Google May Win, Whether Or Not It Bows To EU Privacy Pressure

The slow-motion collision of Google and the EU privacy watchdogs has taken most of this year – and it is not over yet, by a long shot.

The new Google privacy policy, which merges all user data into one money-making pot for Google was on the table, and EU privacy bodies warned it would fall foul of regulations. Google went ahead and implemented it, and was duly warned that there could be trouble.

Today, that trouble emerged… and yet, Google is still insisting it won’t have to make any changes to the policy. And we would expect, whatever the changes it does make, it won’t have a huge impact on the company.

Google privacy in the dock

All this could have been seen well in advance. Google must converge user data, if it wants to continue making lots of money from the behaviour of its users.

The European watchdogs’ Article 29 working Party gave a clear signal it meant business when it sent the French regulator, CNIL in to do battle.

It could have appointed the Irish regulator – given that Google’s European head office is there, though that is purely to avoid paying taxes.

It could have appointed the UK’s regulator, but the ICO, has a notaby gentle approach to Google. There’s also a bit of a revolving door, as a senior Google privacy executive actually shifted across from the ICO, after the ICO had investigated Google’s notorious WiSpy data collection incident.

“The choice of CNIL to co-ordinate the European DPAs was in itself a sign of things to come,” said Marc Dautlich, head of information law at law firm, Pinsent Masons. “The CNIL is widely considered to take robust positions on privacy matters.”

But now that CNIL has pronounced Google to be a privacy perpetrator, what next? Will we see a sudden change in anything? Well, no.

Firstly, Google doesn’t agree, and has well-paid lawyers who are lining up to explain its side of the argument, putting the case that it is doing just fine over privacy, and only needs to share user data in order to give its users the kind of exciting services they want.

Secondly, even if Google’s objections are ruled out, there’s no unified system for privacy in Europe. CNIL lead the inquiry, but its recommendations will be implemented (or not) by a patchwork of regulators, who all have widely differing powers and attitudes to cases like this.

This judgement is supposed to usher in a new “co-ordinated era” which will apply combined pressure on Google. “The characteristics of the new era are co-ordinated activity by DPAs and early publication of the chargesheet,” said Dautlich. That’s supposed to be more effective than the old order, where individual users ganged up on privacy perpetrators – but I can’t see the new order getting into gear very quickly.

The real Google privacy issues are only just starting too. In the US, the search firm was fined £14 million ($22.5m) for abusing the privacy of users of the Apple Safari browser, and it has faced a stream of objections to its StreetView application.

So Google will see these new orders as just one more front in a privacy battle which it is determined to win, by attrition or any other means – as its users’ data is quite simply its biggest asset.

In the end, Google is likely to triumph. It has the resources to argue the toss for a good long while, and then implement something which meets the minimum requirements of the regulators. And then it will be down to the users to operate in a smart way within what the company sees fit to offer.

At that point, the users come into play, and whatever extra tick-boxes the EU regulators can persuade Google to install, those users will probably just tick them, and give Google the data it wants, rather than face any delay in using Gmail, Youtube, Google Maps or any of its other services.

Big players like Google have the clout to get users to login smoothly and consent to have their data shared. So the EU’s action could, in the end actually benefit the large US players like Facebook and Google, while making life harder for smaller European players.

“The proposed EU Data Protection Regulation, with its stiff requirements in relation to consent (including online) is actually likely, in the digital world, to benefit the larger (almost exclusively US) platform businesses,” said Dautlich. Users will feel that participating in Google and Facebook is essential, but will feel they can make a more “nuanced” decision, tweaking their acceptance  – or even rejecting – smaller players which don’t have such a huge share of the online mind.

It’s a depressing thought. No matter how good the EU’s privacy stance against Google, the sheer size of the company may rule against it being really effective.

Are you a Google expert? Take our quiz!

Peter Judge

Peter Judge has been involved with tech B2B publishing in the UK for many years, working at Ziff-Davis, ZDNet, IDG and Reed. His main interests are networking security, mobility and cloud

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago