Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Australia Privacy Security

Australian Regulator Says Google Misled Users Over Data Privacy Issues (reuters.com) 11

Australia's competition regulator on Monday accused Alphabet's Google of misleading consumers to get permission for use of their personal data for targeted advertising, seeking a fine "in the millions" and aiming to establish a precedent. From a report: The move comes as scrutiny grows worldwide over data privacy, with U.S. and European lawmakers recently focusing on how tech companies treat user data. In court documents, the Australian Competition and Consumer Commission (ACCC) accused Google of not explicitly getting consent or properly informing consumers of a 2016 move to combine personal information in Google accounts with browsing activities on non-Google websites. "This change ... was worth a lot of money to Google," said commission chairman Rod Sims. "We allege they've achieved it through misleading behaviour." The change allowed Google to link the browsing behaviour of millions of consumers with their names and identities, providing it with extreme market power, the regulator added. "We consider Google misled Australian consumers about what it planned to do with large amounts of their personal information, including internet activity on websites not connected to Google," Sims said.
This discussion has been archived. No new comments can be posted.

Australian Regulator Says Google Misled Users Over Data Privacy Issues

Comments Filter:
  • And stone the crows! Thatâ(TM)s not a knoiyf googel - this is a knoiyff!! Iâ(TM)ll fight ya mate! Cmon Iâ(TM)ll foight ya!!
  • This seems really simple: companies get past using your information for profit because there aren't hard rules and penalties. Jurisdictions that are concerned about what they're doing could (and should) come up with a set of regulations like GDPR and pass it. Shove proof of compliance onto the companies and out the rats that were acting against public interest.

    You could even just flesh out existing laws with just "common sense" language that's clearly defined, and, again, name and shame the good and th
    • by ytene ( 4376651 ) on Monday July 27, 2020 @11:26AM (#60336231)
      GDPR has so many holes you could drive a fleet of buses through them.

      In the context of what Google are accused of here, one entry in the "Lawful basis for Processing" list is "If the data subject..." (that's you...) "... has given their consent." So companies get around the GDPR by:-

      1. Linking their right to do ANYTHING they want with your data to your desire to use an aspect of their product that you cannot reasonably decline. For example, banks in the EU link "GDPR Permission" to their willingness to give you a bank account. Or a credit card. Want an account? You have no choice but to agree to your terms.

      2. Obfuscating what they actually do with your data, which they can legally do in a bunch of ways. For example, they can set up an internal company structure whereby you sign a contract with a paper-thin company that does nothing accept enter agreements with customers... and then other companies in their "group of companies" - with whom they *have* to share data to offer you the service you want - can do pretty much what they want, because it's now an order of magnitude harder to figure out what is going on...

      3. Abdicate all responsibility. For example, web companies that have literally hundreds or thousands of companies that *could* serve you ads - and gain compliance by saying, "Not up to us to negotiate with all these third parties, so we'll provide links to all the companies we do business with..." At which point, if you want to opt out of data sharing, it's now on you to go to the hundreds of third parties, navigate their privacy agreements, try and find a way of disabling their spying.


      The GDPR was good in principle, but utterly flawed in implementation. Here's a good way to think about this from a "legal" perspective... If, as a private citizen, I were to bug your phone, bug your PC, listen to your telephone calls, monitor what you watch via your net-connected TV, and track your activity all around the internet, I could be charged with stalking, found guilty, then locked up for *years*. Yet all of this and more is done by corporations and citizens are literally powerless to defend against it thanks to something as harmless-looking as a "Terms and Conditions" page. Unless or until privacy legislation puts the data subject on the same legal footing - and with the legal "presumptions" in their favour (i.e. companies have to explicitly secure your permission for each and every different activity to which they apply your data) citizens are going to lose.

      For as long as the law-makers accept "campaign contributions", citizens are going to lose. For as long as governments can go to private companies with an NSL and demand all the data the company holds on your (for free), citizens are going to lose.
  • A company whose purpose is to gather other people's data and sell it for profit might have misled people into giving up that data? I'm shocked to hear such shenanigans going on.

    • I was more shocked that the regulator claims people were misled. What they didn't know?

      News Flash: Google wants your personal data to make money...

      Next News Flash: Why does Google need access to all my personal data...

  • ...seeking a fine "in the millions" and aiming to establish a precedent.

    In the first place, any fine less than hundreds of millions is merely lunch money to Google, never mind a cost of doing business. In the second place, a precedent for what, exactly? So you establish a legal framework for fining them again, and do so; at some point they'll just pull out of your little island continent, and you'll discover that you've grown much more reliant on them than they have on you.

    Pretty much all of us have made a deal with the Devil by feeding Google until it became so big that both

  • would be insisting that Google remove all of the data that it slurped without user permission. The problem is verifying that Google ever does what the court orders it to do - Google saying "yes we zapped it" will be easy but I would want hard evidence.

Do molecular biologists wear designer genes?

Working...