way too.

Re:google.cn

No!. If Google is operating in Europe (Google.co.uk, Google.com.gi. Google.de etc) then they are obliged to follow EU law. If they want to remain as Google.com then perhaps you would have been correct, but the don't, and you're not..... This thread started with the title of "EU Questions Google Privacy Policy", which we in Europe have every right to do, because they are operating here. Hard luck to you, but we in Europe can question whatever we wish. "Should the US change its laws to something similar to the EU" can be discussed but your response does NOT change the fact that you are wrong. Google is a US company but, regardless of where they store the information, if they wish to have a presence in the EU then they must abide by EU laws, not US. Google has no rights of privacy that are afforded to US companies when they operate in the EU. They are business. Your law is irrelevant. We started by discussing whether your law should change (i.e. the question posed by this thread) but not your opinions of our of OUR law. Tough shit. You're wrong.

Yes, I think that you should change your law, but as I am not a US citizen it is not my problem, nor do I have the right to impose the change.

No, you do not have the right to criticise our laws. Pay your taxes to us and we might reconsider it.

Re:google.cn

[janrinok]

Google.co.uk, Google.de, Google.fr are NOT US companies. They are obliged to obey EU law. You may not like it. Sorry.

The title of this thread is based on an 'EU' perspective. Your law is irrelevant, unless we are discussing whether it should be changed.

Should the US change its laws? as suggested in the opening remarks? Your decision. But you cannot change ours...

I have over 1000 hours (yes, not a lot, I know) flying our nuclear deterrent. The 'West' won the Cold War, not the USA! And if that is your best counter then you have already lost this argument. (Is your dad also bigger then my dad?, is your house bigger than mine? have you got a big brother who will beat me up?)

Would you care to quote where your law is expressed 'by treaty' with regard to the European Law regarding the holding of data? No, I thought not.....

Re:google.cn

[sumdumass]

Google.co.uk, Google.de, Google.fr are NOT US companies. They are obliged to obey EU law. You may not like it. Sorry.

Google.co.uk and all the others you mentioned are mere domains owned by google. They aren't separate companies in any sense. Google, or "Google inc." is a Delaware based company. They incorporated under Delaware law in the united states. If you follow the links about google it will take you to the same incorporation certificate whether you start from Google.com or Google.co.uk. All the other domains do is allow them to deliver localized content, nothing more or less. If you think multiple domains makes a company separate from the same company, you are sorely mistaken in how the Internet works.

But don't believe me, follow the links involving Google corporate info and you will find the exact same thing.

The title of this thread is based on an 'EU' perspective. Your law is irrelevant, unless we are discussing whether it should be changed.

No, the law isn't. Google operate in Europe because of international treaties. Most if not all of the EU countries have signed into law treaties that allow a corperation conducting business in one country to be available for business in another. The laws of the EU or Frances or any other country only matter in Google's actions in those countries. When you goto Google, You are accessing an American server for the most part and all the information obtained is stored in an American server. Not because they has a separate company. Google doesn't conduct operations in france or the UK or anything, they operate withing the confines of America. They have offices in those countries to deal with situations and employ coders but we are talking about them keeping search data not keeping coders employment information. This is according to Google's own corporate info page, privacy policy and so on, And it doesn't matter were you access it from, it reads the same if it is a Google site.

Your also missing the entire point of the post, I am not arguing they aren't subject to the retention laws, I'm arguing they are a US company incorporated in the state of Delaware and have the same rights as a normal citizen would. They have an expectation of privacy. Even in Europe, they have this too. I dare you to walk into any company and start looking at their financial data unannounced. You will be thrown out if not arrested. Why? because this is private and they have the same rights you would concerning keeping your checkbook secrete.

I have over 1000 hours (yes, not a lot, I know) flying our nuclear deterrent. The 'West' won the Cold War, not the USA! And if that is your best counter then you have already lost this argument. (Is your dad also bigger then my dad?, is your house bigger than mine? have you got a big brother who will beat me up?)

WTF are you talking about. Europe was perfectly happy with letting rusia run into a country recently liberated from the germans after WW2 and letting russia impose it's control over them. This is the same shit that that started WW2, they needed to defend their borders. I'm not talking about who won anything, I'm talking about who put a stop to it. The US did!. The UK and Europe never had a Nuke for a deterrent until the Americans gave it to them. A good majority of their military technology is of the same birth. SUre Europe has developed many things, they have even taken some of our stuff and made it better, the point isn't who is better at building something, it is about how the treaties came about and the mutual benefit of them. I think maybe you have some severe problems with either stating you points or understanding anything someone else says. Including the laws of your lands and how the Internet works.

Would you care to quote where your law is expressed 'by treaty' with regard to the European Law regarding the holding of data? No, I thought not.....

