back to article Google in Dutch: Privacy changes BREAK data law, says Netherlands

Google broke data protection law in the Netherlands when the ad giant tweaked its privacy policy in March 2012, says the country's privacy watchdog. The Dutch Data Protection Authority said on Thursday that Google had breached the country's rules because it had failed to adequately inform all its users in advance about the …

COMMENTS

This topic is closed for new posts.
  1. Crisp

    "It is almost impossible not to use Google services on the internet."

    It's not even close to impossible. Has Jacob Kohnstamm even actually tried using the internet without using Google?

    I don't think he has.

    1. sabroni Silver badge

      You might not use their services

      but if you're surfing in english then it's highly likely that Google Analytics is tracking pretty much every site you visit. And that allows them to monetise you to advertisers.

      So, assuming the original quote is a translation, what he said may well have been quite reasonable, you aren't using their services directly but their analytics service is certainly using you.

      1. James 139

        Re: You might not use their services

        Cookie and site blocking plugins can go some way to making your life less googley, google analytics is on my NoScript never allow list for example.

        But every so often, some new google site pops up, or you use gmail and forget to sign out.

        1. Crisp

          Re: Google Analytics / Google Ads

          There's a list of Google domains on Wikipedia. Copy and past to your hosts file and redirect to 127.0.0.1.

          Job done. You can now safely surf the internet without using Google.

          1. Anonymous Coward
            FAIL

            Re: Google Analytics / Google Ads

            Well, done, you just proven that you are out of touch with the rest of the real world.

            Feel free to keep hiding in the broom cupboard.

            1. phil dude
              Linux

              Re: Google Analytics / Google Ads

              I think we all agree we cannot avoid google, however the above approach combined with privoxy and noscript speeds up many sites!!

              Page loading time seems as much bandwidth as relative latency between sites, and then the time for the browser to render all that!!

              P.

    2. CJ 5

      Re: "It is almost impossible not to use Google services on the internet."

      Like the quote said, it's possible to use the internet without actively using Google services. However it's a lot harder to avoid all the websites that serve Google ads, which are also monitored with tracking cookies etc.

    3. Click King

      Re: "It is almost impossible not to use Google services on the internet."

      Well just to read this article you were already tracked by Google, in a range of ways, even.

      So they do have a point...

  2. Valeyard

    we respect your privacy police. honest. now go away.

    By June this year Google was ordered to comply with authorities in France within three months or face sanctions......

    It refused to comply, claiming that the law was not applicable to its online services.

    ... UK, Spain, Germany and Italy have also launched enforcement actions against Google ....

    .... it had received a response from Google and added that it was "deciding whether any further action is required".

    The company has previously said to El Reg .... its "privacy policy respects European law"

    respects how toothless it is, they mean

    1. Anonymous Coward
      Anonymous Coward

      Re: we respect your privacy police. honest. now go away.

      I expect they have their own interpretation of European law that's far too secret to tell us about.

      1. Luther Blissett

        Re: we respect your privacy police. honest. now go away.

        Oh. they have nothing like that - they wait for NSA to tell them (or not, as the case may be) what it is.

  3. DavCrav

    "By June this year Google was ordered to comply with authorities in France within three months or face sanctions, after the CNIL ruled that the US-headquartered multibillion-dollar advertising corporation had breached the country's Data Protection Act.

    It refused to comply, claiming that the law was not applicable to its online services."

    June, July, August, September, October, November. OK, it's definitely been three months. Where are the sanctions?

    1. Anonymous Coward
      Anonymous Coward

      Re: Where are the sanctions?

      I suspect that Google has just thrown a MASSIVE spanner into US attempts to ratify their use of EU data (mainly to overcome the fact that no US business is capable of holding data to EU standards because of US law).

      In other words, I think that there is now yet another argument to kill off the Safe Harbour excuse. I think that the US will now switch from lobbying to blackmail, that seems to be their normal MO. Expect trade sanctions on cheese and raw herring or something.

      So, to answer your original question: it will not just be Google who will be affected. I also expect the EU commission to go to town on them, and Google's attempts to state it's only subject to US law is not exactly going to help them. All those EU offices such as London and Zurich CAN be addressed, so if they really think they can sing this one out too than they really *are* doing a Microsoft. Which didn't end well, but took years.

      1. Anonymous Coward
        Anonymous Coward

        Re: Where are the sanctions?

        Note: Zürich is not an EU office. Zürich is not in the EU.

        1. Anonymous Coward
          Anonymous Coward

          Re: Where are the sanctions?

          Note: Zürich is not an EU office. Zürich is not in the EU.

