back to article France gives Google three month DATA PRIVACY DEADLINE

Data authorities have ruled that Google has breached the French Data Protection Act, and the huge advertising firm has been ordered to comply with the law within three months or else face sanctions. Data watchdogs in the UK, Spain, Germany, Italy, and the Netherlands have also launched enforcement actions against Google today …


This topic is closed for new posts.
  1. Anonymous Coward

    Google should be kicked out of Europe.

    Sanctions are not good enough. It didn't stop Google hacking tens of thousands of private wi-fi networks. No. Shutdown of Google operations in EU juristiction is required by several laws.

    1. Anonymous Coward
      Anonymous Coward

      Re: Google should be kicked out of Europe.

      You forgot to add "Won't somebody think of the children!"

      1. Anonymous Coward
        Anonymous Coward

        Re: Google should be kicked out of Europe.

        "You forgot to add "Won't somebody think of the children!""

        No need.

        Iain Dumbcnut Smith's already Monstered them.

    2. Andrew Jones 2

      Re: Google should be kicked out of Europe.

      How very Daily Mail of you......

      by *hacking* you of course meant recording data packets

      and by *private* you of course meant public, since that is what any WiFi network that has no encryption is - it may not of been intended to be public but when it is broadcasting unencrypted and ANY WiFi capable device can (and will) connect to it without authentication - it is public.

      1. Anonymous Coward
        Anonymous Coward

        Re: Google should be kicked out of Europe.

        And don't forget BT's part in all this.

        They're probably responsible for creating > 50% of those "public" wi-fi spots.

      2. Anonymous Coward

        Re: Google should be kicked out of Europe.

        How very Andrew Jones of you.

        Gary Mcklinnon telneted onto open public computers in the US and faced oppressive extradition proceedings for ten years. That was called 'hacking' by Googles masters.

        "and by *private* you of course meant public, since that is what any WiFi network that has no encryption is"

        Just like the computers Gary 'hacked' - unless you call 'root' + "null" or root + "password" private.

        What a plonker you are Andrew!

        1. Anonymous Coward
          Anonymous Coward

          Re: Google should be kicked out of Europe.

          No - Mckinnons actions were different.

          Broadcasting unencrypted wifi is no different from someone operating a street lamp. Prosecuting anyone for using the light from that lamp is ludicrous.

          Not to mention that an unencrypted wifi router is continually broadcasting "here I am - come and connect to me".

          1. Anonymous Coward

            Re: Google should be kicked out of Europe.

            No - Mckinnons actions were not different.

            Every time you browse to a web page you are accessing a (usually private) computer system using default authentication. That is exactly what McKinnon was doing - via telnet not HTTP. In your world everyone is a hacker and should go to jail for 3 life terms. Plonker!

            1. Intractable Potsherd Silver badge

              Re: Google should be kicked out of Europe. @ Colin Camper

              You expect anyone to take you seriously when you use words like "plonker" to anyone that disagrees with you? Sorry, I don't. I suspect you are trying to build up an Eadon-like persona for whatever reason.

            2. Anonymous Coward
              Anonymous Coward

              Re: Google should be kicked out of Europe.

              Err no.

              McKinnon was (by your own admission) accessing the US systems with logon credentials, rather than just "browsing", even though the security of those systems was poor. Which is somewhat different to conventional browsing. Telnet or HTTP is irrelevant here. BTW McKinnon actually admits to hacking:

              Google, on the other was voluntarily handed out an IP address by wifi routers for the express intention of accessing their networks. And then charged with hacking!?!

              Update today: In a rare show of common sense (despite best efforts from MP witchfinder generals, Daily Fail etc), the ICO has decided Google's actions were NOT hacking:

              Oh, and how about not insulting everyone for having a different opinion to you, just because you can. Try and be a bit more grown up - pretend you were face to face with your fellow commenters and have some manners. Plonker is so 1980s.

              1. Anonymous Coward
                Anonymous Coward

                Re: Google should be kicked out of Europe.

                Since you're obviously a plonker yourself, let me put it in an alalogy for you so you can see the difference.

                The actions of McKinnon.

                NASA is a house, McKinnon went to the house and found the door was unlocked. He went inside and looked around which is breaking and entering.

                Unencrypted Wifi however is somebody sat outside a house with no door saying "Hey come inside" they asked you in, which is not breaking and entering.

                Does that make the difference any clearer for you?

    3. Crisp

      Re: Google should be kicked out of Europe.

      Maybe you could report them to the IWF.

    4. JLV

      Re: Google should be kicked out of Europe.

      Totally agree. Have I got a Bing for you!

      Yours Truly, S. Ballmer

  2. Kevin Johnston

    A Question...