No, I

Re:google.cn

[janrinok]

From TFA -

Google has been told that it may be breaking European privacy laws by keeping people's search information on its servers for up to two years. A data protection group that advises the European Union has written to the search giant to express concerns. Doesn't seem to matter where you argue that Google is based, the DPG believes that EU laws are being broken. That, and asking whether US laws could benefit from being changed, is what this thread is about.

The nuclear weapon that I flew with not made in the US. It was not under US control. That's why it was an independent nuclear deterrent. Please do not try to claim that everything positive that ever happened is because the US made it happen.

I'm arguing they are a US company incorporated in the state of Delaware and have the same rights as a normal citizen would. They have an expectation of privacy. Even in Europe, they have this too. And while they are in Europe, expecting to have their privacy honoured, they are obliged to obey European law. If they get stopped for speeding they will be charged under local law, not under US law. And, in Europe, companies do not have the same rights as individuals.

I'm not quite sure what you mean by your penultimate paragraph. Honestly, this is a genuine confusion on my part. Are you claiming that European law is only enforceable in a US court?

Re:google.cn

That's of course what I meant with what I wrote in (). There is no need to have a special privacy protection for a large group of people (like a company), since such a group consists of individuals that do of course have protection. Whereas data about the group as a whole (i.e. data that can not be linked to a single individual or a small group of individuals) does not need to (and IMO should not be) protected by privacy laws.
Thus, at the moment where you see that group of people as a single entity (as e.g. a company), it does have less rights, because it is fine to say company A makes $C a year but not to say the same thing about a person. Or to say it differently: in a collection of people, the collection has less privacy rights, while the people within that collection still have the same. Of course that would be obvious if companies weren't treated so much like regular people in other cases.

Re:google.cn

[ContractualObligatio]

What has no basis in fact?

Corporations are not extensions of the rights of their owners and employees. You repeatedly make this statement, but it is not true. France, for instance, is particuarly tough on this, whereby in many cases there is a presumption of guilt until a company can prove that it's actions were not malicious.

No, that was lack of security that caused that

Are you saying that an investigation endorsed by the board, the CEO, the security department and legal counsel would not be able to get access to an employee's Social Security number in a secure environment? I very much doubt it. Any security firm asked to implement a security system that would prevent access to employee records under such conditions would want a very carefully negotiated contract absolving it of liability if security were breached. And given this is a discussion about rights and principles, let us not forget about personal accountability and responsibility, which is indepedent of security measures. One root cause was clearly a lack of respect for privacy.

It is exactly an extention of an individuals right.

Well, I disagree and have given my basis for doing so, using your own constitution. I've never had reason to examine in any depth the law arounding incorporating as an S or C corporation. However, I'm fairly sure I would have noticed something as significant as statements regarding human rights. Mainly it was about tax rules and limitations of liability as I recall. Unless you can come up with evidence otherwise, I'm fairly sure you're wrong - no basis in fact, as I said.

Corporations have free speech rights too.

No they don't. Prove they do - I believe you're making that up.

As for the supermarket, You have a choice

The choice between going to retailers, and going and making my own food and clothes, is rather an extreme one. In the context of the world in which we live, it is not a reasonable choice to force upon people. There is no need for a retailer to track my information to conduct an economic transaction. I've provided a specific example demonstrating that this principle has been enshrined in law. What's your counter example?

As long as I can make money with the data, it is necessary

This entirely lacking in logic. Google can also make money without the data - by definition it is not necessary. Making money is also completely orthagonal to human rights. "As long as it benefits the corporation" is also directly against many of the principles of the US (the Sherman Act, for instance), and is presumably a misunderstanding of how consumers benefit from a healthy economy and the need for economic incentives to support business and entreprenuership.

It think the big difference is that In America, we separate data.

How so? The EU also separates data. I've already mentioned the difference between banking records and web searches. Medical records are also considered separately, there are numerous variations of the Official Secrets Act, a separate Freedom of Information Act regarding government data, etc. Again, you don't seem to be basing your arguments on facts, but unsupported and inaccurate opinion.

your essentially taking a right away form one person to protect another's

It's nice that you haven't yet encountered any situations whereby individual's rights are in conflict with each other. This will happen inevitably as you grow up. In this particular case, however, as corporations do not have these rights there is no conflict and I am doing no such thing.

I have a right to do anything with the information I gather

Not so. Information can be gathered improperly, can be used as an invasion of privacy, selective use of informat

Re:google.cn

[sumdumass]

Doesn't seem to matter where you argue that Google is based, the DPG believes that EU laws are being broken. That, and asking whether US laws could benefit from being changed, is what this thread is about.

This thread is about the idea that a group of people all the sudden lose their rights when they form a corperation. Follow the progression of the conversation. I never said that Google wasn't subject to EU laws, I even clarified that in the previous post as well as in other posts along the succession of this thread. I don't mind discussing things with you but at least comprehend what you are reading before posting a troll reply. And yes, An EU company who operates in the US is views as another EU citizen and when a US company operate in the EU, it is a US citizen. They don't lose any rights that any other EU or US citizen would lose. And that is all my argument except for showing beyond doubt that Google is a US company which for some reason your fixated on.

