Tag Archives: Google

Spotlight shone on online advertising as complaints are filed with EU supervisory authorities

On 12 September 2018, complaints were filed with the UK Information Commissioner’s Office and the Irish Data Protection Commissioner regarding the “wide scale and systemic breaches of the data protection regime” by Google and others in the online advertising industry (the Complaints). The Complaints The Complaints were submitted by Brave, an ad blocking web browser, … Continue Reading

Google Makes Ad-Tracking Change in its Privacy Policy

In 2007, Google bought online ad network DoubleClick, which uses cookies to collect and store data about Google users from their browsing history, to best place clients’ ads. This past June, Google revised its privacy policy to state that users’ activities on other sites tracked by DoubleClick “may be associated with [their] personal information.”  This … Continue Reading

Galloway v Frazer & Others – A glimpse to the future of data protection litigation

On 27 January, the High Court of Northern Ireland granted British MP George Galloway leave to serve proceedings on Google Inc. out of the jurisdiction. The application was based on a variety of claims including libel, harassment, misuse of private information, and unlawful data processing under the Data Protection Act 1998 (the Act). The claims … Continue Reading

Second Circuit Holds That the Google Digital Books Project Is Protected Under the Fair Use Doctrine

On October 16, the Second Circuit ruled that Google’s scanning of millions of books without the copyright holders’ permission, for use in its “Google Books” database, is permissible under the fair use doctrine. Google Books enables members of the public to search for terms within these books and view snippets of machine-readable text containing their search … Continue Reading

UK first: right-to-be-forgotten notice issued against Google Inc.

The UK’s Information Commissioner’s Office (‘ICO’) has published what appears to be its first public enforcement notice based upon “the right to be forgotten” against Google Inc. The “right to be forgotten” was introduced by the ECJ last year when it held that data subjects have a right to compel search engines to remove results … Continue Reading

Google signs UK Undertaking to Improve its Privacy Policy

On 30 January 2015, Google signed an Undertaking with the Information Commissioner’s Office (ICO) to improve and amend the Privacy Policy it adopted 1 March 2012. Among other things, the modifications to the Privacy Policy allowed Google to combine personal data across all services and products. For example, personal data collected through YouTube could now … Continue Reading

Hong Kong Privacy Commissioner Ends 2014 with Special Interest in Mobile Apps

The Hong Kong Privacy Commissioner of Personal Data (the “Commissioner”) ended 2014 with a special interest in mobile applications (“apps”). In a media statement published 15 December 2014, the Commissioner reported that versions 4.3 and earlier of Google’s Android operating system contained a flaw that allowed others to read shared memory in mobile devices without … Continue Reading

Dutch Data Protection Authority Threatens Google with a €15 million fine

The Dutch data protection authority, College Bescherming Persoonsgegevens (CBP), released a cease and desist order requiring Google to pay €60,000 per day, up to a maximum of €15 million, for violating Dutch data protection law, Wet bescherming persoonsgegevens(Wbp). Google has until the end of February 2015 to change the way it handles personal data. The … Continue Reading

EU Art. 29 Releases Guidelines on the Right to be Forgotten

In November, the Article 29 Data Protection Working Party (Working Party) released guidelines as to how the Data Protection Authorities (DPAs) assembled in the Working Party intend to implement the judgment of the Court of Justice of the European Union (CJEU) in the case of Google Spain SL and Google Inc. v Agencia Española de … Continue Reading

UK High Court considers implications of the Google Spain case for the first time

In July 2014, the High Court (the ‘Court’) considered for the first time the implications of the landmark decision in Google Spain, when delivering an interim judgment in the case of Hegglin v Persons Unknown [2014] EWHC 2808 (the ‘Judgment’). Mr Hegglin (the ‘Claimant’), a businessman who lived in London but now resides in Hong … Continue Reading

Google Exposed as in Breach of Dutch Data Protection Law

The Dutch data protection authority, the College Bescherming Persoonsgegevens (CBP), has released a report following a seven-month investigation examining Google’s changes to its privacy policy. CBP’s report condemns Google for violating Dutch data protection law, the Wet bescherming persoonsgegevens (Wbp). Controversially in March 2012, Google made changes to its privacy policy (GPP2012) to allow the … Continue Reading

Maximum administrative fine issued by the CNIL against Google: More to come?

