Consumer associations from five European countries, including France, have lodged a complaint against Google with the national authorities for the protection of personal data, the European Bureau of Consumers’ Unions (BEUC) announced on Thursday.
These organizations (also deployed in Greece, Norway, the Czech Republic and Slovenia) accuse the American giant of encouraging users to “authorize extensive and invasive processing” of their personal data when creating their account, in violation of the General Regulations on European data protection (GDPR). The associations of three other countries (Denmark, the Netherlands, Sweden) have written about this to their national regulators, and the German organization VZBV has sent a warning letter to Google, according to BEUC.
“Many signals attesting to breaches” of Google in the application of the GDPR
When creating a Google account, “one step is all it takes to allow Google to monitor and exploit everything you do. If you want to benefit from the privileged settings of privacy protection, you face a long process and unclear and confusing options,” said BEUC Deputy Director General Ursula Pachl. “Privacy should be the default and easiest choice for consumers,” she insisted. BEUC points out that consumers are sometimes obliged to create a Google account, for example when buying a smartphone using the Android system, which concerns almost 7 out of 10 devices in the world, if they want to download applications from the Google Play Store.
The French association UFC-Que Choisir indicated that, like its European counterparts, it had “received many signals attesting to the breaches” of Google in the application of the GDPR and transmitted a user’s complaint to the Commission Informatique et Libertés (Cnil ). Google, on the other hand, ensures that the options offered to users when they create an account “are clearly presented and easy to understand”. “We have developed them based on extensive research findings, and guidelines from data protection authorities, as well as feedback from user testing,” a spokesperson said in a statement. “We are committed to making those choices simple and clear,” he added. In France, Google was sentenced in December 2021 by the Cnil, data protection policeman, to a fine of 150 million euros for its practices in terms of “cookies”, these digital tracers used in particular for targeted advertising.
SEE ALSO – Cyberattacks: how big is the Russian threat?