The Irish Times

Google accused of GDPR breaches


Google is sharing users’ personal data between its services without acquiring specific consent to do so, thus flagrantly breaching fundamenta­l principles of European data protection law, one of its smaller rivals has claimed.

In a new complaint submitted to the Irish data regulator, which oversees Google’s European business, Johnny Ryan, chief policy officer of niche web browser Brave, accused the US tech company of operating an “internal data free-for-all”.

The complaint alleges that Google is taking users’ consent for certain uses of their personal data – for instance location tracking or YouTube history – and applying it to a range of other services that are completely invisible to them, a practice that is illegal under the General Data Protection Regulation (GDPR).

In one example cited, Google’s privacy policy states that “Location History saves where you go with your devices. This data is saved even when you aren’t using a specific Google service, such as Google Maps or Search... This data may be saved and used in any Google service where you are signed in [and]... helps Google give you more personalis­ed experience­s... both on and off Google.”

The notice appears to seek the user’s consent to process their location data, according to the complaint, but also indicates that such data may be used for various unknown purposes that could have nothing to do with location. It also suggests “extensive or minor data sharing with an unknowable number of Google’s business partners”, the complaint claims. – Copyright The Financial Times Limited 2020

Newspapers in English

Newspapers from Ireland