But the European group, along with EU Data Protection Authorities, says the changes have made it easier for Google to “combine almost any data from any services for any purposes.” In short, the EU board is arguing that sharing data across different services gives Google too much leeway to possibly use collected data in ways that users hadn’t intended them to be used.
“Combination of data, like any other processing of personal data, requires an appropriate legal ground,” Tuesday’s letter reads, “and should not be incompatible with the purpose for which these data were collected.”
Peter Fleischer, Google’s global privacy counsel, told IBD via an emailed statement that he’s now reviewing the report.
The regulators make the case that Google, as “a leader in the online world,” should be proactive in engaging with governments.
The letter says there are three main “legal issues” with the new policy. Google provides “insufficient information to users,” the “investigation confirmed our concerns about the combination of data across services” and Google “failed to provide retention periods for the personal data is processes.”
John Simpson, of Consumer Watchdog, a group critical of Google, says in a statement that Google acted with “complete disregard” for users’ privacy.
“I am glad the European Union is calling out their abuses, but am disappointed that American consumers must look across the Atlantic to see privacy rights defended,” Simpson said.
Google shares were up a fraction in afternoon trading Tuesday.