And were US law comes into play, All treaties America makes with other countries have to be made into law in the US. Any laws we would have that effect an American company working in the UK, france or any other nation would be there because of international treaty. If the EU or any of it's states pass a law that violates those treaties, the treaty law replaces the local law. This is why when an American citizen gets into trouble or is harassed, they announce their citizenship. It gives them limited additional remedies to whatever the problem is.

The nuclear weapon that I flew with not made in the US. It was not under US control. That's why it was an independent nuclear deterrent. Please do not try to claim that everything positive that ever happened is because the US made it happen.

Again, I think you have a problem understanding a simple conersation. You wouldn't have had that nuclear weapon if it wasn't for the US giving it to the Europe. We gave them the science behind a working Nuke. Also we have over time shared secrete on the subject making the weapons as effective as possible. READ THIS CLOSELY, this has been a bidirectional effort and we have gained as much as we gave. But the Eropean communities were perfectly complacent watching Russia walk in and take over countries. It took the US to build a military presence and put a stop to it. It would have been WW2 all over with again except with Russia instead of Germany. And it was the US that convinced the allies (all but Russia) to give germany back to the people instead of making it a colony after WW2. Read up on some history about it. Europe would look totally different if it wasn't for this.

And while they are in Europe, expecting to have their privacy honoured, they are obliged to obey European law. If they get stopped for speeding they will be charged under local law, not under US law. And, in Europe, companies do not have the same rights as individuals.

I never said anything different. All I said was that google or any US company does have rights while operating in any other country. You are the one who took this all out of context claiming US law doesn't matter (which it does) and that google was separated into several other companies because they have different domain names, Which is false. And a company or not, An American company has the same rights as an American citizen who visits a foreign country would. It isn't looked at as a company is coming to visit, it is looked at as a person is coming to visit.

However, We might find that like in the Brazil situation, the local google offices don't have anything to do with the servers and don't have any control over them. In this case, they would likely be directly under US law because the entire operation the EU is concerned with is inside the US. You goto google, it doesn't forces itself onto your computer, you have effectively went to America, surfed the Internet and then left in the split second it too

Re:google.cn

[sumdumass]

Corporations are not extensions of the rights of their owners and employees. You repeatedly make this statement, but it is not true. France, for instance, is particuarly tough on this, whereby in many cases there is a presumption of guilt until a company can prove that it's actions were not malicious.

It is true. The only thing separating you from a corperation is a legal filing. If france is unbusiness friendly, then let them. It could account for their high unemployment rates and the riots that happen on a regular basis. Just because some countries are arcane and don't promote a healthy environment for business doesn't means anything. If you mow lawns for a fee, you have the same rights as you did before that. If you higher a person and become an llc, you didn't lose any rights. If you hire a few more people, take on a partner and open another office then change from an llc to a corporation, why do you all the sudden lose all your rights? err why should you lose them?

Are you saying that an investigation endorsed by the board, the CEO, the security department and legal counsel would not be able to get access to an employee's Social Security number in a secure environment? I very much doubt it. Any security firm asked to implement a security system that would prevent access to employee records under such conditions would want a very carefully negotiated contract absolving it of liability if security were breached. And given this is a discussion about rights and principles, let us not forget about personal accountability and responsibility, which is indepedent of security measures. One root cause was clearly a lack of respect for privacy.

No, I ma saying that the people you employ are just as much a security concern as the locks on the door. If you hire someone who will abuse this access, then you let your security down. There is a reason they don't hire EX-cons to be a teller or security guard at a bank.

Well, I disagree and have given my basis for doing so, using your own constitution. I've never had reason to examine in any depth the law arounding incorporating as an S or C corporation. However, I'm fairly sure I would have noticed something as significant as statements regarding human rights. Mainly it was about tax rules and limitations of liability as I recall. Unless you can come up with evidence otherwise, I'm fairly sure you're wrong - no basis in fact, as I said.

There is nothing in our constitution that giver anyone rights. Well, there is some things that gives the government rights but that a different story. Everything concerning rights in the constitution deal with specifically limiting government from taking them away. Any mention of a right in the constitution assumes you already have it and stops the government from removing it. Nowhere does it say a person _now_has_a_right_to_privacy.

A corperation is just a legal frame work to allow more people to be involved in a company with some taking an active role while others don't. When you turn your coding company into a corporation, you don't lose any of those rights. I cannot walk in and look at your books, I cannot walk in and look at your code, I cannot just walk in at any time and do anything you havn't specifically gave me permission to do. None of this changes when you become a corporation.

No they don't. Prove they do - I believe you're making that up.

