back to article Google answers less than half of watchdog's privacy tweak questions

Google only partially responded to French data protection regulator CNIL late last Thursday about the company's controversial privacy policy tweak in March. The world's largest ad broker asked for more time to answer the 69 questions put to it by the watchdog, which had been tasked with investigating the company's actions by …

COMMENTS

This topic is closed for new posts.
  1. rtli-

    So what _is_ he wasting taxpayers' money on, then?

  2. Neil Barnes Silver badge

    policy that covers many products...

    and enables the sharing of data between them is an industry standard approach...

    But that does not necessarily make it either right or acceptable.

  3. Silverburn

    "We find it disappointing that some regulators publicly express doubts of lawfulness without having accorded us any chance to engage on the issues of concern," he said.

    "We find it disappointing that some regulators publicly express doubts of lawfulness without having accorded us any chance to blackmail them first with incriminating details from their browsing habits, contents of local wifi networks or cloud documents or GPS history" he said.

  4. Anonymous Coward
    Anonymous Coward

    Righty...

    How long before Microsoft, Yahoo & Facebook are asked (& answer) the same questions about their services? I'd be interested in the results.

    1. Field Marshal Von Krakenfart
      Holmes

      Re: Righty...

      And here's their answers:-

      Yahoo's reply

      "The use of a primary privacy policy that covers many products and enables the sharing of data between them is an industry standard approach adopted by companies such as Microsoft, Facebook, Google and Apple,"

      microsoft's reply

      "The use of a primary privacy policy that covers many products and enables the sharing of data between them is an industry standard approach adopted by companies such as Google, Facebook, Yahoo! and Apple,"

      facebooks's reply

      "The use of a primary privacy policy that covers many products and enables the sharing of data between them is an industry standard approach adopted by companies such as Google, Microsoft, Yahoo! and Apple,"

      1. Trevor_Pott Gold badge

        Re: Righty...

        Apple's reply: "nice country you have there. Shame if we stopped selling iTat into it and told your citizens it was all your fault..."

  5. adnim
    FAIL

    Unique visitors

    "Google was unable to cough up the "metric" detailing the number of unique visitors to the firm's privacy policy website"

    Haven't they heard of Google Analytics?

    1. DJV Silver badge
      Happy

      Re: Unique visitors

      Damn, you beat me to it!

  6. Michael Souris

    Correction

    I think this should read "which was heavily trailed on many Google properties".

  7. Andy Livingstone

    Gmail and LSOs

    Be interesting to see how the Information Commissioner deals with "his" policy versus "their" policy. Each visit to Gmail through the website picks up an LSO. No specific permission requested.

    Mind you, it seems to be the same with the Daily Mail, Three, Incahoot and, I'm sure, many others.

    With the sheer number of cookies still being sprinkled around without end user permission does the Information Commissioner have the resources to deal adequately with the issue. As a Bank told me last week "Who cares? Everybody does it"

    1. we all know how irritating it is having to interact with the shopkeeper in any way Silver badge

      "Who cares? Everybody does it"

      Well I care, and I regularly reboot Firefox to remove cookies that will timeout at the end of a session. I also regularly go through the remaining (very long) list of cookies and delete those too.

      Plus No Script stops many sites (many more than you would expect) working by restricting all the other crap they pull in. I can selectively allow the other Javascript (and their associated cookies) that I need.

      Firefox gives me some control -- which lets me do what I can. Thanks Firefox. :-)

  8. mittfh

    Other companies

    Google's hardly the only company to offer multiple products and collate / aggregate information about what its users are doing with them. Therefore surely it makes sense to have a single overarching privacy policy rather than a separate one for each product?

    The information they collate is probably used to improve their products, as well as offer targeted ads and search results. Because of the size of their portfolio, they don't need to flog the statistics database (or any other associated info) off to a third party. They also heavily trailed the upcoming changes in advance across their entire portfolio (even including the phrase "This is important."), which is more than can probably be said about many other companies.

    Never mind there's a possibility that Microsoft probably have access to a substantial amount of user data - not just from across the "Bing" platform but possibly also from Skype, Facebook, Facebook app / game developers and Instagram.

    However, it would still be useful if they provided a means of viewing the information that's been harvested about you, and separate controls to (a) allow yourself to opt out of any / all information harvesting, (b) control what the information harvested is used for (e.g. particularly for businesses it could be useful having access to 'generic' search so they can see where they'd come in Joe Public's searches for their name / products / employees.

    1. Benjamin 4

      Re: Other companies

      They do offer a service to see what data they're holding on you. Look up Google account activity. Actually quite interesting to read through some of the things you do.

      1. Anonymous Coward
        Anonymous Coward

        Re: Other companies

        And what about looking up the data the gather even when you haven't logged in to a Google Account? How do you look that up? It's highly unlikely that they're not profiling you or at least the browser you're using, even if you aren't logged in to an account.

  9. Tom Simnett
    Facepalm

    Surely...

    ... his job is precisely to provide advise to any legal entity for whom data protection in that jurisdiction is potentially a concern. Any DPA is there to ensure the rules are followed and to ensure the rules are fair to the end user. If a company or individual has queries or wants to make sure they're not going to be wasting their energy (money, time) on something that definitely won't get ratified, this is precisely what I'd expect a data protection chief to be helping with.

    1. DF118

      Re: Surely...

      This would be a fair point if Google had given said DPCs more than a 48hrs "heads up" notice of the changes to their PP.

    2. /\/\j17

      Re: Surely...

      Well the EU Agency for Fundamental Rights' advice on DPAs is that they should be:

      - independent guardians of privacy.

      - efficient one-stop shops for all data protection concerns of citizens and other persons.

      It DOESN'T say they are there to advise companies at the companies beck and call. That's what a companies own lawyers are for.

  10. Anonymous Coward
    Anonymous Coward

    @ DF118, Re: "...48hrs "heads up" notice..."

    Source?

    1. DF118
      Holmes

      Re: @ DF118, "...48hrs "heads up" notice..."

      Reg story quoting one of said DPCs (or possibly Viviene Reding, can't remember) - anyway - search box is your friend.

  11. Mark 65

    Big Corporation Ignorance

    "Fleischer also fired a few questions back at CNIL, asking – among other things – what the "legal basis" was for the Article 29 Working Party to "act as a regulatory body"."

    This epitomises how bully-boy companies like Google get off on the wrong foot with the EU. Microsoft used to do it too. Just because your local US authority would let you sell everyone's grandmother without asking first it doesn't mean that the EU will. Like it or not they wield plenty of power and they aren't afraid of using it when it suits them. Questioning their party/committee/quango's legal basis to oversee your potential breach of their laws will not gain you any favours and is more likely to result in a very large fine when the case goes against you just for being an arsehole. If they do not have the power it will just get passed on to someone who does. Just ask Microsoft for the details of how acting like a disinterested teenager pans out.

This topic is closed for new posts.

Other stories you might like