This post was written by Daniel Kadar. After almost two years of back and forth with Google, the French CNIL has, similarly to the Spanish Data Protection authority (€900,000 fine), sanctioned Google with a €150,000 fine, as Google refused to review its integrated platform and to modify its privacy policy as requested by the Working … Continue Reading

Court Ruling Reinforces The ‘Right To Be Forgotten’ On Social Media Sites

This post was written by Cynthia O’Donoghue. The "right to be forgotten" is a hot topic of discussion in the context of imminent EU Data Protection Reform. Article 17 of the new EU General Data Protection Regulation will give data subjects the “right of erasure” to request that data controllers delete any personal data relating … Continue Reading

Google refuses to submit itself to the scrutiny of English courts

This post was written by Cynthia O’Donoghue. An action against the California-based Internet giant, Google, was recently brought in the English courts. The individuals, supported by the campaign group known as Safari Users Against Google’s Secret Tracking, claim that the search engine provider bypassed the security settings on their Apple iPhones and Mac computers in … Continue Reading

Google Inc. Fined for Street View by Hamburg DPA – There is More to the Street than Meets the Eye

According to a press release Monday, the Hamburg Officer for Data Protection and Freedom of Information issued a fine in the amount of €145,000 against Google Inc. for illegal recording of information from Wi-Fi networks. While Google’s cars roamed the streets in Germany during the years 2008-2010, they not only took pictures of houses and … Continue Reading

CNIL vs. Google, Act V: Six Data Protection Authorities led by the French CNIL are now starting action in order to penalize Google

This post was written by Daniel Kadar. Pursuant to their common decision 26 February 2013 to engage action in order to penalize Google Inc. for refusing to revise its global privacy policy, six of the European Working Party 29 regulators, led by the French CNIL, have now jointly started to act in their respective jurisdictions … Continue Reading

Italian Court Acquits Google Executives

This post was written by Cynthia O’Donoghue. Three senior Google executives, given six month suspended jail sentences in Italy in 2010 for data protection breaches relating to the content of a video post by a user in 2006, have been acquitted by an appellate court in Milan. The Google executives, including Google’s chief privacy officer, … Continue Reading

FTC Releases Statement about Approval of FTC’s Consent Decree with Google

This post was also written by Frederick H. Lah. Last week, the U.S. District Court approved the $22.5 million civil penalty against Google for violating a consent order. Yesterday, FTC Director of the Bureau of Consumer Protection David Vladeck released a statement about the Court’s approval, calling the consent order “a clear victory for consumers and … Continue Reading

CNIL vs. Google, Act IV: Google Against the Rest of the World of the Data Protection Regulators

We have previously reported on the different requests and repeated questionnaires the Commission nationale de l’informatique et des libertés (CNIL) has sent to Google over the past few months regarding the evaluation of Google’s compliance with applicable European Data Protection Regulation concerning its new integrated privacy policy, as well as the new integrated platform launched … Continue Reading

Is the New Facebook Settlement About Privacy? Or, Revenge of the Prosser Torts.

This post was also written by Frederick Lah. Recently, Facebook announced a proposed settlement of a national class action in the United States District Court for the Northern District of California. Fraley, et al. v. Facebook, Inc., 5:11-cv-01726. This settlement has been described by some as settlement of a “privacy lawsuit.” See, e.g., “Facebook to Settle Privacy … Continue Reading

CNIL vs. Google, Act III: CNIL sends Google a 6-page additional Questionnaire on Google’s New Privacy Policy since it is still “impossible to know Google’s processings of personal data”

We have previously reported that the French Data Protection Authority (DPA), the CNIL, had sent to Google 19 March 2012, a 12-page questionnaire divided in not less than 69 main questions on Google’s new privacy policy. The CNIL has been designated by the Working Party 29 to evaluate the compliance to applicable data protection regulation … Continue Reading

CNIL vs. Google, Act II: the CNIL Strikes Back – CNIL sends Google a 12-Page Questionnaire on Google’s New Privacy Policy for its Integrated Platform in Order to Verify its Compliance with Applicable European Regulation

This post was written by Daniel Kadar. Google’s CEO, Larry Page, now belongs to the happy few who enjoy direct and regular contact with the CNIL’s president, Mrs. Falque-Pierrotin: he received on 19 March another letter from the French Data Protection Authority’s president pursuant to Google’s decision to launch its new integrated platform 1 March, … Continue Reading

A recent Initiative for a Competitive Online Marketplace (“ICOMP”) Conference on ‘Data Protection and Profiling’ poses difficult questions in relation to Google’s attitude towards the law, exploitation of user information and its new privacy policy

A recent ICOMP Conference on ‘Data Protection and Profiling’ in Brussels focussed primarily on the implementation of Google’s new privacy policy on 1 March 2012. ICOMP provides a discussion forum for organisations and policy makers relating to the online marketplace aimed at supporting principles related to a transparent and competitive Internet. There was some controversy … Continue Reading
LexBlog