LOL. This is funny, Prove to me they have been taken away. A corperation can and does talk about competitors products, They talk about why they think their are better and sometimes they make claims that are very difficult to back up. If that isn't free then I don't know what is. But on the principle of showing they have these rights, A right isn't something givent to you. That is called a priviledge. In a free world, you automatically assume you can do something then some governing body takes that ability away fro

Re:google.cn

[ContractualObligatio]

Son, you seem to be an intelligent person. I'm guessing the consistent errors of spelling, grammar and logic come from a lack of experience, most likely from being young. My advice is that you try and understand some of the truly important things about your nation's history, and the examples it has helped set for the rest of the world. With respect to debating, a strong recommendation is that when someone uses a set of facts to argue against you, particularly an older and more experienced person, you need to have some facts to back up your opinions. Otherwise, you put your credibility at risk, and put obstacles in the path of your own learning and development.

I'm not against limiting corperations in any ways. I'm more against the assumption that they don't have any rights.

If you read back through the thread to the original article, you will find that I have not argued that corporations do not have any rights. They do not have an extension of the rights of every individual that works for or invests in them. Countless people have sacrificed themselves over the centuries for the concept of universal, inalienable, natural human rights. Good examples are those who died alongside your own founding fathers, for the truths they held to be self-evident. Corporations have many legal rights, property rights for example. They do not have inalienable rights, and they do not derive these from the people that work for them. If you think otherwise - find a reference to support your argument.

It is true. The only thing separating you from a corperation is a legal filing.

There's two problems here. One is that you are yet again stating an opinion without facts to support it. The second, which is rather sad, is that you clearly don't understand what makes your own Constitution such a wonderful, historically important document, much admired around the world.

LOL. This is funny, Prove to me they have been taken away.

One cannot prove that something that has never existed has been taken away. If this is the standard of proof you have set before you will admit that you're wrong, then you have either failed to understand my point, failed a simple exercise in logic, or simply decided that you are right and nothing can convince you otherwise.

If you hope to be taken seriously as you grow older and put in more responsible positions, you're going to have to wise up. Of course, if your goal is simply to make money then lacking logic and principles is not an issue.

that right doesn't disappear, unless some existing law make it so.

This is rather sad, on two levels. On a classic Slashdot failing, you didn't understand (or perhaps even read?) the article, did you? The entire point is that there is a law! The EU has privacy laws based on inalienable human rights, hence this investigation. Second, inalienable rights cannot be taken away by any law. You do not appear to understand what inalienable rights are, which is particularly sad because it means you do not truly appreciate your own country.

Do you see where the separation of data is? If not I'm not sure you could understand anything at this point. we should just discontinue this conversation.

Sorry kid, I've held in own in arguments with Nobel prize winners (e.g. Bruce Greenwald at Columbia). You're going to have to try harder than that if you want to be condescending instead of sounding like an idiot. How do you know I didn't understand the separation of data? You may recall I was simply pointing out that the EU also has a separation of data. It's broadly the same as you describe, although the example of choose of running down the street shouting (plus comments in other posts such as penis size, or considering someone hot) serves only to reinforce your immaturity. My point however was that you had stated the separation of data as some

Information Requests In Alberta

[sm4096]

I am from Alberta. I we can take them Google up on a "Personal Information Protection Act" (PIPA) request to see what they are collecting on me and who they are sharing this with (my searches etc)... Google has to share all personal information they collect on me if they intend to use it or not(subject to a possible fee so I want to know what they charge for it first... and there is a complain process). Anyhow if you have paranoid concerns you can get some people to make some requests here in Alberta. I think having Google disclose information they are collecting here may be of interest to the people involved in this action. http://www.oipc.ab.ca/pipa/about.cfm

typical slashdot hypocrisy

The slashdot crowd here constantly proclaim their right to to do what they want with information, "it wants to be free" don't you know. But if God forbid, evil capitalist pigs want to use freely volunteered information for marketing reasons, it's time to call big brother (Gov't) to protect us.

PS No one will probably see this since /. is the most censored forum I have ever seen in the many years I have surfed the net.

Re:typical slashdot hypocrisy

Your mom is censored.

Re:typical slashdot hypocrisy

pussy

Re:typical slashdot hypocrisy

[VON-MAN]

PS No one will probably see this since /. is the most censored forum I have ever seen in the many years I have surfed the net.
Then don't be an AC, you stupid ass.

No.

[ScentCone]

Don't like a company's privacy policy? Don't patronize them. Don't like the lack of companies providing a particular service in a way that you DO like? You're probably not alone. Start one, using the money that you'll no doubt be able to attract, just like the Google guys were able to attract the money to start theirs. Think that some Evil US Corporation is operating on the internet in a way that you just can't stand? Unplug it from your country - your citizens surely won't mind.

Think "corporations" shouldn't retain data about their customers? What? How about when two guys incorporate to form a landscaping company. Or a flower shop specializing in deliveries to business clients. Or an IT service shop. Never mind their obligation to keep all sorts of records in case they get audited seven years after a transaction - what about the degree to which retaining detailed information about their customers is the very thing that allows them to be valuable to those customers? If the customers would rather get less service in exchange for more privacy, they can shop for vendors and service providers that have to ask them the same questions every time the interact so they'll... feel better? Personally, I like the fact that the franchise that changes my vehicle's engine fluids is already pulling up my service record when they see my license plate roll into their queue lane.

