EU Could Get Tough With Google’s Data Collecting

By Wayne Rash  |  Posted 2012-05-27 Print this article Print

I ran across this issue earlier this year when I asked the CeBIT Press Office to pass my contact information along to an exhibitor that needed it so I could set up a demonstration. The Press Office declined my request, explaining that European privacy laws prevented such a transfer of information, even though I€™m not an EU citizen. Late last year, when I visited the Lenexa, Kan., data center belonging to 1&1, a German company, executives there explained that they couldn€™t perform offsite storage of European data in the U.S. or vice versa because of European privacy laws.

The privacy situation in Europe may be a pain in the neck for cloud services providers, but the EU takes it very seriously. Perhaps Europe's unique history has made its citizens especially sensitive after two devastating world wars and the cold war all within the span of one century, but they really don€™t want anyone, Google included, spying on them.

And ultimately, spying is exactly what Google has been doing. While the European Union€™s investigators have been too polite to call Google€™s spying what it really is, there€™s no question that the EU will demand (and ultimately get) Google to comply with its laws.

Of course, Google is taking flak from both sides of the Atlantic. The company€™s Street View cars collected WiFi data wherever they went, primarily because knowing the identity of a WiFi radio is a fairly reliable means of determining location (although it has its limits). But all that Google really needs is the SSID or the MAC address of the access point.

What Google got was a everything that was being transmitted between the AP and the mobile device using it when the Street View car went by. If the WiFi communication was encrypted, then Google didn€™t harvest any information, but most people don€™t encrypt their WiFi devices, and Google kept that data. While it was fragmentary, it was still harvested and put into Google€™s collection of data, where it was associated with everything else that was known about that access point.

When you have the Street View data, as well as data from Google€™s mail, Google Apps, Google Plus along with data from all of the other Google offerings and you associate it into a single data set, then you have more than you really need to know about someone. This is true even if you only collect the details about someone€™s searches€”even if their searches are fairly innocent. Is the person looking for a new car? A source of baby food? Tax lawyers? All of these things add one more piece of data about the person using the service.

This is the problem that the EU has with Google€™s privacy policy. Google puts no meaningful limits on how it shares and combines data. It is, in every sense of the word, an intelligence service operated for profit. 

Wayne Rash Wayne Rash is a Senior Analyst for eWEEK Labs and runs the magazine's Washington Bureau. Prior to joining eWEEK as a Senior Writer on wireless technology, he was a Senior Contributing Editor and previously a Senior Analyst in the InfoWorld Test Center. He was also a reviewer for Federal Computer Week and Information Security Magazine. Previously, he ran the reviews and events departments at CMP's InternetWeek.

He is a retired naval officer, a former principal at American Management Systems and a long-time columnist for Byte Magazine. He is a regular contributor to Plane & Pilot Magazine and The Washington Post.

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel