fbpx

Download free GDPR compliance checklist!

Tag Archives for " Google "

Google Says It Doesn’t ‘Sell’ Your Data. Here’s How the Company Shares, Monetizes, and Exploits It.

Although big tech companies like Google keep the lights on by harvesting and monetizing your personal data, they can be quick to mince words and deny the strawman scenario of exchanging hard drives full of your data for a suitcase of money.

Google, the adtech oligarch, devourer of data, surveyor of souls, That Which Knows All That Is Known, has decided that it doesn’t sell data. So what is happening with all of that data, which Google says it’s not selling, but from which it makes tens of billions of dollars a year?

Read full article: Google Says It Doesn’t ‘Sell’ Your Data. Here’s How the Company Shares, Monetizes, and Exploits It. | Electronic Frontier Foundation

Brave files GDPR complaint against Google 

Brave has filed a GDPR complaint v Google for infringing the GDPR “purpose limitation” principle. Enforcement would be tantamount to a functional separation of Google’s business.

The purpose limitation principle requires that organizations must scrupulously ring fence data for specific purposes. These purposes must be made clear, and be very specific. However, Google’s purposes are so vaguely defined as to have no meaning or limit. The result is an internal data free-for-all that infringes the GDPR’s purpose limitation principle.

Source: Formal GDPR complaint against Google’s internal data free-for-all

Google launches Verily site for coronavirus tests, sparking health privacy concerns 

Service requires users to sign in with personal accounts, but Google promises limits to sharing data.

Critics have questioned the data collection policies of the Verily site, including the need to use a Google account to sign into the program. Data privacy advocates like Ana Milicevic, principal and co-founder of Sparrow Advisors, a digital consulting firm, said the coronavirus site could collect sensitive personal information that could later be used in ways participants never intended.

Source: Google launches Verily site for coronavirus tests, sparking health privacy concerns | Ad Age

Swedish Data Protection Authority imposes €7 million administrative fine on Google

The Swedish Data Protection Authority imposes a fine of 75 million Swedish kronor (approximately 7 million euro) on Google for failure to comply with the GDPR. Google as a search engine operator has not fulfilled its obligations in respect of the right to request delisting.

Swedish Data Protection Authority criticised Google for not having removed two of the search results, as instructed in 2017. Specifically, Google was criticised for having made too narrow an assessment of which URLs ought to actually be removed from search results, and, on another occasion, had not removed a search result in a timely manner.

Furthermore, when Google removes a search result listing and notifies the website owner of which webpage link was removed and who was behind the delisting request, it was in fact doing so without a legal basis. Therefore, Swedish Data Protection Authority ordered Google to cease such practice.

Source: The Swedish Data Protection Authority imposes administrative fine on Google – Datainspektionen

New Mexico Sues Google Over Children’s Privacy Violations

New Mexico’s attorney general sued Google on Thursday, saying the tech giant used its educational products to spy on the state’s children and families.

Google collected a trove of students’ personal information, including data on their physical locations, websites they visited, YouTube videos they watched and their voice recordings, Hector Balderas, New Mexico’s attorney general, said in a federal lawsuit.

 

Source: New Mexico Sues Google Over Children’s Privacy Violations – The New York Times

Google gobbling Fitbit is a major privacy risk

The European Data Protection Board (EDPB) has intervened to raise concerns about Google’s plan to scoop up the health and activity data of millions of Fitbit users — at a time when the company is under intense scrutiny over how extensively it tracks people online and for antitrust concerns.

Google confirmed its plan to acquire Fitbit last November, saying it would pay $7.35 per share for the wearable maker in an all-cash deal that valued Fitbit, and therefore the activity, health, sleep and location data it can hold on its more than 28M active users, at ~$2.1 billion.

Regulators are in the process of considering whether to allow the tech giant to gobble up all this data.

Source: Google gobbling Fitbit is a major privacy risk, warns EU data protection advisor | TechCrunch

Google users in UK to lose EU data protection

Google is planning to move its British users’ accounts out of the control of European Union privacy regulators, placing them under U.S. jurisdiction instead.

The shift, prompted by Britain’s exit from the EU, will leave the sensitive personal information of tens of millions with less protection and within easier reach of British law enforcement.

Source: Exclusive: Google users in UK to lose EU data protection – sources – Reuters

Mobile Device IDs Will Be The Next Ad Tracker To Bite The Dust

Neither Apple nor Google – which is fresh off announcing its plan to kill third-party cookies in Chrome less than two years from now – has taken concrete steps to eliminate their respective device IDs as of yet, but the app ecosystem should be preparing for that eventuality.

Device IDs have proven not to be the privacy-preserving solutions they were meant to be, and now it’s time for another change.

Read full article: Mobile Device IDs Will Be The Next Ad Tracker To Bite The Dust

Google tells facial recognition startup Clearview AI to stop scraping photos

Following Twitter, Google and YouTube have become the latest companies to send a cease-and-desist letter to Clearview AI, the startup behind a controversial facial recognition program that more than 600 police departments across North American use.

Google has demanded Clearview stop scraping YouTube videos for its database, as well as delete any photos it has already collected. “Clearview secretly collected image data of individuals without their consent, and in violation of rules explicitly forbidding them from doing so,” Google said.

Source: Google tells facial recognition startup Clearview AI to stop scraping photos | Engadget

Irish DPA investigates Google’s processing of location data

The Data Protection Commission (DPC) – Irelands data protection authority -, in its role as Lead Supervisory Authority for Google, started a formal investigation into Google’s practices to track the location of users and the transparency surrounding that processing.

The investigation follows a series of complaints by several national consumer groups across the EU. Consumer organisations argue that the consent to “share” users’ location data was not freely given and consumers were tricked into accepting privacy-intrusive settings. Such practices are not compliant with the EU’s data protection law GDPR.

DPC will establish whether Google has a valid legal basis for processing the location data of its users and whether it meets its obligations as a data controller with regard to transparency.

Source: Data Protection Commission launches Statutory Inquiry into Google’s processing of location data and transparency surrounding that processing | 04/02/2020 | Data Protection Commission

1 2 3 22
>