Re:No.

[martin-boundary]

That's not so easy. If you have a friend who uses gmail, then whenever you send your friend an email, Google will keep *your* email for god knows how long. And they certainly didn't ask *you* about it. So your simplistic solution "don't patronize those kinds of companies" doesn't work.

Re:No.

[ScentCone]

If you have a friend who uses gmail, then whenever you send your friend an email, Google will keep *your* email for god knows how long. And they certainly didn't ask *you* about it. So your simplistic solution "don't patronize those kinds of companies" doesn't work.

Sure it does. Don't send e-mail to people who are supporting a business you don't trust. If you have actual, persuasive, sensible reasons to think that Google is Officially Evil, then you should have absolutely no trouble convincing an actual "friend" that they should switch to another provider... maybe even PAY for mail hosting so they can have it the way they (um... you, actually, in this case) want it. Google is doing it FOR FREE. What sort of person thinks they get free service from someone, and then also get to have it all on their own terms? Well, I mean, besides the EU? There is no free lunch. Pay for your own mail hosting with cash, or pay for Google's FREE service with your acceptance of their business model. It's not like it's complicated. And if you've got your Anti-Google speech down pretty well, it shouldn't be any harder to get a friend to switch than it would be to get them to change toothpaste once you've pointed out that their brand is poisonous. If it IS poisonous... and that's the issue, here, isn't it?

Re:No.

[Liquid-Gecka]

So then tell your friend you won't email him at GMail. I am sorry, email is NOT something you can easily protect based on the very nature of how it is delivered and how much control there is at every point along its delivery route. Concerned about that? Encrypt your emails. Expecting email to be "private" is a joke. Its just like saying that your posts on a blog are private because you turn on some control lists.

Also, have you ever read Googles privacy policies? Its the only company that doesn't blanket state that they will change the privacy policy at any time without notice. They actually say that they will not reduce your rights if they change the policy. They also state that they will only use personal information for the intended purpose and if they decide to use it some other way they will get your consent.

Googles private Policy

Re:No.

[martin-boundary]

Uh, it's not like you can tell if they use google or not. Your friend might have a vanity email with redirection to his gmail account, or his ISP might use a google backend, etc.

Finally, if I say something in private to my friend, I don't see what business it is of Googles (or any other company) to snoop on what I'm saying. This has nothing to do with Google being Evil(TM) or not, it's just common sense. In fact, it would be silly to say that nearly everybody in the world is Evil(TM) just because I don't want to share my private information with them.

But anyway, Google is certainly not doing anything FOR ME for FREE, since I don't use gmail myself. However, when I write an email to somebody who uses gmail, then Google is doing TO ME uncalled for things, like snooping on MY words, for FREE admittedly.

Re:No.

[martin-boundary]

When I email a personal friend, I am not blogging on some random website, so I don't see how the two are supposed to be the same.

Also, have you ever read Googles privacy policies?

I don't need to read Google's privacy policy, since I'm not a gmail user. I'm not asking them for a service, they're the ones who insist on snooping on my words if I email a certain friend.

BTW, privacy policies don't protect customers over the long run. When a company wants to modify their policy, they phase it out with old service contracts, and make sure that the newer contracts will refer to the new policy. It's standard practice. You shouldn't be so trusting, companies are not people.

Re:No.

[This+is+outrageous!]

Concerned about that? Encrypt your emails. Expecting email to be "private" is a joke.

It's not about them reading your messages.

It's about them using the headers to link your email address(*) with all searches, cookies and ad-sense carrying sites browsed from your IP.

(*)Hence really your identity, if a message with you professional address, say, ends up forwarded to one of their accounts. )

Re:No.

[91degrees]

Don't like a company's privacy policy? Don't patronize them.

No!

Why should businesses have the right to store information about me indefinitely? How does it benefit me? EU? It only benefits shareholders in the companies by making them money at the expense of my privacy, while all responsibility is abdicated to an abstraction representing those people.

In Europe, we realise that a free market can solve some problems. Government regulation is needed to solve other problems.

Personally, I like the fact that the franchise that changes my vehicle's engine fluids is already pulling up my service record when they see my license plate roll into their queue lane.

Yes, but nothing in EU law prevents this. The data is directly relevent to their business. They don't keep data about absolutely everything I've ever done there.

Re:No.

It's your fried who gave up your email to Google. Your friend agreed to have your email scanned, stored and used by Google.

Re:No.

[CaptainZapp]

Don't like a company's privacy policy? Don't patronize them.

Don't like European laws? Don't do business there.

Re:No.

[ScentCone]

Why should businesses have the right to store information about me indefinitely?

