With great power…
The EU paints a worrying picture of Google’s increasing access to personal data from across numerous services. According to the CNIL, visits to sites that display a ’1+’ Google+ button will be stored for at least 18 months, while data collected via DoubleClick ad cookies is stored for two years and can be renewed without consent. The EU said such power and control over user data must be used responsibly.
Yesterday Google co-founder Larry Page went on the offensive, rebutting the EU’s claims. Page said it was “sad” that regulators are trying to restrict types of online data collection and that certain Google products would not have been possible with data collection. The co-founder used the example of a potential Android feature that could prevent your phone from interrupting you during a scheduled meeting.
But according to a New York Times source, Google execs “breathed a sigh of relief” at the EU response, as it expected the regulators to implement a much harsher penalty, such as fines and concrete charges that Google broke the law. As it stands the EU is giving Google a loose timeframe of 4 months to change its policy and explain more clearly what exactly it does with the data it collects.
“Google bought some time,” said Mark Rotenberg, president of the Electronic Privacy Information Center, adding that the message from European authorities was: “We’ve been through this before, with companies like Facebook, and they responded. If you choose not to respond, you do so at your own risk.”
“If Google’s get-out is that it’s only being told ‘should’ rather than ‘must’, then it becomes a question of trust,” said Dautlich. “How does a company purport to be transparent and trusted if they’re put to the test and use a legal nicety to avoid it?”
Google is not invulnerable. The more a company proves itself untrustworthy, the more dangerous the PR fallout when things eventually go wrong.