          You're right, it's in Europe. What I meant to illustrate was two different jurisdictions where they have planted offices. If they really piss off the authorities (and they seem to be as bent on that as Ryanair is on insulting customers) this could have consequences right there. No doubt the usual blackmail will happen ("you will lose xxx jobs" and, in Google's case, "we know things about you you really shouldn't want to get public"), but just saying "We're US, you cannot touch us" is about as stupidly provocative as you can get. They will pay for that.

  4. Crady

    Nobody forces them to use Google!

    1. Anonymous Coward
      Anonymous Coward

      > Nobody forces them to use Google!

      Do you realise that just by reading this article you're being tracked by a Google advertising cookie?

      Did you also realise that by loading this *or any other* webpage whatsoever in Firefox, Chrome, or Safari, you are being tracked by Google via their "safebrowsing" API?

      Nobody "forces" you to use Google in the same way that nobody "forces" you to use the fine services of HMRC.

      1. DavCrav

        "Nobody "forces" you to use Google in the same way that nobody "forces" you to use the fine services of HMRC."

        You mean HMRC has a *fine* service as well? Damn, why didn't I get that one, instead of the one where they spent three years pretending that there was another person with the same national insurance number as I have, then turn around and just say "oh, our mistake: here, now that we've sat on your back taxes for three years, you can belatedly have your overpayment back"?

    2. EPurpl3

      Yes but if you use it you are not treated according to the law.

  5. ratfox

    Very interesting!

    "The consent, required by law, for the combining of personal data from different Google services cannot be obtained by accepting general (privacy) terms of service"

    I would be very interested in having a better idea on distinctions such as this one. Most EULA and T&Cs are accepted without reading any of the details whatsoever. On one hand, the responsibility technically is on the user to actually read and accept the terms before clicking on the button; on the other hand, you certainly could not add "and the user owes us a million pounds" to such a document and expect it to be held up in court.

    Unfortunately there is a world of gray between what is clearly fine and what is clearly not fine; I severely doubt that a law could be written which would make the distinction with any clarity. No wonder companies just write whatever they want and wait for the government to complain.

    Ultimately, my opinion remains that the only way to have proper privacy T&Cs is to have the government dictate them, and apply them to every company. Call it a Privacy Code, like the Tax Code. Considering how fuzzy the law is, you simply cannot expect the corporations to write T&Cs which make sense.

    1. Frumious Bandersnatch

      Re: Very interesting!

      On one hand, the responsibility technically is on the user to actually read and accept the terms before clicking on the button

      Is it really? I can see that if you're paying for something online, the agreement constitutes a sales contract, but I can't see how using a free service with a boilerplate list of terms and conditions legally binds you to a contract. As far as I know, these click-through EULAs have never been tested in court simply because nobody believes they have any legal basis in contract law.

      Of course, IANAL, so I stand to be corrected on this.

      1. Yet Another Commentard

        Re: Very interesting!

        It is difficult to agree to Google's T&Cs when you are blissfully unaware that its advertising cookies are busy pimping your data. Even the tech-savvy Reg-heads above seem to forget that even avoiding obvious Google sites Jonny Internet User still gets tracked and monetised by Google.

        The Dutch have a lever here - Google's tax schemes rely upon the use of a brass-plate company based in the Netherlands, a company that can't easily be switched to keep those lovely tax schemes in place. Register in the NL, you play by the NL rules no matter what you claim about the internet not being bound by such trifles.

      2. Anonymous Coward
        Anonymous Coward

        Re: Very interesting!

        You're right in that they haven't been tested, but submitting information counts as an action which signal consent, and therein lies the rub. You are giving something under conditions you have agreed to, despite (IMHO fairly deliberate) tl;dr.

        Your challenge is that to exert rights or to pull pack that data without a fight - a fight Google has far larger pockets for than you. That's why it is important to shove as many as possible of Google's misdeed into the criminal sphere because it would then become a state job to go after them - your tax money at work for a good cause. Personally I think this stuff should lead to jail time, because fines don't change Google's attitude one iota.

  6. Chris G

    It's a problem when corporations become so large that they can tell governments where to get off.

    So far Google is upsetting other governments than the US and is probably such a fine source of data for the likes of the NSA that they are in a strong position versus the ROTW at the moment; but as is almost certain, at some stage they will push it too for with the US gov' then hopefully they will get their come-uppance if they haven't already received something from Europe.

    The fines they have received for various things have been piffling and should more closely relate to the billions they make so that a fine is a real punishment rather than a token gesture from our courts.

    Certainly a combined overhaul of European law to encompass illegal activities by non-European companies would be a start, we should be doing more to ensure the sanctity of Europeans 'National Security' and make use of the combined economic and political weight of Europe.

This topic is closed for new posts.

Other stories you might like