EU Authorities To Demand Reversal of Google Privacy Policy

judgecorp writes "Google's privacy mechanism, which combines personal data from around 60 products, and gives users only one opportunity to opt out, was rolled out in March against requests from privacy regulators in Europe. Now they want the policy reversed, and user data from the different Google products, including Gmail, Search and YouTube, to be separated. The EU attack is lead by French regulator CNIL, which has historically taken a tough line on privacy matters."

French fight for our freedom?

[Anonymous Coward]

The French may save us yet.

"Are you a criminal?"

[aliquis]

"Yeah, so what if YouTube let you register with a user name before we bought it. We see you don't use a real name. WTF is up with that? Are you a criminal?

[x] My name is ___________________________
[ ] I'm a criminal."

Re:

[Anonymous Coward]

Kudos to the privacy watchdog.

Don't use google. Don't use facebook. Don't buy apple. This will take you and us all a long way.

Re:

[Kergan]

I can see the privacy raminifications of using Google or Facebook. But Apple? Seriously [apple.com]?

Re:

[Chrisq]

Don't buy anything what is made in foreign country.....

Oh wait....

The guy living in a shed in a potato patch [wikipedia.org] just shouted "don't buy anything!"

Re:French fight for our freedom?

[davester666]

No. The French may save French users of Google. Perhaps even for the rest of the EU. But DEFINITELY not for anywhere else.

Google will definitely [if they are forced to keep this information separate for some locations] recode their products to keep it separate for people in those locations and combined everywhere else.

Re:

[Anonymous Coward]

Keep in mind there is no strong IT industry in France, but many people dislike Google strongly here because they don't like the way new technology (which they see as "Google") forces them to adapt.

Make no mistake, the CNIL happily accepted the Hadopi law (three strikes and you're disconnected). It is NOT fighting for anybody's freedom. It's probably acting on someone's behalf, that someone being a group of interest which lobbied hard enough. (Yes, I'm writing this on an AZERTY keyboard).

Re:

[N1AK]

The French may save us yet.

I'd love to see Google remove login ability from all Google products in France and see how long it takes for them to change their mind. I like the integration between Google services, if I was worried about how they were using the data I provide then I'd still be worried if it was silo'd into the different divisions. I still can't for the life of me understand how Google gets so much hassle for this when 'platforms' like Windows Live, iOS, Facebook etc collect at least as wide if

Re:

[RaceProUK]

I'd love to see Google remove login ability from all Google products in France

As a result of which the EU would swing it's full might right at Google's wedding tackle.

Re:

[RaceProUK]

Is that what I said? Or did I actually say the EU would go after Google for shafting millions of users in some pathetic hissy fit?

Re:

[GargamelSpaceman]

Google can choose not to do business in France. But then France could ( or at least should ) nullify any patents Google owns in France. Anyone who wants to screw Google over IP-wise can just do it in France. The French would soon have their own Google. ( Baidu anyone? ) The legal infrastructure to do this may not exist in France, but countries can easily develop the legal infrastructure to do war on corporations that make war on them as it becomes necessary.

Re:

[geekoid]

"nullify any patents Google owns in France. "
just becasue you don't do business somewhere, doesn't mean the get to violate treaty.

Re:

[GargamelSpaceman]

Leave treaty.

Re:

[Kalriath]

A unilateral violation of the Berne Convention, UCC, TRIPS, and a swathe of other treaties? That sounds like a brilliant idea that would have absolutely no consequences at all!

Re:

[GargamelSpaceman]

Maybe it would have desirable consequences. Just start violating the treaty and say why, and say that they want it renegotiated to allow for the sort of thing they are doing, or they'll just keep doing it anyway. If anyone values the treaty enough to renegotiate, then it might continue to be a treaty, otherwise it becomes defunct.

Re:

[Kalriath]

No, because the consequence would be that the rest of the planet would no longer honour France's intellectual property regime. It has happened before.

There would be no desirable consequences from such an action for anyone.

And it's not one treaty, it's more than seven treaties.

Re:

[GargamelSpaceman]

I fail to see the downside.

Re:

[Kalriath]

And that's why it's a good thing that you have exactly zero authority whatsoever.

