Google Privacy Policies Assailed by EU: Report

Google isn't being clear enough about how it uses consumer data that it collects from its users, says the European Union.

Google is again being sharply criticized by European officials about how the search engine giant uses the data it collects about its online users who use their extensive services.

"Google's efforts to track users across services such as YouTube and Gmail do not meet European standards of privacy, officials announced Tuesday," according to an Oct. 15 story in The Washington Post.

Regulators from 27 countries have signed a letter and sent it to Google asking the company "to give users more notice about how their data are collected and seek consent in some cases," The Post reported.

The European regulators "did not explicitly call Google's policy illegal but identified a range of shortcomings that they said could undermine user privacy and confidence in the company," the story said. Included in the letter were a series of recommended steps that Google could take to improve compliance. "As data protection regulators, we expect that Google takes the necessary steps to improve information and clarify the combination of data, and more generally ensure compliance with data protection laws and principles," the letter said, according to The Post.

One way that Google could change its privacy practices to make them better for consumers is to "provide simple opt-out mechanisms for users to control data collection, provide service-specific privacy policies in addition to its overarching rules and be sure to get explicit consumer consent for the combination of certain data," according to a blog post in The Washington Post. "Google's global privacy counsel, Peter Fleischer confirmed that the company has received the report and is reviewing it. In a statement, Fleischer said that Google stands behind its policy."

Privacy issues surrounding Google and its use of consumer data have been on the minds of regulators in Europe and the United States for some time.

In January, Google announced major changes to its data privacy policies, which folded 60 of its 70 previously separate product privacy policies under one blanket policy and broke down the identity barriers between some of its services to accommodate its then-new Google+ social network, according to an earlier eWEEK report. Google's streamlining came as regulators continued to criticize Google, Facebook and other Web service providers for offering long-winded and legally gnarled privacy protocols. The Google privacy policy changes went into effect March 1.

The biggest change that was enacted concerned Google's user accounts. When users are signed in, Google may combine identity information users provided from one service with information from other services. The goal is to treat each user as one individual across all Google products, such as Gmail, Google Docs, YouTube and other Web services.

Google claims this will lead to a simpler user experience, but it will also make it impossible for users to opt out of having their identities applied to dozens of Websites they might not have agreed to use.

In May, French regulators accused Google of not being cooperative with investigators looking into privacy issues concerning the company and its practices there. A French regulatory agency said it had sent Google a questionnaire about the new privacy policy in March, and that Google's answers, which were received in April, were "often incomplete or approximate." A follow-up survey also left questions remaining.

Google's latest business troubles in the United States could only be getting started. Google is now facing a potential antitrust case from the U.S. Federal Trade Commission, which is continuing to probe the company's operating practices in its search business. A news report from Reuters said that an antitrust case could be in Google's future in the United States by the end of the year, based on information from credible sources.

Google was first notified of a "formal review" of its business practices in June 2011 by the FTC, after similar reviews began in Europe. At that time, the European Commission launched an investigation into the company's search practices after vertical search engines such as Foundem, and Microsoft's Ciao complained the company favored its own Web services in search results on over theirs. They argued that this put them at a significant competitive disadvantage in the market.

In July, Google reached a record $22.5 million settlement with the FTC to resolve charges that Google bypassed Apple Safari browser privacy settings that blocked cookies for their users.