Because you grant them that right. That's what terms of use are all about... it's part of the bargain you strike when you elect to do things like use their FREE EMAIL HOSTING, or make money by running ads they serve up on your web site.

[Personally, I like the fact that the franchise that changes my vehicle's engine fluids is already pulling up my service record when they see my license plate roll into their queue lane.]

Yes, but nothing in EU law prevents this. The data is directly relevent to their business. They don't keep data about absolutely everything I've ever done there.

Sure they are! Everything I do there: when I arrive what services I get while I'm there, when I leave. Do you mean... they don't record how many times I breath while I'm there? Neither does Google. Google isn't changing oil, they're serving up targeted ads, hosting communications services and other apps... and they're recording all sorts of things related to THAT.

Interesting

[jeevesbond]

So, due to privacy concerns, the EU dislikes Google storing data on its users, but forces ISPs to retain data for two years? Under the catch-all excuse of 'terrorism' no less.

In the US on the other hand privacy laws generally cover government actions while the business sector remains largely unregulated. Is it perhaps time to follow the European example and extend privacy laws to include corporations?

They could follow each others example: the EU could introduce laws to stop government snooping, whilst the US introduces laws to stop corporate snooping. Personally I find the EU government snooping worse than Google, at least Google is a product choice, government laws can't be worked around. Although the purchase of Double-click does make Google's tracking somewhat difficult to avoid when surfing around.

Failing that, just use Scroogle and/or Tor and/or an ad-blocker. :)

Re:Interesting

[martin-boundary]

Personally, I find the US policy worse. With government snooping, there is parliamentary oversight in principle and the ability to change laws later, which is a lot better than trusting greedy investors and holier than thou companies to not sell my data to third parties, like crazy marketers, credit reporting and insurance companies, or front companies for organized crime.

Politics aside, as a rule I think that whichever solution limits more the spreading around of my data is the solution I prefer, at least while we wait for both the US and EU to fix their respective deficiencies.

Re:Interesting

[VON-MAN]

"EU government snooping"??? There is NO such thing. There are, however, EU laws regarding "snooping". But that is really something different. (You were thinking of the British government that's snooping, CCD cams come to mind).

"Personally I find the EU government snooping worse than Google, at least Google is a product choice, government laws can't be worked around."

Let's just straighten this remark out: "I can stop using Google, and with the next elections I can send my government home." these are your choices.

Sorry, the way you Brits ALWAYS blame the continent for... everything, is pathetic.

Re:Interesting

[Antique+Geekmeister]

Well, given that the British are more video monitored than any country in the world, I think the idea that somehow there is no government snooping there is pretty confused. And have you ever examined how the Value Added Tax records can be used to monitor private business dealings and personal purchases?

Re:Interesting

[VON-MAN]

I really don't know what those "Value Added Tax records" are, but I do know of many reduction cards used by bigger stores that are used for all kind of demographic profiling. And really, this is the choice you are given, convenience and better pricing against privacy concerns.

Re:Interesting

[malsdavis]

"Personally I find the EU government snooping worse than Google,"

This is the difference between USA and EU citizens' privacy worries. On the most part, very few people in Europe worry about what government agencies do with their personal info, but are extremely worried about how corporations use it. As opposed to the USA where it's the opposite way around.

It seems to be related to wider cultural differences. Europeans tend to trust public institutions a lot more than they trust large corporations whereas Americans tend to trust corporations a lot more than public institutions. This can be seen in many areas, such as: Health-care, gun control, social/welfare security, general security, control of public infrastructure, media ownership, political funding etc.

Neither cultural viewpoint can be declared flat-out better or worse though as there are valid arguments for both. Companies from either side of the Atlantic need to take into account the attitudes prevalent on the other side however otherwise these sorts of problems occur.

Re:Interesting

"Personally, I find the US policy worse. With government snooping, there is parliamentary oversight in principle and the ability to change laws later"

Hehehe ... riiiight.

Does Google have the ability to send heavily armed goons knocking on your door ?

Re:Interesting

[jeevesbond]

"EU government snooping"??? There is NO such thing.

Putting words in capitals doesn't make them true. I call holding information on all the sites I visit, for possible perusal by the government, 'snooping'. You may entrust them to use the data honourably, but from the article linked to earlier it seems the copyright lobby groups already have designs upon that data. In short you don't call it snooping, I do. A matter of semantics really.

Sorry, the way you Brits ALWAYS blame the continent for... everything, is pathetic.

I never blamed the EU for anything. In fact am one of the few Brits who--openly at least--likes the idea of a unified Europe. Example: last time I flew into Bordeaux airport, some old Brit was complaining that the trolleys required a Euro, but she had no change. I pointed out to her that if Britain had joined the Euro she probably would have had some change in her purse. She wasn't very pleased, but couldn't argue such a simple point. :) Also That idea of data retention originally came from Britain (if memory serves). It appears many governments seem to think if one allied country is doing something it's fine for them to do it too. The proliferation of US DMCA-esqu laws is a good example.