Re:

[GargamelSpaceman]

Look the Berne Convention dispite sounding like some kind of intergalactic treaty from the Whovian Universe, no wait, that's the Shadow Proclaimation, has to do mainly with protecting copyrights abroad. I doubt France produces more things demanded abroad than it consumes. Therefore, it would seem, the arrangement is a net negative to France.

Re:

[Meski]

Now go away, before we taunt you a second time!

Is it EU authorities, or the french?

Re:French fight for our freedom?

[e70838]

I live in France, and I work into the IT field. I have the complete opposite feeling than the post above. The CNIL has always demonstrated a very deep understanding of technology. Even if it is a state agency, it has provided very sound analysis and opinions on the recent laws (HADOPI, ...) that were demonstrating the stupidity of the proposed laws. The laws were adopted almost unchanged and all the analysis of the CNIL have been proven to be true.

The CNIL is not very powerful and can not go beyond its scope, but I have never been deceived by anything it has produced.

The main root of the CNIL is the history of France during the 2nd world war where some files were used against jews.

Re:

[KDR_11k]

OR, a French general leads non-French troops.

The foreign legion still exists.

Curse, evil government regulation!

[Anonymous Coward]

This will surely deter the far better free market solution from being developed.

Whatever it might be. My Capitalist gods haven't told me yet.

Re:

[Baloroth]

This will surely deter the far better free market solution from being developed.

Whatever it might be. My Capitalist gods haven't told me yet.

In this case? Not using Google (does that make me a capitalist god?). Try DuckDuckGo, or Bing (if you want to cut out the middle-man and get some extra tracking in). Mapquest still exists, Vimeo for videos... yeah, if you think there aren't plenty of alternatives for Google, you're pretty ignorant. Google even lets you export your data [dataliberation.org] to use with them.

Now, whether you want to actually use those alternatives, well, that is entirely for you to decide.

We could OPT OUT?

[Anonymous Coward]

What do you mean we had an opportunity to opt out?? It was take it or leave it scenario. Lose your data, change your email, disrupt your life or let us assemble your data.

I switched to DuckDuckGo for search. I did not like adverts for the things I'd been searching for, being presented to me and my family. I've tried to block Google tracking too.

I don't like that I receive an email on [obscure thing] and see adverts for [obscure thing], and I hate the fact that some spotty faced oik in Google can pull up my

Google 'safe browsing' cookie

[Anonymous Coward]

There's one other source of tracking. Firefox has a 'block reported phishing sites'. The way it works is they download a block of partial (32bit) hash keys, WITH A TRACKING COOKIE, each Firefox user gets their own cookie. If a site is in the set of 32bit keys, Firefox asks if the 256 bit hash matches a phishing site to determine if the site actually is a phishing site, or just a hash collision.

In this way, Google can track any website simply by adding its partial key to the list and Firefox will dutifully r

Re:Google 'safe browsing' cookie

[Anonymous Coward]

Why does this need a session cookie? why does it need to update the list so incredibly frequently? Why send only partial keys?

Dude, take off the foil hat. I work at the big G (not on anti phishing) and all these concerns have been discussed publicly before. There is a cookie for anti-DoS purposes. Google has the ability to sink large amounts of HTTP traffic using smart load balancers which can handle way more requests than the backends they balance on to. During a DoS attack legitimate cookies that have been observed behaving in a non-abusive manner for a long time can be serviced whilst excluding requests that come in with no cookie or a freshly minted cookie. And let's face it - the anti-phishing system is designed to frustrate criminals, the kind of people who wouldn't hesitate to use DDoS attacks against a blacklisting service.

The list is updated frequently because phishing sites appear and disappear very fast.

If there was no partial server-side matching you could defeat the blocklist by simply using random filenames or ?q=abc suffixes on the phishing page (eg every spam you send with a phishing link could have a unique URL). Then a list of even a million URLs would be insufficient. By having partial/prefix matches that trigger a server side lookup more advanced logic can be used that doesn't require protocol changes to every client, in extreme cases you could even imagine hand crafted code that understands how to spot patterns in particularly tricky campaigns.

