back to article Browser minnow Brave nips at Google with GDPR complaint

Browser-flinger Brave's chief privacy and industrial relations officer, Dr Johnny Ryan, has has complained to the Data Protection Commission of Ireland, with copies to other European data protection commissions, to complain of claimed breaches of the EU's General Data Protection Regulation (GDPR) by Google. A complaint on …

  1. Imhotep

    Google: Do No Evil

    Mr Ryan has a point. The policies are hopelessly vague and meaningless, and would appear to allow essentially anything.

    Question: In the US, Google has obtained user's healthcare data without asking for or obtaining the user's consent.

    What, if any, Google policy covers the use of that data? Will Europe's GDPR allow Google to obtain that kind of data in those countries?

    1. KroSha

      Re: Google: Do No Evil

      Vague, meaningless and incomprehensible to the average man, let alone the average user.

      1. chivo243 Silver badge
        Coat

        Re: Google: Do No Evil

        you forgot the lowest form of life... law talkin' peeps. I doubt they understand either, but just use the buzz words like teenagers trying to fit in...

    2. big_D

      Re: Google: Do No Evil

      GDPR would mean that Google couldn't get the data in the first place, without the user's consent and explicitly defining what it will be used for and for how long they will keep it (the law says the minimum amount of time required to carry out the tasks defined in the privacy policy).

    3. Mike 137 Silver badge

      Re: Google: Do No Evil

      This actually seems to be the norm, even for (relatively) small companies. We're conducting research into privacy notice standards, and so far the results are extremely depressing.

      Practically speaking, it's impossible for a data subject to raise an objection based on the information in a typical "privacy policy" and a high percentage require the data subject to "agree" to them, thereby superimposing an unlawful version of "consent" on top of all other lawful bases fro processing declared. However, at least in the UK, the regulator doesn't seem particularly concerned. Indeed, when last examined the ICO specimen privacy notice for small businesses itself had some of the faults we've identified.

      Two key points seem to have been missed by all and sundry:

      [1] the GDPR is not data law - it's human rights law

      [2] a privacy notice is not a contract with the data subject - it's a statutory unilateral and binding undertaking by the data controller to the data subject

      1. Bla-bla-bla

        Re: Google: Do No Evil

        You mentioned an ICO specimen privacy notice. I can't seem to find that on their website - did you have a link? Thanks

  2. Rich 2 Silver badge

    I Hate the lot of ‘em

    “These repeated allegations from a commercial competitor don't stand up to serious scrutiny."

    I think you’ll find the allegations stand up to any kind is scrutiny. Googlies is and has been taking the piss for many years. Just why the EU didn’t slap a massive GDPR penalty on them as soon as GDPR became law is unfathamable. Same goes for faecesbook (obvs).

    And, as a side note, Googlies always answer these “allegations” (aka facts) by pointing out that users can change the settings in their accounts. But this does absolutely nothing to address the issue of them stalking people who do not have and have no wish to have any kind of account with them.

    1. Hubert Cumberdale Silver badge

      Re: I Hate the lot of ‘em

      Yup. I've finally come to the conclusion I'm mad as hell and I'm not gonna take it any more. I've moved my business and personal email to Tutanota (much as it pains me, because GMail is actually more usable as it stands, though I'm hoping threaded conversations will come to Tutanota some day), I've stripped Google Analytics from my website (I decided it was hypocritical to block it myself while subjecting others to it), and I'm now looking for a usable, transparent, and effective replacement for reCAPTCHA v3 for my contact form (damn them for making it so good) - suggestions welcome.

  3. mevets

    20M users per day adjust their privacy

    That is an impressive number! Almost 0.7% of the user base [ internetworlstats.com ].

    Is google tracking peoples changes to their privacy settings? What are they doing with that data?

    1. Pascal Monett Silver badge

      Re: 20M users per day adjust their privacy

      Absolutely. Claiming that millions are checking their permissions means diddly-squat when your user base is measured in billions.

      Besides, if you pre-empted GDPR and configured yourself to actually respect privacy first, then nobody would need to check their permissions because you would be waiting on them to grant you permission to their data.

      If that ever happens, I'll bet my shirt that Google will be using popups and popunders to get people to give them permission to use their data.

      But, since it'll never happen, I'll just keep on dreaming.

    2. doublelayer Silver badge

      Re: 20M users per day adjust their privacy

      I'm willing to bet that a lot of those people aren't there because they want to review or change their security settings. With a number that high, I'm guessing it's people working with two-factor authentication, either trying to add a device, delete an old one, or turn the feature on or off. Of course, Google doesn't realize that, if the settings don't really let you do much, it doesn't help people to have them available.

  4. Anonymous Coward
    Anonymous Coward

    "Brave' is really Brave

    to take on the 10,000,000,000 tonne elephant that is Google.

    I'm rooting for them as Google really needs taking down a whoe lot of pegs.

    They know far too much about all of us already.

    1. SW10
      Devil

      Re: "Brave' is really Brave

      Hi AC,

      Gary from Google here. Glad you posted from Chrome. Just a gentle reminder that we know where you live. And it would be a shame if something happened to that nice new bike you bought. Oh, and the kids’ Android phones show their route to school as well, which is all part of the value of our offering I’ll think you’ll agree.

      Anyway, just wanted to ask you to dial down the cynicism and negativity a little - not what the world needs right now, eh?

      Sure we understand each other. Mind how you go.

  5. big_D

    Wrong instance?

    Why is he sending to the cartel office? Surely GDPR complaints should be passed directly to the relevant Data Protection Commissioners?

  6. Greybearded old scrote Silver badge
    Big Brother

    Obligatory Verity Stob reference

    Google sent Ryan an email stating: "We do not agree with your assertions regarding the alleged inadequacy of the Google privacy policy and Google privacy practices generally, and reserve our position accordingly."

    I'm reminded of the great prophet M'andee-rice Davies.

  7. Anonymous Coward
    Anonymous Coward

    Dont quote unnamed spokes people

    Dear Register please set an example and refuse to use a quote unless the person is willing to allow their name to be used.

    That way the spokes person is less likely to lie and more likely to say something interesting. Also unless they are a subject matter expert insist on the name of the person that provided them the answer and their credentials

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like