Slashdot Mirror

← Back to Stories (view on slashdot.org)

EU Authorities To Demand Reversal of Google Privacy Policy

Posted by Unknown on from the legal-dept-hiring dept.

judgecorp writes "Google's privacy mechanism, which combines personal data from around 60 products, and gives users only one opportunity to opt out, was rolled out in March against requests from privacy regulators in Europe. Now they want the policy reversed, and user data from the different Google products, including Gmail, Search and YouTube, to be separated. The EU attack is lead by French regulator CNIL, which has historically taken a tough line on privacy matters."

9 of 177 comments (clear)

  1. "Are you a criminal?" by aliquis · · Score: 5, Insightful

    "Yeah, so what if YouTube let you register with a user name before we bought it. We see you don't use a real name. WTF is up with that? Are you a criminal?

    [x] My name is ___________________________
    [ ] I'm a criminal."

  2. Not an issue for me by aNonnyMouseCowered · · Score: 5, Interesting

    Really, I don't see this as an issue if you're volunteering your personal info to Google anyway. I'm more worried by the tracking that Google does even if you're not logged in, say, via its ad and recaptcha services.

  3. And I want a pony... by O('_')O_Bush · · Score: 5, Interesting

    Really though, unlike with Intel or Microsoft, I've never felt like I have been wronged by Google, which is probably why my knee jerk reaction is that this is just another extortion racket and an organization hired to cause a stir.

    --
    while(1) attack(People.Sandy);
    1. Re:And I want a pony... by Paradise+Pete · · Score: 5, Insightful

      I've never felt like I have been wronged by Google

      Right now Google's not hurting, so they can be more selective in what thy do with that data. But when times get tough, and they probably will, Google will resort to all sorts of tricks to keep that cash cow mooing.

    2. Re:And I want a pony... by tlhIngan · · Score: 5, Insightful

      Which is fair, but how will splitting the privacy policies back into various areas HELP privacy? Doesn't putting them all in one place for Google products make it easier? And even if split, do they not get how Google tracks everything anyway? Very strange way to help people I'd think.

      Well, before, Google had a different privacy policy for every product. This resulted in your YouTube browsing habits not being able to be shared with your GMail history, Google homepage not being able to search your e-mail or possibly throwing up your email search results when you search, etc.

      By unifying the privacy policy, Google made it easier to combine the data about you from many silos into one. Perhaps you were doing some Google searches about say, gay marriage. Now your YouTube ads for that next cat video can suggest gay marriage pastors. Or election ads about gay marriage.

      Or perhaps you're trying to keep your online activities separate. Perhaps you enjoy downloading the latest music and movies, but keep that separated somehow from your other activities. Perhaps using another browser. Or perhaps another computer. Problem is, you use Google on both, and eventually Google links both your nefarious pirate ways with your real life ways, so the MPAA and RIAA can now positively identify you through Google. (Ask Jammie Thomas).

      All the EU is doing is basically telling Google to put the data back in their individual silos and stop mising and churning it. Of course, law enforcement and IP lovers will be a lot less happy if they can't get at your user profile and prove that you are the person being accused through Google's profiling of your activities (the links are more tenuous when data is isolated. When they're combined, they're very powerful).

      Of course, this also allows Google to aid in finding people who do bad things - they can link the searches to the youtube videos to the G+ postings and all that. Perhaps even to their facebook account and get a name/location/etc.

      Oh yeah, trust me, it's not just advertisers/insurance people interested in your habits. And heck,one silo also means that false information can be rapidly corrected (yay!), alongside with notes on the false information in case you used it elsewhere, providing more linking data.

  4. Re:French fight for our freedom? by davester666 · · Score: 5, Insightful

    No. The French may save French users of Google. Perhaps even for the rest of the EU. But DEFINITELY not for anywhere else.

    Google will definitely [if they are forced to keep this information separate for some locations] recode their products to keep it separate for people in those locations and combined everywhere else.

    --
    Sleep your way to a whiter smile...date a dentist!
  5. Easy you put into law by aepervius · · Score: 5, Insightful

    We have had law about privacy and IT and database for about as long as it started to become a phenomenon, I think back in the 80ies. For example you may not in certain circumstance do a join on database, or have races, skin color, religion, political affiliation, or whatnot mentioned in some database (I don't recall exactly when it is allowed, but you can take for granted that in a commercial database it is msotly not allowed). There is something similar on EU level.

    That you in the US (or any other country) don't care that you are the "product" is your problem. but if google want to have a commercial presence in EU it better respect our privacy laws. And No it is not YOUR responsibility to use different usernames, it is google responsibility to respect law and not join DB.

    --
    C. Sagan : A demon haunted world:
    http://www.amazon.com/gp/product/0345409469/
    visit randi.org
  6. Re:Google 'safe browsing' cookie by Anonymous Coward · · Score: 5, Interesting

    Why does this need a session cookie? why does it need to update the list so incredibly frequently? Why send only partial keys?

    Dude, take off the foil hat. I work at the big G (not on anti phishing) and all these concerns have been discussed publicly before. There is a cookie for anti-DoS purposes. Google has the ability to sink large amounts of HTTP traffic using smart load balancers which can handle way more requests than the backends they balance on to. During a DoS attack legitimate cookies that have been observed behaving in a non-abusive manner for a long time can be serviced whilst excluding requests that come in with no cookie or a freshly minted cookie. And let's face it - the anti-phishing system is designed to frustrate criminals, the kind of people who wouldn't hesitate to use DDoS attacks against a blacklisting service.

    The list is updated frequently because phishing sites appear and disappear very fast.

    If there was no partial server-side matching you could defeat the blocklist by simply using random filenames or ?q=abc suffixes on the phishing page (eg every spam you send with a phishing link could have a unique URL). Then a list of even a million URLs would be insufficient. By having partial/prefix matches that trigger a server side lookup more advanced logic can be used that doesn't require protocol changes to every client, in extreme cases you could even imagine hand crafted code that understands how to spot patterns in particularly tricky campaigns.

    CAPTCHA: explains

  7. Re:French fight for our freedom? by e70838 · · Score: 5, Informative

    I live in France, and I work into the IT field. I have the complete opposite feeling than the post above. The CNIL has always demonstrated a very deep understanding of technology. Even if it is a state agency, it has provided very sound analysis and opinions on the recent laws (HADOPI, ...) that were demonstrating the stupidity of the proposed laws. The laws were adopted almost unchanged and all the analysis of the CNIL have been proven to be true.

    The CNIL is not very powerful and can not go beyond its scope, but I have never been deceived by anything it has produced.

    The main root of the CNIL is the history of France during the 2nd world war where some files were used against jews.