What about retention?

[McGiraf]

What about the other laws? The ones about data retention by the ISPs so governments can subpoena it when they want to? Emails, Proxy logs etc? no privacy concern there? sheesh ...

Re:What about retention?

[VON-MAN]

Yes. What about them? The EU is harmonizing data privacy laws in the whole of Europe. Google, when operating in the EU, isn't exempt from these laws. And yes, absolutely, there are enormous privacy concerns with those retention laws (and I doubt that it'll be a big problem for the real terrorists).

It should be noted that not the emails themselves a kept, but the logs of the mailservers. Just as mobile phone records are kept and not the actual conversations. The differences there should be obvious.

the obvious question:

Google is a US corporation. Of what concern are European privacy laws to it?

(And wasn't it the EU that was *requiring* retention of a lot of personal web data recently?)

Re:the obvious question:

Google does business in the EU.

Re:the obvious question:

[julesh]

Google is a US corporation. Of what concern are European privacy laws to it?

The concern is over the fact that they trade with people in the EU. US corporations that trade in the EU are required to follow EU laws; if they aren't, they may be fined by the EU (e.g. Microsoft), and if they do not pay their fines to the EU then they face having any of their property that is within the EU confiscated. This would include any money in transit from their European customers to them.

The EU? The European Union?

[Opportunist]

The same EU that requires its ISP to store every connection you make, complete with timestamp and endpoints involved, for at least 6 months, but for however long the governments in the member states deem appropriate? The same EU that wants this information to be easily accessable by everyone who has a "vested interest" to hunt down legal offenses? Without describing too closely what a "vested interest" could be or whether only other governments or even some private organisations can access that information at will.

We're talking about that EU, yes?

Re:The EU? The European Union?

[da_matta]

The important difference in this is that the data stored by ISP's is for law enforcement purposes and requires a court order for access. There are also very strict regulations about who/why/when can access and how to log that access. Google and other companies store and use data to make profit with very little regulation.

Re:The EU? The European Union?

[asninn]

Yes, that's the same EU.

Has it ever occurred to you that the world is not black and white? Just because an entity does SOME bad things doesn't mean that EVERYTHING it does is bad. You'd think that people from the USA of all places would understand that.

Re:The EU? The European Union?

[VON-MAN]

The same EU that wants this information to be easily accessable by everyone who has a "vested interest" to hunt down legal offenses?

No.
With 'everyone who has a "vested interest"' you mean the judge and secret services, don't you?

Without describing too closely what a "vested interest" could be or whether only other governments or even some private organisations can access that information at will.

No.
It is in fact exactly the other way around. These things are very precisely described.

Re:The EU? The European Union?

[DrEldarion]

So? If you don't like using Google, don't use their services. You can't get around the ISP tracking nearly as easily.

Re:The EU? The European Union?

[Opportunist]

No, honestly I was thinking more along the lines of "do as I say, not as I do".

Re:The EU? The European Union?

[Tim+C]

And when every search engine collects similar data from their users and uses it in similar ways, do you simply stop using search engines?

Re:The EU? The European Union?

[DrEldarion]

If there's a demand for one that doesn't, then there will come a service that fills that demand.

Re:The EU? The European Union?

[Ravnen]

In theory, yes. In practice, most users aren't perfectly informed about what data is saved by a search engine, how long it's saved, how it's used, whom it's shared with, etc.

Great idea in theory

[Infonaut]

Don't like a company's privacy policy? Don't patronize them.

This libertarian idea is wonderful in theory, but not so easy in practice. If all of the companies in a given market have economic incentives to make use of your private data, they will all err on the side of making more revenue, not protecting your privacy. In a publicly-owned company, the profit motive will always beat out any concerns that are considered secondary. Even where a company knows that privacy is important to users, they also know it is not *the* most important determining factor for customers. Therefore, even though it might be high on the list of customer concerns, all the companies in the market will still ignore it.

For an example of this in action, look at those obnoxious watermarks all American TV channels now display. Nobody likes it, but it's not enough of a detriment that people won't watch whatever ABC, CBS, NBC, et al, is showing. The fact that they all do it makes it impossible to show your displeasure by switching channels anyway.

Your example of the landscaping company records is a red herring. These sorts of customer service businesses only gather information related to the work they do for you, while search engines gather a much broader range of information. The fact that small service businesses get audited is irrelevant as well. Nothing in the audit records is going to provide anything beyond transaction dates and amounts. Generally speaking, Mom & Pop's Garden Service doesn't get routinely attacked by ambitious hacker networks, either.

I understand that you enjoy the benefits of companies using your personal information to provide better service. So do I. So do the vast majority of people. But I think it's a gross simplification to say that as a practical matter we really have much choice in the matter.