CAPTCHA: explains

Re:We could OPT OUT?

[kqs]

What does opting out of a privacy policy mean? "I refuse to be bound by this policy, so there is no policy and you can do whatever you want with my data"? "I refuse to be bound by this one policy, I prefer a different policy on every google service I use"? And do you expect google (or anyone) to maintain code to implement every privacy policy they've ever had? How would that work?

Opting out of a privacy policy means not using the service. Wanting to use the service but refusing the privacy policy is much like wanting to eat at a restaurant but not wanting to pay your bill.

Re:

[Anonymous Coward]

I eat at a restaurant, they change the prices on me after I've ordered. I then refuse to pay the newly inflated bill,
I insist on paying the old bill, the bill as was agreed when I gave you may order.

It's a bad metaphor because I agreed on ongoing supply of food at an agreed price. Google receives my money (or data or eyeballs), yet wants to inflate this.

I can only take snapshots of my data back, I can't update everyone who thinks my email is bob@gmail.com, I can't update everyone who thinks my video is 'bob

Where is the future commitment you refer to?

[DragonWriter]

It's a bad metaphor because I agreed on ongoing supply of food at an agreed price.

No, that new metaphor you are offering is the bad metaphor, unless Google made some commitment not only as to the current terms, but explicitly limiting future changes to the terms for current users.

So I expect them to deliver the service they agreed at the price they agreed it.

They did. You seem to want to pretend that they agreed to prospective future terms that they never, in fact, agreed to.

Re:We could OPT OUT?

[psiclops]

say you were paying a certain amount of money to live in an apartment. now imagine each year the landlord wants to raise the the rent. suddenly the initial ratio of cost to benefit has eroded, yet moving out is not a trivial decision.

oh wait. that's kind of the standard rental situation.

Re:

[ohnocitizen]

There is a sharp difference between paying with currency, and paying with one's right to privacy. The fact that I got modded down (and you got modded up for confusing the issue) is lamentable. If we had landlords who offered free housing in exchange for spying on their tenants, there would be an uproar. In fact, that has happened: Florida [cbslocal.com], Massachusetts [milforddailynews.com].

Re:

[CycleMan]

If we had landlords who offered free housing in exchange for spying on their tenants, there would be an uproar. In fact, that has happened: Florida [cbslocal.com], Massachusetts [milforddailynews.com].

Except that if you read TFA that you cite, there was no such exchange. Landlords spied on paying tenants without telling them there would be spying involved. If they had a written contract saying "You will live here for free, and I will have cameras recording you and anyone else in the building for my own purposes," it would be a different story entirely.

Re:

[ohnocitizen]

Not entirely different. Again, there is a big difference between using currency and privacy to pay for housing.

Re:

[CycleMan]

They are different forms of payment, but you can contract to give up either in exchange for something you want. In the two news articles, the issue was the customer expected they were renting private living space by paying with currency; no disclosure was made that their privacy might not be respected. I would think the average person would prefer to maintain their privacy, but some folks might prefer to give up privacy for currency-free housing; they already give up privacy for currency-free email, socia

Re:

[foniksonik]

Moving out is a trivial decision though.

Just pack up and go. Tell your closest friends and family you've moved and where you've moved to. Set up an auto responder for the old address for a month or so that simply says "I've moved to [new address]". You can close the account or not (they dont care). Go update accounts that use the old email address. If you miss one it probably wasn't that important and you can check the old account occasionally.

It's not brain surgery.

Re:

[geekoid]

If the landlord were google, he would also pack up your belongings to help you move.

Just saying.

Re:

[bickerdyke]

What do you mean we had an opportunity to opt out?? It was take it or leave it scenario. Lose your data, change your email, disrupt your life or let us assemble your data.

I doubt you'd actually have lost any of your data. Google services usually offer a way to export it for backup purposes - or if you indeed plan to switch. They even have a special team to organize that. www.dataliberation.org (well... they may not exactly LOOK like an engineering team...)

I switched to DuckDuckGo for search

isn't that a google search query in disguise?

