Google has been fined 50 million euros by the French data censor CNIL, for a breach of the EU's data protection rules.
CNIL said it had levied the record fine for lack of transparency, inadequate information and lack of valid consent regarding ads personalisation. It judged that people were not sufficiently informed about how Google collected data to personalise
advertising and that Google had not obtained clear consent to process data because essential information was disseminated across several documents. The relevant information is accessible after several steps only, implying sometimes up to five or
six actions, CNIL said.
In a statement, Google said it was studying the decision to determine its next steps.
The first complaint under the EU's new General Data Protection Regulation (GDPR) was filed on 25 May 2018, the day the legislation took effect.The filing groups claimed Google did not have a valid legal basis to process user data for ad
personalisation, as mandated by the GDPR.
Many internet companies rely on vague wording such as 'improving user experience' to gain consent for a wide range of data uses but the GDPR provides that the consent is 'specific' only if it is given distinctly for each purpose.
Perhaps this fine may help for the protection of data gathered on UK porn users under the upcoming age verification requirements. Obtaining consent for narrowly defined data usages may mean actions could be taken to prevent user identity and
browsing history from being sold on.
A US federal judge has thrown out a lawsuit that Google's non-consensual use of facial recognition technology violated users' privacy rights, allowing the tech giant to continue to scan and store their biometric data.
The lawsuit, filed in 2016, alleged that Google violated Illinois state law by collecting biometric data without their consent. The data was harvested from their pictures stored on Google Photos.
The plaintiffs wanted more than $5 million in damages for hundreds of thousands of users affected, arguing that the unauthorized scanning of their faces was a violation of the Illinois Biometric Information Privacy Act, which completely outlaws
the gathering of biometric information without consent.
Google countered claiming that the plaintiffs were not entitled to any compensation, as they had not been harmed by the data collection. On Saturday, US District Judge Edmond E. Chang sided with the tech giant, ruling that the plaintiffs had not
suffered any concrete harm, and dismissing the suit.
As well as allowing Google to continue the practice, the ruling could have implications for other cases pending against Facebook and Snapchat. Both companies are currently being sued for violating the Illinois act.
A bill was recently introduced to the New York State Senate by Senator Kevin Parker and Brooklyn borough President, Eric Adams, that would require gun license applicants to hand over social media passwords, and 3 years of search history for
review by the State. Regardless of how you feel about gun rights, this is a clear violation of privacy, and a request like this in any context is completely inappropriate, and totally unconstitutional. Background checks are one thing, but the
process outlined in this bill goes way too far. This isn't about gun rights, this is about privacy rights.
The authorities intend to check that all licence applicants are totally politically correct. The relevant text of the bill reads:
In order to ascertain whether any social media account or search engine history of an applicant presents any good cause for the denial of a license, the investigating officer shall, after obtaining the applicant's consent pursuant to subdivision
three of this section, and obtaining any log-in name, password or other means for accessing a personal account, service, or electronic communications device necessary to review such applicant's social media accounts and search engine history,
review an applicant's social media accounts for the previous three years and search engine history for the previous year and investigate an applicant's posts or searches related to:
(i) commonly known profane slurs or biased language used to describe the race, color, national origin, ancestry, gender, religion, religious practice, age, disability or sexual orientation of a person;
(ii) threatening the health or safety of another person;
(iii) an act of terrorism; or
(iv) any other issue deemed necessary by the investigating officer.
For the purposes of this subdivision, "social media accounts" shall only include facebook, snapchat, twitter and instagram, and "search engine" shall only include google, yahoo and bing.
Security experts have long warned that it's extremely dangerous to give your password to anyone, including your local police department. It not only exposes you to unreasonably intrusive analysis, but also exposes private details of everyone you
have ever communicated with with online. If your friend wants to buy a gun does that mean the police should get to read every message you've ever sent them? The best thing we can do is reject these ideas right now to prevent bad privacy practices
from become normalized.
It makes perfect sense to require background checks and other vetting before allowing someone to purchase a weapon, but setting any precedent that allows the government to demand social media passwords is extremely dangerous. If you care about
privacy, and keeping a close eye on overreaching state power, please sign this petition and tell the NY State Senate that you oppose bill S9191.