Google officials once again are being accused by regulators of not being cooperative with investigators looking into privacy issues concerning the dominant Web 2.0 company.
The CNIL welcomes Google’s collaboration but regrets that the answers are often incomplete or approximate, the organization said.
The CNIL sent another questionnaire to Google May 22 in hopes of clarifying some questions, and met with Google representatives May 23. It has given Google until June 8 to answer the new questions.
Google officials said the move would improve the quality of service. Critics disagreed, saying it was the latest step by Google to create better digital profiles of users in hopes of boosting its online ad business.
The European Union had asked Google to delay implementing the new policy until the questions raised by the CNIL had been answered. Google officials declined, stating that they were confident the policy adequately protected the privacy and rights of European citizens.
Now the CNIL is pushing Google executives to be more forthcoming in their answers. Given the current information, the CNIL considers it impossible to know Google’s processing of personal data, as well as the links between collected data, purposes and recipients, and that the obligation of information of the data subjects is not respected. The CNIL also notes that Google has not provided a maximum retention period for the data.
CNIL officials said they are still concerned about the purpose and legality of Googles combining of personal data across services, and whether the opt-out procedures in place are a valid means for users to oppose Googles efforts.
French Regulators Want More Information From Google
Finally, Google has not provided a practical answer on the way the ePrivacy Directive is applied for Google’s ‘passive users,’ i.e., the persons who use Google’s services [advertising, analytics, +1 button] when they visit third-party Websites, CNIL officials said.
Once the organization has Googles new answers, it will present a report to the EUs Article 29 Working Party, which will decide how Google can bring the new policy into compliance. Google will get the determination by mid-July, the CNIL said.
The FCC said in its report that it could not find any evidence of legal wrongdoing on the part of Google, in part because the company deliberately impeded and delayed the commissions investigation by refusing to provide information and documents requested as part of the investigation. In addition, an unnamed Google engineer who created the software that collected the WiFi data did not testify at a deposition, instead invoking his Fifth Amendment right against self-incrimination.
Google executives disputed the FCCs claim, saying they provided all the materials the regulators felt they needed to conclude their investigation, and we were not found to have violated any laws.”
Google had claimed the collection of the personal WiFi dataincluding passwords, emails and search historieswas the work of a rogue engineer. But soon after the FCC fine, it was learned that the engineer, Marius Milner, had told at least two other Google employees that such payload data was being collected.
The revelation renewed calls by privacy advocates and some politicians in both the United States and Europe to reopen the investigations into Googles Street View program.