Not an issue for me

[aNonnyMouseCowered]

Really, I don't see this as an issue if you're volunteering your personal info to Google anyway. I'm more worried by the tracking that Google does even if you're not logged in, say, via its ad and recaptcha services.

Re:

[tooyoung]

Totally, same thing with Facebook.

Re:

[grahamm]

The problem is that if you're watching Justin Bieber clips in YouTube, you will get JB ads when you open your GMail even if your emails have nothing to do with it. Some people don't like the idea of cross-service advertisement.

Or if your YouTube username was 'Beiberfan' and the new policy forces it to change to your real name, but you would rather your friends not know that it was you who wrote some of the comments to the Bieber clips.

And I want a pony...

[O('_')O_Bush]

Really though, unlike with Intel or Microsoft, I've never felt like I have been wronged by Google, which is probably why my knee jerk reaction is that this is just another extortion racket and an organization hired to cause a stir.

Re:And I want a pony...

[TubeSteak]

which is probably why my knee jerk reaction is that this is just another extortion racket and an organization hired to cause a stir.

CNIL (Commission nationale de l'informatique et des libertés) translates to 'National commission on informatics and liberties'

Unlike America, European regulators take their privacy seriously.
They are mostly independant and don't have to bow down to political pressure.
You seem to be confusing "not captured by corporate interests" with "just another extortion racket."

Re:And I want a pony...

[Anonymous Coward]

Unlike Americans, Europeans are more worried about corporations spying on them than their governments.

Re:

[Anonymous Coward]

Unlike Americans, Europeans are more worried about corporations spying on them than their governments.

As it turns out, any information you give to a corporation ends up at the government.

Re:

[Chrisq]

Unlike Americans, Europeans are more worried about corporations spying on them than their governments.

As it turns out, any information you give to a corporation ends up at the government.

And with all the "outsourcing" vica versa

Re:And I want a pony...

[Sique]

Unlike Americans, Europeans are worried about both corporations and the government spying on them. In Germany, Data Rendition laws are suspended for now, and in Austria, they didn't pass the parliament for now.

Re:

[IamTheRealMike]

That's great but it didn't stop the EU rolling over and handing all financial data for the whole world to the Americans, did it? Search for: TFTP. And it didn't stop the EU rolling over and going along with insane flyer ID manifest requirements for the USA either.

I'm a citizen of the EU and the biggest threat to peoples privacy is government, period. You could say I'm biased by my employer (Google), but to me CNIL seems way out of line and ridiculously out of touch with technology. I didn't get to vote on w

Re:

[geekoid]

" biggest threat to peoples privacy is government, period. "
no.
biggest threat to peoples privacy is large organizations with power. This can be Church, Government, Corporate entities.

"Why can't I get new government identities as easily as I can get new Google accounts? "
Seriously? Think about that for a bit. Hint: While you think about that, I could create dozens of IDs.

" Why can't I ensure all the data EU governments have on me (all of them) is deleted by pressing a button?"
Because records of what

Re:

[war4peace]

My ass is butt-ugly (pun intended). If that floats your boat, just look for whatever's already freely available. Facebook is probably filled to the rim with such things. i can't compete professionals :)

Re:

[MrDoh!]

Which is fair, but how will splitting the privacy policies back into various areas HELP privacy? Doesn't putting them all in one place for Google products make it easier? And even if split, do they not get how Google tracks everything anyway? Very strange way to help people I'd think.

Re:And I want a pony...

[tlhIngan]

Which is fair, but how will splitting the privacy policies back into various areas HELP privacy? Doesn't putting them all in one place for Google products make it easier? And even if split, do they not get how Google tracks everything anyway? Very strange way to help people I'd think.

Well, before, Google had a different privacy policy for every product. This resulted in your YouTube browsing habits not being able to be shared with your GMail history, Google homepage not being able to search your e-mail or possibly throwing up your email search results when you search, etc.

By unifying the privacy policy, Google made it easier to combine the data about you from many silos into one. Perhaps you were doing some Google searches about say, gay marriage. Now your YouTube ads for that next cat video can suggest gay marriage pastors. Or election ads about gay marriage.

