Google and Microsoft continue to face tough business practice and privacy scrutiny in Europe. There’s sharp criticism from European Union (EU) officials over Google’s privacy policies for its users and antitrust concerns with Microsoft related to whether it is giving users a choice in the Web browsers they use in the new Windows 8 operating system.
Google’s privacy policies for users’ data were assailed earlier this month by the EU, which argued that Google isn’t being clear enough about how it uses consumer data that it collects. The company’s efforts do not meet existing European standards of privacy, and are causing authorities in Europe to push Google to come into compliance with those laws.
On March 1, Google enacted major changes to its data privacy policies and folded 60 of its 70 previously separate product privacy policies under one blanket policy. The EU has been challenging many of those changes in recent months.
Microsoft, meanwhile, came under the microscope of the EU Oct. 24 for allegedly violating a 2009 commitment to allow European users to have a choice of Web browsers inside Microsoft’s Windows operating systems. The 2009 agreement addressed competitive concerns that came from the EU and included the stipulation that Microsoft would offer a screen of browser choices to European users of its Windows OS through 2014, from which users could decide which browser they wanted to use.
The agreement called for a choice screen that also featured such browsers as Mozilla’s Firefox and Google Chrome. The regulators now say that Microsoft has failed to comply with the order, sparking the latest investigation. In July, Microsoft admitted it had accidentally violated the earlier agreement and said that it would make corrections.
With both Google and Microsoft facing tougher privacy and business practices in Europe, could that mean that both companies might come under similarly tough scrutiny here in the United States as well in the future?
Jeffrey Child, an associate professor of communications and privacy expert at Kent State University, said any changes Google and Microsoft have to make to meet EU requirements could ultimately be felt here in the U.S. as some point.
“It could cause them to think about what they are doing here,” said Child. “But the truth of the matter is that most companies set their defaults for privacy to give the companies themselves greater control over the information they collect from users. This is an enterprise and if they get slammed for doing this in places, they may revise it later in those places.”
Users in the U.S. don’t seem to demand the same privacy regarding their data as do users in Europe and other places, said Child, which makes it less likely that companies like Google and Microsoft will adopt stricter privacy rules on their own. “Essentially, Americans would have to complain and they’re not doing that. We haven’t paid enough attention to the privacy breakdowns we’ve seen,” including large security breaches that affect companies and user data.
When Sony’s PlayStation game systems had a Website security breach several years ago involving user credit card numbers and other personal data, it made headlines and got attention, but it never led to massive overhauls about how companies in general deal with customers data, said Child.
“People should not expect companies to maintain their privacy,” said Child. “The status quo is that they are going to collect as much information as they can and use that in ways that advance their concerns or give them a competitive advantage.”
Microsoft, Google European Privacy Concerns Could Affect U.S.
Rainey Reitman, the activism director for the privacy group, the Electronic Frontier Foundation, said that in general, the stricter privacy regulations faced by companies like Google, Microsoft and Twitter in Europe do have a ripple effect here in the U.S.
“European privacy law is significantly stronger than U.S. laws,” said Reitman. “Companies from the U.S. are striving to meet those stricter regulations there. For example, in Europe there are standards around an individual’s rights to access their own data, so companies have been incentivized to make it easy to get access to all the data that comps have about them.”
Once that is done in a place like Europe, said Reitman, “there’s no reason not to make them available to all your users all over the world. And we are already seeing that happen.”
Google, for instance, created a “data liberation campaign,” with a Website where users can access their searches and other content and remove it from Google’s services, said Reitman. “The principle of being able to get your data out of a Google service comes directly out of these European data standards. Google doesn’t have to offer these services to U.S. customers now, but they are already incentivized to create ways of getting your data out. It creates a pathway for users.”
For U.S. users and their privacy, the tougher EU regulations are a good thing, said Reitman. But one problem that could arise is that if the EU rules get so tough to meet for companies like Google and Microsoft, the businesses might decide to create and maintain EU-specific privacy policies, which then might not necessarily trickle back to the U.S., she said.
“That’s what we don’t want, and that we want to avoid,” said Reitman.
At a company event on Oct. 16, Google CEO Larry Page criticized the EU’s recent actions against his company in regards to its privacy policies. Instead, it’s too early and short-sighted to be limiting the possible scope of how such information can be used in beneficial ways at this point, said Page.
“Virtually everything that we want to do, I think, is somewhat at odds with, you know, locking down all your information for uses that you haven’t contemplated yet,” said Page. “So that’s something I worry about. I think it’s a very important thing.”
The problem is “we don’t actually know how the Internet’s going to work 10 years from now,” said Page. “So it’s kind of, I think, a mistake to start carving out large classes of things that you don’t really understand yet, that you don’t want to let people do. I think that’s kind of the approach that I think a lot of regulators are taking, which I think is sad.”