    Does this impact cross-border activity? If, for the sake of argument, I go to France for a long holiday but choose to use the UK sites as I have them as bookmarks then which jurisdiction do I fall under?

    Does the reverse have an impact ie where a Frenchman travels to the UK to watch Les Blues in the Six Nations are the more rigorous French regulations in effect if he uses Google Maps to find his way to Twickenham?

    1. John Brown (no body) Silver badge
      Black Helicopters

      Re: A Question...

      "Does this impact cross-border activity?"

      Apparently not, because Google appear to think that all of "Europe" has one set of laws. According to the article “Our privacy policy respects European law and allows us to create simpler, more effective services. We have engaged fully with the authorities involved throughout this process, and we’ll continue to do so going forward,"

      As a statement relating to legal compliance, Google really ought to have specified what they meant by "Europe". Of course, like good politicians, that's why the response is woolly. If they get pulled on it, they can change the definition to be the one they need to suit the situation. It's a bit like Hague claiming the UK security services rigorously follow the law on comms interception. But he never actually denied that they get data slurped by the NSA from Google et al.

  3. bigtimehustler

    The problem is, these countries are democracies and they know there people actually want to use Google and would be pretty pissed if they found the country had blocked Googles operations. Google knows this, so what exactly can they do? Fine Google? yes they can and will do but ultimately they can pay out their pocket change.

    You can only enforce game changing sanctions against a company if most of your electorate actually support you and care enough about the issue.

    1. The_Regulator

      They can still fine the pants off them like they did to MSFT and if you think the "voting public" cares whether google gets fined huge you would be wrong.

      1. bigtimehustler

        The problem is, "huge" is very subjective. Huge to one company is not huge to another. Was Microsoft really hurt by the fines? No of course they were not. In fact they cared so little about their browser issue that they removed the choice screen in a future update by mistake. Hardly the actions of a company really hurt by an action.

        On another point, if the fine was huge enough then yes the public would care because would decrease Google's ability to produce the solutions they so love using. I think there is also a large sceptical base of people (like me) who believe this is just another way for a government to steal some money, they dont care if its their people or companies they steal it from, as long as they get it from somewhere.

  4. Mako

    Re: A Question...

    "Does this impact cross-border activity?"

    You're going to need an enormous opener for that gigantic can of worms you've got there.

    IANAL, but to me it seems that in your examples, the provider would be inadvertently committing a violation, but could not be pursued for it since they're outside French jurisdiction, (and I imagine the end user would be safe as they're not the ones alleged to be doing wrong).

    So I suppose the French could either go after Google France for Google UK's behaviour, or they could simly block Google UK from being accessible within their borders. I don't think I'd like to see either of those things happen.

    1. Anonymous Coward
      Anonymous Coward

      Re: A Question...

      "Simply" blocking Google UK might be a problem in the Calais can get French telcos from Dover; and I should imagine the reverse applies. A huge can of worms indeed.

    2. Gannon (J.) Dick
      Thumb Up

      Re: A Question...

      "National Security" (fill in the Nation, I don't think it matters) often hinges on cheap, silly deceptions directed at General Officers. It helps when the Generals think they have enormous privates and not too many Privates.

      This is quite different from the circumstances of Google. Their data collection efforts and financial "Security" depend on efforts directed against Private soldiers, regardless of uniform. It helps when The Google thinks it has enormous privates.

      The mission is not the words or the meta data.

  5. Vimes

    Data protection authorities in some of the other countries mentioned by the CNIL are way ahead of the ICO.

    Probably because unlike the ICO they don't rely on explanations on what has gone on from the very people they are investigating.

    And they aren't busy trying to find work at Google either (*cough*Stephen McCartney*cough*)

  6. Anonymous Coward
    Anonymous Coward

    The Brit watchdog will be firing off a letter to the company soon

    hahahahahahahahahahahahahaha, a fire-breathing Watchdog...

    p.s. don't forget to put an "international" stamp if you post it to Ireland / Holland, and "overseas" if posting to the Bermuda.

  7. Anonymous Coward
    Anonymous Coward

    From what I have seen here in France the CNIL is not worth the office it uses.

    Most French e-mail spammers have a little note at the bottom of the page that says they will stop sending the rubbish as required by CNIL regulations if you ask them to.

    I tried it once - it did stop that particular piece of spam BUT in its place it generated six more. Thank goodness for a bogofilter, it is doing very well at keeping the junk where it belongs - in the garbage.

    1. Vimes

      Most French e-mail spammers have a little note at the bottom of the page that says they will stop sending the rubbish as required by CNIL regulations if you ask them to.

      To be fair this is probably advice aimed at people running legitimate mailing lists.

      My biggest gripe with French law wrt data protection is that if you happen to be a French citizen and have given an email address to the French consulate then this email address is made readily available to pretty much any political organisation (and possibly other personal details too for all I know).