Or perhaps you're trying to keep your online activities separate. Perhaps you enjoy downloading the latest music and movies, but keep that separated somehow from your other activities. Perhaps using another browser. Or perhaps another computer. Problem is, you use Google on both, and eventually Google links both your nefarious pirate ways with your real life ways, so the MPAA and RIAA can now positively identify you through Google. (Ask Jammie Thomas).

All the EU is doing is basically telling Google to put the data back in their individual silos and stop mising and churning it. Of course, law enforcement and IP lovers will be a lot less happy if they can't get at your user profile and prove that you are the person being accused through Google's profiling of your activities (the links are more tenuous when data is isolated. When they're combined, they're very powerful).

Of course, this also allows Google to aid in finding people who do bad things - they can link the searches to the youtube videos to the G+ postings and all that. Perhaps even to their facebook account and get a name/location/etc.

Oh yeah, trust me, it's not just advertisers/insurance people interested in your habits. And heck,one silo also means that false information can be rapidly corrected (yay!), alongside with notes on the false information in case you used it elsewhere, providing more linking data.

Re:

[Anonymous Coward]

So what you're saying is:

"if you do SOME illegal things, and mostly non-illegal things, then privacy is a good thing"

Personally, if I want to do something illegal, I lobby to raise awareness of the cause, attempt to get support from the majority of voters + counsel / whatever body of government has jurisdiction over the topic, then if I turn out to be in the minority that feels something SHOULD be legal, I do this crazy thing that nobody else in the world seems to understand:

I yield to the democratic

Re:

[Anonymous Coward]

I absolutely agree. It should also be noted that civic duty goes beyond simple compliance; sometimes it is one's duty as a citizen to disobey the law. Not only are we obliged as individuals to oppose legal evils and the illegality of goods, but we are also so obliged as citizens.

The grandparent poster's glib attitude towards legal conformism is a recipe for social stagnation and the worst excesses of what Aristotle accurately diagnosed as the democratic perversion of the common good: the majority may enslav

Re:

[kenorland]

All the EU is doing is basically telling Google to put the data back in their individual silos and stop mising and churning it

And what defines "separate"? Facebook has a single privacy policy for your profile, photos, videos, blog posts, etc.

All the EU is really doing is politically motivated posturing: they don't like Google because the big European corporations their member governments are in bed with haven't figured out how to compete with Google.

Re:And I want a pony...

[Sique]

Actually, there are no European companies trying to compete with Google and failing. There are no European companies even trying. (I think, the last one was Telefónica, which bought Lycos years ago, but put it to rest in 2008). So which are those imaginary corporations you are talking about?

Re:

[Savage-Rabbit]

All the EU is really doing is politically motivated posturing: they don't like Google because the big European corporations their member governments are in bed with haven't figured out how to compete with Google.

Actually, there are no European companies trying to compete with Google and failing. There are no European companies even trying. (I think, the last one was Telefónica, which bought Lycos years ago, but put it to rest in 2008). So which are those imaginary corporations you are talking about?

Stop ruining our anti-american conspiracy hysteria with 'facts'...

Re:And I want a pony...

[Solandri]

That's one benefit Google got from combining the privacy policies - obviously the one which makes Google look worst so it's the reason most commonly trotted out. The flip side is by having each service have its own privacy policy, users had to keep track of each separate privacy policy (and Google's employees working on multiple products were uncertain of what they could and couldn't do with the data). Subtle differences between policies got lost amidst the similarities. Consolidating everything into a single unified "Google policy" made it easier for users to know what they were getting and for Google to know what it could do.

There are pros and cons to either approach. Anyone telling you one is universally better than the other is selling you something. Stripped of any nefarious advertising and creepy privacy invasion overtones, the default condition would be for Google to consolidate them into one policy simply to reduce bureaucracy and paperwork. So I think the onus should be on those advocating separate policies to justify why the benefits of having them separate outweigh the drawbacks.

Re:

[SnowZero]

Google Now [google.com] is an example of a product that could not exist without data sharing. The premise is that it cross references data to make timely suggestions, such as letting you know when you should leave for the airport if you have a flight, and if your flight is on time. It can do this even though you never explicitly told it you have a flight or made a calendar entry.

