Entries with tag european data privacy.

EU Regulators Issue “Right to be Forgotten” Guidelines

EU data-protection regulators have drafted a set of criteria regarding the handling of right to be forgotten appeals, after a two-day meeting in Brussels. The EU’s Article 29 Working Party—consisting of a representative from each member state’s data-protection authority and one from the European Commission—is expected to finalize the guidelines by the end of November 2014. The right to be forgotten gives Europeans the ability to request that search engines eliminate old or nonessential information about them. With some exceptions, search engines must do so. The new guidelines address matters such as record-keeping and the appeal of decisions not to remove material. For example, each EU member state would have to appoint a contact person to make sure that appeals are handled consistently. The guidelines are designed to provide regulators with criteria they can use in decision-making, such as the public role of the person making the request, if the information regards a crime, and how old the information is. The Article 29 Working Party met with representatives from Google, Microsoft, and Yahoo before drafting the guidelines. The right to be forgotten has proven to be controversial since its implementation in May of this year. Proponents say it’s necessary to protect individuals’ privacy. Opponents say it will leave search results in Europe incomplete and different from those in the rest of the world, and cause too much work for search-engine operators. So far, Google has received 120,000 requests to remove information. (Reuters)(Bloomberg)

Google Decision to “Forget” BBC Article Draws Fire

Google is processing requests to comply with the European Commission’s (EC’s) “right to be forgotten” ruling, but its decision to remove a BBC blog post from search results is causing officials and journalists to question the company’s judgment. The ruling says that search-engine operators must remove outdated and irrelevant results that appear in EC member nations about people if they request such action, unless it is not in the public interest. To comply, Google removed a link to an October 2007 piece by BBC economics editor Robert Peston about CEO Stan O’Neal’s departure from financial-management firm Merrill Lynch. However, O’Neal reportedly did not request its removal, which was done in connection with a reader comment about the article. Peston has said he will appeal the removal. EC spokesperson Ryan Heath said there was no “reasonable public interest” for the removal. At least two senior EC officials have said the removal misinterprets the ruling, which isn’t supposed to apply to news articles. Google has had 250,000 requests to remove links under the law. “It may be that [Google] decided that it’s simply cheaper to just say yes to all of these requests,” Heath said. “That's going to spark its own debate and rightly so." (BBC)(CNN)(The Telegraph)

Europe’s “Right to be Forgotten” Is Proving Difficult to Execute

Last month, the European Court of Justice ruled that individuals have the “right to be forgotten,” which holds that search-engine operators should delete outdated, inaccurate, or irrelevant information from the results they return. However, search-engine operators are finding this hard to accomplish, particularly because they have received huge volumes of deletion requests from users. . For example, Google says it is fielding an average of 10,000 requests per day. The right to be forgotten has proven to be controversial. Proponents say it is necessary to protect individual privacy. Opponents say that it is a form of censorship, will be too time-consuming and expensive to comply with, and will balkanize search result by creating one set for Europe and one for the rest of the world. Issues surrounding the European Court of Justice’s decision led to two days of meetings by EU data-protection authorities. The group of 28 data authority leaders is scheduled to produce an agreement specifying compliance requirements in September of this year. (TIME)(Reuters)

Google Fined by Spanish Government for Breaking Data Protection Laws

The Spanish Data Protection Agency has levied a €900,000 (US$1.23 million) fine against Google for three different violations of its data protection laws for its “indeterminate and unclear” privacy rules. Google, which combined some 70 different privacy policies from its different services into a single user policy in March 2012, is accused of failing to provide sufficient details about how it collects information, shares data, and also not properly informing users about its policies. Several other European data protection agencies have also been scrutinizing Google’s privacy policy. (PC Mag)(ZD Net)

France Seeks Sanctions against Google for Flaunting Privacy Laws

Google faces financial sanctions in France after failing to obey with an order to bring the way in which it stores and shares user data in compliance with the nation’s privacy laws. The company faced scrutiny by various European data-protection authorities after changing its privacy policy in 2012. Google was ordered on 20 June 2013 to comply with French privacy laws within three months, but it has reportedly did not do so by the time the deadline passed.  Google faces a maximum fine of €150,000 (US$202,562) for a first offense with an additional €300,000 for a second offense. It could also be ordered to change aspects of how it processes personal data for three months. (SlashDot)(CMO)(C.Nationale de L'Informatique et des Libertes)

European Data Regulators Press Google on Privacy

Data regulators in France and Italy are among the latest European officials to require more transparency from Google regarding its collection and handling of large amounts of user data. Italy has requested additional data from Google and said it is considering sanctions for any breaches of its user privacy rules. The French data protection agency has already found Google in violation of its rules. The search giant now has three months to change its policies and practices or be subject to sanctions by France’s Commission Nationale de l'informatique et des Libertés, its data protection agency designed to ensure that the collection, storage, and use of personal data doesn’t violate privacy laws. The sanctions could include a fine of up to €150,000 (about $198,000) plus a second fine of €300,000 (about $395,000) if Google continues to not comply. Meanwhile, Spain initiated a sanction procedure against Google for infringement of Spanish data protection laws. The UK, Germany, and the Netherlands are also planning some type of action against Google. Additionally, 37 European data protection agencies  signed a joint letter expressing concern about Google Glass to company CEO Larry Page . The company is developing Google Glass as a wearable computer with an optical head-mounted display. (Reuters)(Fast Company)(The Guardian)

Google Not Responsible for “Right to Be Forgotten”

A senior European judicial official issued a formal opinion stating that Google and other search providers are not responsible for third-party information  in their search results and that there is no general “right to be forgotten” in current data protection laws. The right to be forgotten addresses the storage of personal public data by organizations, including telecommunications providers, and places limits on the time the data is available. Under the EU’s Data Protection Directive, originally adopted in 1995, search engine service providers are not responsible for any personal data that may appear on the webpages they return in response to queries, stated European Court of Justice advocate general Niilo Jääskinen, in a formal opinion written to the court. National data protection authorities in Europe cannot require a search engine to remove third-party information from its index, such as a newspaper article, unless it is incomplete, inaccurate, libelous, or criminal. Jääskinen issued his opinion in response to a 2009 Spanish case in which an individual asked Google to remove old financial information about his debts that were originally published in a newspaper article from its index. Spain’s data-protection agency found in the individual’s favor and asked Google to remove the third-party information so that it wouldn’t appear again in search results. Google contested the ruling in court. Jääskinen’s opinion is not binding on the European Court of Justice, which is expected to issue a ruling later this year. (Financial Times)(BBC)(The Associated Press @ The San Jose Mercury-News)(PC World)(European Network and Information Security Agency)

European Agencies Investigate Google Privacy Practices

Six EU data-protection agencies announced the launch of “coordinated” enforcement measures against Google for failing to resolve problems with its new privacy policy. The technology giant changed its policies last year, creating a uniform privacy approach for all of its products. European authorities and privacy advocates claim this doesn’t adequately protecting the data Google collects and demanded changes in a 19 March meeting. They say Google has not made any changes. France’s National Commission for Computing and Civil Liberties led the EU task force, which includes agencies from Germany, Italy, the Netherlands, Spain, and the UK. All six organizations launched new investigations of Google and could impose fines on the company. “Our privacy policy respects European law and allows us to create simpler, more effective services,” responded Al Verney, a Brussels-based Google spokesperson. “We have engaged fully with the data-protection authorities involved throughout this process, and we’ll continue to do so going forward.” (BBC)(Bloomberg)

Showing 8 results.