EU Authorities To Demand Reversal of Google Privacy Policy 177
judgecorp writes "Google's privacy mechanism, which combines personal data from around 60 products, and gives users only one opportunity to opt out, was rolled out in March against requests from privacy regulators in Europe. Now they want the policy reversed, and user data from the different Google products, including Gmail, Search and YouTube, to be separated. The EU attack is lead by French regulator CNIL, which has historically taken a tough line on privacy matters."
Not an issue for me (Score:5, Interesting)
Really, I don't see this as an issue if you're volunteering your personal info to Google anyway. I'm more worried by the tracking that Google does even if you're not logged in, say, via its ad and recaptcha services.
And I want a pony... (Score:5, Interesting)
Re:Seriously? (Score:2, Interesting)
My issue is that google is forcing me to broadcast my private stuff to strangers.
Google's issue is that people leave embarassingly shitty comments on videos.
The obvious solution is just to turn off all personalization and feedback. However, Google -- stupidly -- is trying to build their own social network to rival Facebook. Their strategy is stupid, because for years they've triumphed by being better and less evil than the other guy. My approach was just to boycott other google products in favor of youtube. Unfortunately, there is no alternative to it. However, I use it rarely. In exchange for my rare preference for funny vids, Google lost some important social contacts and private emails that have gone to Facebook. Real smart move on their part, huh? Well, maybe it was -- until a youtube killer comes out, Google is number one there. However, their business model has changed for the worse. It's only a matter of time until someone less evil than Google arises, and then Google is toast.
Re:We could OPT OUT? (Score:5, Interesting)
What does opting out of a privacy policy mean? "I refuse to be bound by this policy, so there is no policy and you can do whatever you want with my data"? "I refuse to be bound by this one policy, I prefer a different policy on every google service I use"? And do you expect google (or anyone) to maintain code to implement every privacy policy they've ever had? How would that work?
Opting out of a privacy policy means not using the service. Wanting to use the service but refusing the privacy policy is much like wanting to eat at a restaurant but not wanting to pay your bill.
Re:And I want a pony... (Score:2, Interesting)
And what defines "separate"? Facebook has a single privacy policy for your profile, photos, videos, blog posts, etc.
All the EU is really doing is politically motivated posturing: they don't like Google because the big European corporations their member governments are in bed with haven't figured out how to compete with Google.
Re:And I want a pony... (Score:3, Interesting)
Unlike Americans, Europeans are more worried about corporations spying on them than their governments.
As it turns out, any information you give to a corporation ends up at the government.
Re:And I want a pony... (Score:4, Interesting)
There are pros and cons to either approach. Anyone telling you one is universally better than the other is selling you something. Stripped of any nefarious advertising and creepy privacy invasion overtones, the default condition would be for Google to consolidate them into one policy simply to reduce bureaucracy and paperwork. So I think the onus should be on those advocating separate policies to justify why the benefits of having them separate outweigh the drawbacks.
Re:And I want a pony... (Score:4, Interesting)
Actually, there are no European companies trying to compete with Google and failing. There are no European companies even trying. (I think, the last one was Telefónica, which bought Lycos years ago, but put it to rest in 2008). So which are those imaginary corporations you are talking about?
Re:Seriously? (Score:2, Interesting)
Easy. They are forcing you to choose between all your comments being around forever, or keeping quiet forever.
See, if one day you make a comment in real life to a friend, they probably won't remember next year what you said, and even so, nobody else is likely to even know what you said that day.
But Google spies on you all the time, and if you make a comment to a friend within range of a Google service, they will remember what you said in 10 years, and they will tell what you said to everybody who wants to snoop on you, for the rest of your life.
So your choice is: comment while being very careful what you say, or keep quiet. Better not use the internet while drunk, either.
Re:Google 'safe browsing' cookie (Score:5, Interesting)
Dude, take off the foil hat. I work at the big G (not on anti phishing) and all these concerns have been discussed publicly before. There is a cookie for anti-DoS purposes. Google has the ability to sink large amounts of HTTP traffic using smart load balancers which can handle way more requests than the backends they balance on to. During a DoS attack legitimate cookies that have been observed behaving in a non-abusive manner for a long time can be serviced whilst excluding requests that come in with no cookie or a freshly minted cookie. And let's face it - the anti-phishing system is designed to frustrate criminals, the kind of people who wouldn't hesitate to use DDoS attacks against a blacklisting service.
The list is updated frequently because phishing sites appear and disappear very fast.
If there was no partial server-side matching you could defeat the blocklist by simply using random filenames or ?q=abc suffixes on the phishing page (eg every spam you send with a phishing link could have a unique URL). Then a list of even a million URLs would be insufficient. By having partial/prefix matches that trigger a server side lookup more advanced logic can be used that doesn't require protocol changes to every client, in extreme cases you could even imagine hand crafted code that understands how to spot patterns in particularly tricky campaigns.
CAPTCHA: explains