Re:And I want a pony...

[AmiMoJo]

Why does having a common privacy policy necessitate sharing data between services? They can have a single policy that says they won't share data with other Google services.

Because the services would suck

[brunes69]

I WANT Google sharing data between services, because that is what makes using all the products under the Google umbrella a unified experience. I LIKE that my Google+ and GMail and Drive and Calendar and Picasa YouTube accounts are all linked and I don't have to manually cross-post things all the time.

If you don't like it, then don't use Google's services. I don't see what business the EU has in this, it is not like there are not plenty of free alternatives to all of Google's services.

Re:

[tlhIngan]

(and Google's employees working on multiple products were uncertain of what they could and couldn't do with the data)

The answer to that is obvious - do nothing. If you don't know if you can take YouTube viewing data and use it to influence search results, then simply don't. That puts the data from YouTube in a different silo than the search data. Failure to do so means one privacy policy is breached which people will call out Google on and lower their trustworthiness. Which is fine - Google's got a lot of g

Re:

[MrDoh!]

Ah, so it's the cross-sharing that was new? I always thought they were doing that anywhere, you just had to agree/turn it off in various places and the big merge was to do it in one location.

Re:

[geekoid]

I'll let you in on a clue.

The same applies to American regulators. /. is full of people with a bias and no real experience in that area.

Re:

[Sique]

So which corporations are you talking about? Name one big European search engine or video portal!

Re:

[kenorland]

So which corporations are you talking about?

Axel Springer, Bertelsmann, Burda, the various public broadcasting corporations, etc.

Name one big European search engine or video portal!

What gives you the idiotic idea that I was talking about "search engines or video portals"? The companies lobbying against Google are the old failing media empires of Europe: they publish newspapers, books, radio, and TV. European corporate interests don't even try to compete, they just want government protection to continue to

Re:

[xaxa]

Unlike America, European regulators take their privacy seriously.

No, they don't. European regulators like to cause trouble to US companies, while European governments and many European companies get a free pass.

No, they don't -- but I doubt the stories hit the US news.

http://positivepulse.co.uk/482/482/ [positivepulse.co.uk] (NHS, presumably, i.e. British government)
http://www.yourlocalguardian.co.uk/news/local/kingstonnews/9687652.Kingston_Council_faces_privacy_breach_claim/ [yourlocalguardian.co.uk] (Local government near London)
http://www.belfasttelegraph.co.uk/news/local-national/uk/probe-into-airline-privacy-breach-16141298.html [belfasttelegraph.co.uk] (British airline)

Of course, as with many local European issues, it's more difficult for me to find stories from other countries as they're usually in another language.
Here's some kind of summary from Ireland: http://www.algoodbody.ie/knowledge.jsp?i=1846 [algoodbody.ie]
And here's one from Germany http://www.dw.de/deutsche-telekom-suspected-of-privacy-breaches/a-3357090-1 [www.dw.de] (German telecoms)

Re:

[kenorland]

You have a problem with elementary reasoning if you think that you can disprove the statement "while European governments and many European companies get a free pass" with a few counterexamples.

It's just a fact that European governments engage in massive and nearly legally unrestricted spying on their citizens. European governments collect, and in many cases even sell, private data on their citizens to corporate entities, and give it away to foreign nations. Many large European corporations, in particular

Re:And I want a pony...

[Paradise Pete]

I've never felt like I have been wronged by Google

Right now Google's not hurting, so they can be more selective in what thy do with that data. But when times get tough, and they probably will, Google will resort to all sorts of tricks to keep that cash cow mooing.

Re:

[Solandri]

And every man has a penis so they could potentially rape a woman. Every screwdriver could potentially be used to break into a house. Every Internet connection could potentially be used to download copyrighted material.

An argument that someone has to be pre-prohibited from potentially doing something bad has to have more to it than an unsubstantiated assertion that "Google will resort to all sorts of tricks." Otherwise you can ban just about anything under the premise of protecting the greater good. It

Re:

[geekoid]

You were talking about how they wuold use a thing against you. The posters example was valid, but in ,low taste.

