Google accused of violating GDPR privacy policies

Posted on November 30, 2018

 

Search giant Google is facing its first challenge relating to the GDPR policy after various consumer groups across seven different European countries filed complaints against the company’s location tracking software.

The European Consumer Organisation, of which the consumer groups are all members, has claimed that Google employs deceptive practices in relation to location tracking, stating that it does not give its users a choice about enabling or disabling it, and that the company does not correctly inform its users about what its tracking policies entail. It alleges that this therefore puts Google in breach of GDPR.

If these complaints are upheld, Google could be faced with a hefty fine.

The seven consumer groups come from Norway, the Netherlands, Greece, the Czech Republic, Slovenia, Poland and Sweden. They have issued their complaints to the necessary national data protection authorities in line with GDPR. The complaints have been triggered in light of a discovery that the search giant is able to track the location of a user even when the ‘Location History’ option is disabled. It was discovered that a second setting under ‘Web and App Activity’ also needs to be switched off in order to completely prevent GPS tracking, and this is switched on by default.

The European Consumer Organisation has claimed that Google has been using deceptive practices to get its users to keep both of these options enabled, and not fully informing the users of what keeping these options switched on means for them. Therefore, users are not able to freely give consent to Google.

In response to these complaints, Google has said that the Location History setting is disabled by default and has made it clear that switching the setting off does not prevent all location tracking capabilities. Furthermore, it has said that it will be reviewing the report to check if it contains any details and information it can take on board and learn from.

Google isn’t the only major tech firm to face a GDPR complaint. Earlier in the year, the Irish privacy commissioner stated that it was to investigate social media site Facebook over a security breach that had an effect on as many as 29 million accounts.

GDPR, which stands for General Data Protection Regulation, is a new legislation that came into effect in May this year. As it is still fairly new, it remains relatively untested in court, meaning that it is still unclear on exactly how strong the case being presented by the seven consumer groups will be. Should it prove to be successful, this means that Google could be liable to pay a fine equivalent of 4% of its global revenues, which could result in a $4bn penalty based on its financial results for 2017.

Alan Littler

Account Executive at Engage Web
Drawing from a broad pool of experience that ranges from university studies in English Language to his work as a medical receptionist in a busy GP practice, Alan fits right at home as Engage Web’s Account Executive.

Latest posts by Alan Littler (see all)

Like us on Facebook to see more posts like this

You might also be interested in:

No Comments »

There are no comments on this yet, be the first to write a comment.

RSS feed for comments on this post. TrackBack URL

Have your say!

We have worked with:

minute-man-press-image
TEL: 0345 621 4321