Google’s data privacy practices are attracting the regulator attention, due to the search engine’s tracking of user locations, the BBC news website reports.
Seven organisations have come together to file complaints with a number of regional watchdogs over Google’s tracking behaviours, with issues based on research which suggests users have no choice but to engage with the tracking system.
In response, the tech giant has said tracking features are turned off by default, and can be put on hold at any time by service users.
In a statement the group said:
“We argue that consumers are deceived into being tracked when they use Google services. This happens through a variety of techniques, including withholding or hiding information, deceptive design practices, and bundling of
“We argue that these practices are unethical, and that they in our opinion are in breach of European data protection legislation because they fail to fulfil the conditions for lawful data processing.”
The group’s report accuses Google of failing to provide “straightforward” information on what the submitted information entailed.
A user’s geographic location could be established through the data, as well as lifestyle details including religious beliefs, political allegiances, health status and sexual orientation.
The seven organisations are part of BEUC, an umbrella group that stands up for European consumer rights in Brussels. In a statement, the BEUC said:
“These unfair practices leave consumers in the dark about the use of their personal data.”
Among those intending to file complaints to local regulators under the GDPR are organisations based in the Czech Republic, Sweden, Norway, Poland, Greece and the Netherlands.
“Location history is turned off by default and you can edit, delete, or pause it at any time. If it’s on, it helps improve services like predicted traffic on your commute.”
“We’re constantly working to improve our controls and we’ll be reading this report closely to see if there are things we can take on board.”
Elodie Dowling, author and corporate VP EMEA at BMC Software said:
“As we reach the six-month mark of the introduction of the EU General Data Protection Regulation (GDPR), we have an opportunity to reflect on how industries and organisations are doing with regard to adequately protecting personal data. Have the controllers of personal data changed their approach to implement satisfactory processes, controls and software?
Six months on, some organisations are still attempting to provide sufficient safeguards for protecting personal data, whether this is via the pseudonymisation of names or the highest possible settings of privacy.
“With GDPR in force, data collectors are now required to demonstrate greater transparency with how they store and intend to use personal data.
“With data breaches occurring more often, the six-month mark of the implementation of GDPR comes as a very timely reminder for data controllers and processors to continue to work towards improving their existing privacy standards to a compliant level.
“If they do not comply, we have already witnessed the threat of greater financial penalties being imposed to ensure compliance of a satisfactory standard. To ensure GDPR compliance is adhered to in an efficient manner, businesses will have to rely on technology to provide them with complete visibility and control over any data kept on-premise or within cloud environments.”
European Data Protection Summit will take place on June 3rd in Central London and will play host to 800 DPO’s, Security Professionals and senior business decision makers looking for; information, updates, clarity, advice and solutions. For more information, visit the website.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.