Re:

[swillden]

I've never felt like I have been wronged by Google

Right now Google's not hurting, so they can be more selective in what thy do with that data. But when times get tough, and they probably will, Google will resort to all sorts of tricks to keep that cash cow mooing.

Why do you think that? Please keep in mind that due to the structure of the stock voting rights, the shareholders have zero power to force Larry Page, Sergey Brin and Eric Schmidt to do anything, and given that the terms laid out in Google's IPO make clear that Google will sacrifice short-term profits for long-term profits and will focus on treating users well even at the expense of profitability, there's no way to pressure them via the SEC or courts, either, since shareholders already bought into all that

Seriously?

[ras]

All these web sites are owned by the same people. Are the EU saying a company can't mine the data the EU says it is allowed to collect? How on earth do you even police that?

Besides, it's a non-issue, as it is under the users control anyway. If you don't want Google tying the data together use different use names on each site. It is not like it is rocket science.

Re:

[Anonymous Coward]

My issue is that google is forcing me to broadcast my private stuff to strangers.
Google's issue is that people leave embarassingly shitty comments on videos.

The obvious solution is just to turn off all personalization and feedback. However, Google -- stupidly -- is trying to build their own social network to rival Facebook. Their strategy is stupid, because for years they've triumphed by being better and less evil than the other guy. My approach was just to boycott other google products in favor of youtube.

Re:Seriously?

[kqs]

The obvious solution is just to turn off all personalization and feedback.

Indeed. Much like some people commit fraud on the stock market. The obvious solution is to turn off the stock market. Brilliant!

I'm not sure how google is forcing you to broadcast private stuff; I don't think they're forcing you to comment, are they? If you comment, and you know that the comment will be tagged with your real name, then there is no force, you just make a choice.

Re:

[martin-boundary]

I'm not sure how google is forcing you to broadcast private stuff; I don't think they're forcing you to comment, are they? If you comment, and you know that the comment will be tagged with your real name, then there is no force, you just make a choice.

Easy. They are forcing you to choose between all your comments being around forever, or keeping quiet forever.

See, if one day you make a comment in real life to a friend, they probably won't remember next year what you said, and even so, nobody els

Re:Seriously?

[Zemran]

"use different use names on each site."

and do not forget to use different computers for each site as well because they track your use and know if you are using a different name on each site. So you need one computer for Google, one for Gmail, one for Youtube, etc.

It is a big issue to a European that assumes a right of privacy but of course to an American who is only used to that right in name alone, this is not an issue. In Europe the data remains mine. I own it. They can use it only as I allow them to use my data.

Re:

[swillden]

and do not forget to use different computers for each site as well because they track your use and know if you are using a different name on each site. So you need one computer for Google, one for Gmail, one for Youtube, etc.

Alternatively, don't log in (which means don't use Gmail, at least not via the web UI), and use the "keep my opt outs" add-on which Google provides so that Google is kept aware that you don't want to be tracked. Unless you're looking for a way to justify to your wife that you really have to have a dozen computers.

Don't use Google then

[brunes69]

Opt out of the policy and don't use any of Google's services. Problem solved? Google is not a monopoly, there are a plethora of alternatives for any of their services. If you don't like their terms then they might as well take their ball and go home.

Re:

[Elldallan]

Well the EU might not in the end be able to restrict how Google use the data but they can make it very painful for Google to refuse compliance with the law, they can seize any and all Google property inside the EU(including the funds Google funnels through Ireland because the low corporate tax which is most of Google's global profits...), they can order funds frozen internationally and anyone other than the US who cares to have EU as a trading partner will probably comply, they can harass any Google executi

Re:

[boarder8925]

It is not like it is rocket science.

No, but it is like rocket surgery.

Easy you put into law

[aepervius]

We have had law about privacy and IT and database for about as long as it started to become a phenomenon, I think back in the 80ies. For example you may not in certain circumstance do a join on database, or have races, skin color, religion, political affiliation, or whatnot mentioned in some database (I don't recall exactly when it is allowed, but you can take for granted that in a commercial database it is msotly not allowed). There is something similar on EU level.