      Unfortunately for them I only handed out an alias, so it's easy to see if the message I'm receiving has been sent by somebody with access to my details held at the consulate. It was also interesting to note that it was the then outgoing president's party that first took advantage of this. I got spammed to hell and back by Sarkozy's web peons before other parties got into the act.

      I never click on the unsubscribe link though in any unsolicited spam - I just report them to their ISP either directly or through spamcop.

      Even more worrying is that judging from emails headers received French candidates seem to use US companies to run mailing lists. Presumably this makes any personal details available to political parties also available to the US government.

  8. heyrick Silver badge

    Not proceed, without legal basis, with the potentially unlimited combination of users’ data;

    Here's hoping they go after the NSA next.

  9. Jamie Jones Silver badge

    Somewhat ironic....

    .... that the governments play lip-service to data protection acts, whilst pissing all over us with Prism/Echalon etc.

    1. Nigel 11

      Re: Somewhat ironic....

      Not ironic at all. A simple case of "that's OUR job not YOUR job", or just "YOU do what WE say".

      I'd be far less concerned about Google if I could be assured that governments could never get their hands on Google's data. Because there are no rules at all as to what a government can do. It's the government that MAKES the rules (and usually exempts itself from them).

      1. Jamie Jones Silver badge

        Re: Somewhat ironic....

        Yep. Sad, but true

  10. Anonymous Coward
    Anonymous Coward

    'But there are also unknown unknowns -- the ones we don't know we don't know'....

    I hate to quote Rummy but when it comes to Google's lack of transparency or the Cloud in general, it seems appropriate to draw from another time where blanket assumptions were made.....

    Rumsfeld: "...because as we know, there are known knowns; there are things we know we know. We also know there are known unknowns; that is to say we know there are some things we do not know. But there are also unknown unknowns -- the ones we don't know we don't know."

  11. Pseu Donyme

    I have been wondering whether Google is just arrogant (and ignorant/stupid) or arrogant and unscrupulous here. I would presume the latter: they probably figure that by effectively ingoring CNIL and the other data protection authorities they can keep doing what they are doing for a substantial while longer and maybe even get a break ot two in the court(s) where this is going to end up. At any rate, it seems ill-advised to blatantly disregard the EU data protection laws, if only because the likely outcome, a court decision finding (some of) their current practices illegal and the publicity arising from the proceedings; Google's business model rests firmly on the deep ignorance of the general population (most of whom wouldn't have the slightest idea of, say, what a cookie is).

    1. Anonymous Coward
      Anonymous Coward

      Of course, the opportunity to raise a big chunk of tax/fine revenue from a foreign firm has nothing to do with it.

      The bankrupt French/EU profligate tossers always see it this way.

      The utter pointlessness of the MS browser selection issue and the resulting disproportionately huge fine give lie to their true agenda.

      Like Google I cannot see what the fuss is about.

  12. Anomalous Cowshed

    Google cannot see what the fuss is about

    Google is notorious as the paramount example of a company which makes its fortune by infringing on people's privacy, regardless of whether it is considered legal or not.

    However, it would seem that the governments of France, Italy and Spain want a piece of the action - a piece of the Google profits:

    "We made the rules. These rules are designed to benefit you and your ilk. Give us a cut."


    "OK then, you're in breach of article 37.d.1.IV.jjj.13(bull).sh[it] and you must rectify the situation within 3 months"

    "What? You must be kidding, it would take years and £££ billions for us to change our systems in order to comply with article 37.d.1.IV.jjj.13(bull).sh[it]".

    "Ah well, you know what to do then, and you have our bank account details."

  13. joejack

    Don't be evil, except... terrorists!

    I have to wonder if the reason the US isn't making similar noises is because the NSA doesn't want to lose valuable data points.

  14. Gannon (J.) Dick

    Can't upvote by 1/2, I rounded up.

    On "Meet The Press" last Sunday, the former head of both the NSA and the CIA said they would rather lose data points than screw with the Public ... but ... still do not appreciate having to pinpoint the "lines" they won't cross.

    He may as well have told Google that if they want to pursue their "Permissible unless (found) Illegal, creeping up to the line" nonsense that they are headed for a very big fall.

  15. DrewHew

    Am I the only one...

    ...who keeps reading CNIL as senile???

    I'm going, I'm going.

    1. heyrick Silver badge

      Re: Am I the only one...

      Well, senile in French is "sénile", which sounds a bit like "say-neel". The third letter of the alphabet sounds like "say" and if the acronym is spoken as "c nil" then...

      1. Pascal Monett Silver badge

        The acronym is spoken with a hard c, as in knil.

        Unfortunate, but there it is.

This topic is closed for new posts.

Other stories you might like