Slashdot Mirror
EU Questions Google Privacy Policy
An anonymous reader writes "The BBC is running a piece noting that the EU is scrutinizing Google's privacy policy this month. The company's policy of keeping search information on their servers for up to two years may be violating EU privacy laws. A data protection group that advises the European Union has written to the search giant to express concerns. The EU has a wide range of privacy protections that set limits to what information corporations may collect and what they may or may not do with it. In the US on the other hand privacy laws generally cover government actions while the business sector remains largely unregulated. Is it perhaps time to follow the European example and extend privacy laws to include corporations?"
Not everyone is a Libertarian. Some people are Socialists.
If you want news from today, you have to come back tomorrow.
While I generally concur, something at least needs to be done to simplify the legal system. There is no reason a privacy policy cannot be a short, concise, two sentences.
"[Company] collects information which you may wish to remain private. [Company] retains the information for up to 2 years, and information may be made available to outside vendors without your consent."
Almost everyone can understand that. It's still a high reading level (generally), but far simpler than the 8 page privacy policy most companies have.
Wow! I now owe my friend 20 bucks! Damn, I never thought I'd lose that bet.
No, it isn't my job and it shouldn't be. I have a *right* to privacy. Corporations have no right to keep, much less distribute, most of the information they store.
I still have more fans than freaks. WTF is wrong with you people?
The right to privacy is the right to be free from outside intrusions into your personal matters. Willingly giving up private data by, say, searching the Internet is in no way a violation of your right to privacy.
I wonder if I use bold in my signature, people will notice my posts.
IMO, it's not at all obvious that the act of searching for something gives up an private data.
Max.
_willingly_ giving up privacy data is the key. willingly implies knowlingly. do you _know_ what kind of data google collects from all its services and how it uses it to track you? if you don't _know_, then you're not willingly giving up your privacy, you're being conned into giving up your data.
I for one want to know very much how are they using the data from the web stats service google provides. I see that everyone and their dog have the scripts, and while I agree to disclose some statistics to the sites that I'm visiting, I don't remember ever agreeing to disclose the same information to google.
So, due to privacy concerns, the EU dislikes Google storing data on its users, but forces ISPs to retain data for two years? Under the catch-all excuse of 'terrorism' no less.
They could follow each others example: the EU could introduce laws to stop government snooping, whilst the US introduces laws to stop corporate snooping. Personally I find the EU government snooping worse than Google, at least Google is a product choice, government laws can't be worked around. Although the purchase of Double-click does make Google's tracking somewhat difficult to avoid when surfing around.
Failing that, just use Scroogle and/or Tor and/or an ad-blocker. :)
I'm going to transform myself into a mighty hawk. Either that or I'll just go and work at Dixons, haven't decided yet.
That's not so easy. If you have a friend who uses gmail, then whenever you send your friend an email, Google will keep *your* email for god knows how long. And they certainly didn't ask *you* about it. So your simplistic solution "don't patronize those kinds of companies" doesn't work.
I certainly know what information I'm giving them. What I don't know is how much they store and how effectively they piece it all together. Why do I need to know what Google is doing with my data? I gave them my data, and so long as they don't violate an agreement I made with them, they aren't conning me.
The same EU that requires its ISP to store every connection you make, complete with timestamp and endpoints involved, for at least 6 months, but for however long the governments in the member states deem appropriate? The same EU that wants this information to be easily accessable by everyone who has a "vested interest" to hunt down legal offenses? Without describing too closely what a "vested interest" could be or whether only other governments or even some private organisations can access that information at will.
We're talking about that EU, yes?
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Don't like a company's privacy policy? Don't patronize them.
This libertarian idea is wonderful in theory, but not so easy in practice. If all of the companies in a given market have economic incentives to make use of your private data, they will all err on the side of making more revenue, not protecting your privacy. In a publicly-owned company, the profit motive will always beat out any concerns that are considered secondary. Even where a company knows that privacy is important to users, they also know it is not *the* most important determining factor for customers. Therefore, even though it might be high on the list of customer concerns, all the companies in the market will still ignore it.
For an example of this in action, look at those obnoxious watermarks all American TV channels now display. Nobody likes it, but it's not enough of a detriment that people won't watch whatever ABC, CBS, NBC, et al, is showing. The fact that they all do it makes it impossible to show your displeasure by switching channels anyway.
Your example of the landscaping company records is a red herring. These sorts of customer service businesses only gather information related to the work they do for you, while search engines gather a much broader range of information. The fact that small service businesses get audited is irrelevant as well. Nothing in the audit records is going to provide anything beyond transaction dates and amounts. Generally speaking, Mom & Pop's Garden Service doesn't get routinely attacked by ambitious hacker networks, either.
I understand that you enjoy the benefits of companies using your personal information to provide better service. So do I. So do the vast majority of people. But I think it's a gross simplification to say that as a practical matter we really have much choice in the matter.
Read the EFF's Fair Use FAQ
Good for you. I certainly don't know what data they have about me, where are they getting it from, and how are they putting it together. I much rather have a legal mechanism that requires them to tell me what data they have about me if I ask, and enables me to have it removed, then not.
I used to live in a society in which detailed files on people were customarily kept, and used to make people behave. From my experience, allowing any company (or organization, for that matter) to have data files on people without any option of the people to control what's in those files and who's accessing them isn't the smart thing to do.
But to each their own.
Simplify the legal system? Are you totally mad?
Nobody is better of with simpler laws! Not big business, not politicians and not the lawyers. Just imagine, someone from the general public reads your policy or the law, and really understands it. Do you understand the potential dangers there?
No, simpler laws is in nobodies interest. At least not somebody who has something to say about it.
Google is a US corporation. Of what concern are European privacy laws to it?
The concern is over the fact that they trade with people in the EU. US corporations that trade in the EU are required to follow EU laws; if they aren't, they may be fined by the EU (e.g. Microsoft), and if they do not pay their fines to the EU then they face having any of their property that is within the EU confiscated. This would include any money in transit from their European customers to them.