That you in the US (or any other country) don't care that you are the "product" is your problem. but if google want to have a commercial presence in EU it better respect our privacy laws. And No it is not YOUR responsibility to use different usernames, it is google responsibility to respect law and not join DB.

Re:

[foniksonik]

Almost 100% certain Google does none of the mixing you refer to. They don't even ask those questions.

Re:

[gl4ss]

not allowed to mine data they collect from different sources for different purposes? what's strange about that.

Re:

[jonbryce]

Yes that is correct. If you collect personal data for one purpose, you are not allowed to use it for another purpose without the data subject's permission.

For example, if you collect data about a user's web browsing activity for the purpose of advising them if the page they are about to visit contains malware or is a phishing site, you can't then use it for targeted advertising without the user's explicit permission. Burying it in paragraph 11428 of the T&C that they never read is not obtaining their

Microsoft Policy

[hresult]

Interesting, why don't they also require Microsoft to reverse its recent privacy policy change which is essentially the same (unification of the company's services).

Re:

[Elldallan]

They probably/quite possibly will, no one has ever accused a bureaucracy if being fast or nimble.

too bad...

[kenorland]

It's too bad people can't opt out of the intrusive data collection and privacy invasion schemes of the European governments. Frankly, I greatly prefer Google having my private data than the German or French government.

it's better to use many services anyway

[kenorland]

I don't like Google tying together all these services. I think it is a privacy nightmare and it's risky too. For example, if your Google account gets disabled because of a blog post, you lose access to all your Android apps and Google movies. But you know what? You have a choice.

The sooner people realize this, the better, because that means it keeps alternative services viable. And there still are plenty of alternatives to every service Google offers.

But we don't need European "privacy regulators". Sla

Re:

[gl4ss]

uhh.. many of these services WERE different services, like youtube.

buying services and integrating data from them to google main db is googles business. that's not entirely within eu laws though.

Re:

[Elldallan]

it's not illegal but it does typically require government permission, see the Motorola takeover for example, Google was required to give certain promises to be allowed to buy Motorola

Re:

[kenorland]

It's the problem with capitalism in general. It happens all the time, everywhere. I think buying a company in another market area should be considered illegal if your market share is above 50%. Hell, make it 30%

YouTube was little more than a brand name, a few engineers, and a money losing proposition. What exactly did you want to "prohibit" there?

Furthermore, since you like to beat up on capitalism, I suggest you look at what's happening in Europe's "social market economies" or socialist nations: instead o

Unreasonable?

[MrLint]

Like it or not, it is not unreasonable to unify their policies. This idea to break it up again seems the wrong track, address what you don't like about the over arching policy, as presumably any new services will come under that.

Re:

[Sique]

I only remember one where the result was, that yes, playing violent video games increases your aggressivity. The effect in size was comparable to drinking a pot of coffee.

Re:

[geekoid]

So you got nothing? Well done.

Re:

[Sique]

They can do that. If Google does not play by their rules, they can put penalties on Google or even exclude Google from doing business in the EU. Sure, Google can still do business in other legislations, but no revenue will come to them from the EU.

Re:

[Elldallan]

Sure they can, they can issue whatever orders they want to Google but if Google is convinced that the EU lack jurisdiction someplace they can choose to ignore those orders. BUT since Google currently funnels most of it's global profits through Ireland because of the low corporate tax there life could become VERY difficult for Google if the EU decides to order that those funds be frozen which it can do since Ireland is within it's jurisdiction, it's the same as when the US govt sizes .com address from people

Re:

[Chrisq]

...and what happens if this works and google reverts the policy?

You'd have ten bleeding passwords to remember instead on one sign-on

Re:

[Lumpy]

"Are you parnoid yet? I am."

Only if he watches me look at porn.... Then not only am I paranoid, but really creeped out.

Re:

[foniksonik]

Now imagine that same guy doing that to tens maybe hundreds of millions of people.

Your info is now just a tiny speck in an ocean of data. Other than being tied into a set of grouped profiles that include hundreds of thousands of similar people you are insignificant and completely anonymous (unless you draw attention to yourself in a malicious way - at which point various gov agencies will be crawling through your trash and your data).

Now how are individuals being abused? Oh that's right, targeted ads. The e