Google Privacy Policy Could Violate EU Law

judgecorp writes "Google's new unified privacy policy could violate EU law, according to objections. The French data regulator warns that the policy will infringe users' privacy by building a single online profile. Commission Nationale de L’informatique et Des Libertes (CNIL) has expressed “deep concerns” about the policy and its adherence to the European Data Protection Directive."

What about MSN passport?

[Eraesr]

Hasn't MS done the same with MSN passport, where you use one login for Hotmail, MSN Messenger, XBox Live and various other services?

Re:What about MSN passport?

[icebraining]

Oh really, Mr. shill? So where's that opt-in option?

From Microsoft privacy statement:

Collection of Your Personal Information

We collect information as part of operating our Websites and services.

- At some Microsoft sites, we ask you to provide personal information, such as your e-mail address, name, home or work address, or telephone number. We may also collect demographic information, such as your ZIP code, age, gender, preferences, interests and favorites. If you choose to make a purchase or sign up for a paid subscription service, we will ask for additional information, such as your credit card number and billing address.

- In order to access some Microsoft services, you will be asked to sign in with an e-mail address and password, which we refer to as your Windows Live ID. By signing in on one Microsoft site or service, you may be automatically signed into other Microsoft sites and services that use Windows Live ID. For more information, see the Windows Live ID privacy supplement.

- We collect additional information about your interaction with Microsoft sites and services without identifying you as an individual. For example, we receive certain standard information that your browser sends to every website you visit, such as your IP address, browser type and language, access times and referring Web site addresses. We also use Web site analytics tools on our sites to retrieve information from your browser, including the site you came from, the search engine(s) and the keywords you used to find our site, the pages you view within our site, your browser add-ons, and your browser's width and height.

- We use technologies, such as cookies and web beacons (described below), to collect information about the pages you view, the links you click and other actions you take on our sites and services.

- We also deliver advertisements (see the Display of Advertising section below) and provide Web site analytics tools on non-Microsoft sites and services, and we collect information about page views on these third party sites as well.

- When you receive newsletters or promotional e-mail from Microsoft, we may use web beacons (described below), customized links or similar technologies to determine whether the e-mail has been opened and which links you click in order to provide you more focused e-mail communications or other information.

No opt-in here! The only thing you can do is opt-out of the advertising (not data collection).

More:

Sharing of Your Personal Information

Except as described in this statement, we will not disclose your personal information outside of Microsoft and its controlled subsidiaries and affiliates without your consent.

So, you can't even choose not to share your personal information with some subsidiaries and affiliates.

Oh, and that centralization of data people are criticizing Google for?

In order to offer you a more consistent and personalized experience in your interactions with Microsoft, information collected through one Microsoft service may be combined with information obtained through other Microsoft services. We may also supplement the information we collect with information obtained from other companies. For example, we may use services from other companies that enable us to derive a general geographic area based on your IP address in order to customize certain services to your geographic area.

Re:What about MSN passport?

[TheRaven64]

Because that would require Microsoft to be competent at cross referencing and datamining and, well, have you seen Bing?

Re:Use another service?

[Lennie]

Most non-technical users don't understand these things. Kids usually don't fully understand the impact/ramifications.

Atleast that is some of the arguments I've heared.

Most politicians also fall in the first catagory.

Re:Use another service?

[zippo01]

ignorance never makes good justification.

Re:Use another service?

[azed9]

Use another service? Not possible with an android device as most useful functions require a Google login. Google should offer an opt out option. Or a refund.

Re:so all of a sudden Google is now infringing

[Carewolf]

Cross-referencing databases. I guess facebook is in the clear because they only have one database. The problem is cross-referencing personal data from multiple databases.

It sounds a bit odd in technical ears, but the idea is that users can control how much they reveal about themselves and to whom. When data is cross-referenced, then data them only meant to reveal in a specific context is suddenly available in a context where it was not meant to be revealed.

Re:If the services had started out integrated

[MrMickS]

The key issue is where the control lies. On Facebook the user has to explicitly allow the information to be used by the various applications etc. In Googleland they are just tearing down the barriers without giving the user the chance to say that they don't want their information from the different areas to be included in their meta-profile.

If Google had thought about it a simple acceptance screen allowing people to opt in and out their information from the meta-profile would probably have addressed the privacy concerns. It would also highlight to the users what information Google has collected and what services it is providing. Google steers by its own moral compass and doesn't really care what anyone else thinks as long as it's happy with what its doing.

Re:so all of a sudden Google is now infringing

[icebraining]

See those Facebook buttons in almost every website? That's Javascript being loaded from Facebook's domains, and your browser is sending your login cookies along.

Are they tracking? It's impossible to know. But they are getting the information of what sites you're visiting.

Re:If the services had started out integrated

[Shazback]

How can I get FB to not use my information in photos? Oh wait. I can't. How can I get FB to not use my information in events? Oh wait, I can't. How can I get FB to not use my information in chat? Oh wait, I can't.

Google has the same controls regarding third party access to information as FB. The only difference is that Google doesn't really rely on many third party applications, whilst FB has created a complete ecosystem in that respect.

>>If Google had thought about it a simple acceptance screen allowing people to opt in and out their information from the meta-profile would probably have addressed the privacy concerns. It would also highlight to the users what information Google has collected and what services it is providing.
Google has had Dashboard for *years* now that shows exactly what personal information Google had gathered from their various services. For each service, you can (and could well before today) go into the specifics of the privacy agreement, remove personal data, change how it would be shared etc. FB doesn't have anything like that. Google has pointed out repeatedly that it HAS Dashboard, and unlike FB, provides a tool to remove -all- your personal information.