Re:Great idea in theory

[VON-MAN]

"all companies will err on the side of making more revenue"

Yes, I agree. I find it disturbing that this must be explained so often. Also, I would like to add that this behavior should be fully expected from a company. And that is exactly why government should protect the general populace (and companies) from companies with law.

That goes both ways

[Rix]

Don't like a country's privacy laws? Don't do business there.

There is a big gap

The governement is beholden to respect the privacy law, and justify (with a judge signed document) getting those ISP kept data. Sure you can argue that they can abuse the power, but this would then be illegal. On face value the governement also cannot resell your data to somebody else. On the other hand corporation can do whatever they want including reselling your data to the most shaddy part of the world. This is partially why there is a privacy law in the EU because it is recognized of the possible abuse of the corporate world (data rentention, and right of rectification).

I would rather give my data to the governement than to a corporation, especially seeing how quick they are to sell/whore it off. And don't think A SECOND that if the governement is asking politely anyway the corporation won't give all the data they have on you. Since you have next to no way to block the governement getting the data, then the only bit you can protect is refusing to give the data to corporation to begin with, OR to force them to reespect the privacy of the data.

And before you start spouting off something about free market, think that for some stuff you cannot really avoid local monopolies (health, electricity, water....). Meaning that either you live out of society or you are screwed with US policy.

Like being under constant surveillance?

Willingly giving up private data by, say, walking the streets (followed by a tv-crew of some reality show published on the Internet) is in no way a violation of your right to privacy.

Don't like sucking your boss'es d!ck? Leave.

Don't like your child being abused by her teacher? Find another one.

that's why there are laws that define what is a crime, even if you're used to it.

NT

[killerdark]

Move along, move along

Here's an idea

[chuckymonkey]

How about no one gives a shit. Nobody is being forced to use google if they don't want to that I'm aware of and I don't think that any government should really care all that much how long or if a company chooses to keep the data of its service's users. Really this is a non-issue to me.

Libertarian approach to privacy

[elwinc]

Here's a libertarian approach to privacy: treat personal information like material property. And give each individual absolute property rights over his or her personal information. If you wanna do anything with my personal information, even just stamp it on a magazine sticker to mail me a subscription, you gotta get my permission. Just like if it was a trademark, or an article I copyrighted. And I, only I, have the right to rent out my personal information. Just like if it was my car. See? Libertarianism is not incompatible with protection of privacy. Look, we already treat credit card numbers like personal property: we pass them out to be used for a single specific purpose, and not to be shared. Everyone understands the contract. Misuse a credit card number and go to jail!

Personally, I find the libertarian approach to privacy too draconian, but I wanted to point out that it's really quite doable.

In the meantime there is always things like:

[Vasco+Bardo]

TrackMeNot I am in no way affiliated with these guys but I think the concept is pretty elegant, in a brute force way. Essentially your real searches become invisible again in a sea of random searches.

Google.com vs Google.co.uk?

[pyrestriker]

Alright... so Google may be invading digital rights privacy policies? If this is the case, with how HUGE google is, they could probably in a matter of about an hour edit their information collection programming based on the actual google site visited, whether it be .com, .de, .co.uk, .nz, or any other country-based website extension. As for .com, I believe that's commercial, and since Google is based in California(I believe... I KNOW it's U.S.-based), then the laws on their .com /should/ be based on the commercial laws of the United States. I don't think Google has a habit of being lazy and doing nothing about this until it comes to court time. So we probably won't see them in court. Only thing I can blame Google for is buying out other companies, covering every square inch of digital medium they can find. Wait... if google uses Linux, then why do they only seem to distribute software for Windows? Oh well, that's another topic altogether.

Re:Google.com vs Google.co.uk?

[aslate]

Google redirect UK users to their google.co.uk site automatically. Infact, the only way for me to use google.com is to directly query google.com (In the way Firefox search does). If i go to google.com i get the .co.uk search. Makes sense, better targeted advertising. This happens in other countries too (Ever Google'd with Tor? I've ended up with Polish and German google pages).

Re:Google.com vs Google.co.uk?

[pyrestriker]

Ah. I wasn't aware of that note. But as for the saving information, they could probably give a separate timeout on the data based on the location of the user that queried it. Doesn't sound too difficult.

Re:Screw EU

[dunkelfalke]

hello shelley

Good for them!

[Guppy06]

If they get to take the "We have to abide by local laws" in the case of China, they'll be similarly obliged to change their ways in Europe as well. Unless, of course, they want to reveal themselves to be two-faced, scum-sucking bastards.

What about ISPs taking advantage of our data?

[newsact]

Due to data retention Directive http://eur-lex.europa.eu/LexUriServ/LexUriServ.do? uri=CELEX:32006L0024:EN:NOT, ISPs are gathering the resources required to fulfill its requirements -office, staff, hardware and software. But that's all at their cost! So, it looks like they decided to do something about it, like sell the user profiles they will soon have on every subscriber of their services. That's much closer to every user in a country, so don't be alarmed next time you see an ad from someone you never met but it looks like you did.