3 Comments

Summary:

A Berlin court has upheld a complaint by the Federation of German Consumer Associations, which argued that Google’s users can’t be certain what they’re signing up to when they agree to the firm’s terms and conditions.

Google evil

Google’s privacy policy is too vague, the Berlin regional court has ruled, upholding a complaint made by the Federation of German Consumer Associations (VZBV) in July 2012. The judgement is not yet final, though, and Google says it will appeal.

The VZBV had pointed out that that Google’s privacy policy was less than clear about what users could expect to happen with their data – Google “may” capture location data and “may” mix-and-match data from its various services, for example. Consumers are expected to give their consent to all this, but they can’t be certain what it is they’re consenting to.

The consumer rights group, which has successfully taken on the likes of Facebook as well as Google itself in the past, was also irked that Google reserves the right to change its terms and provisions unilaterally, without further consent from the user. On Tuesday, the court agreed, ruling that a whopping 25 clauses in Google’s terms of use and privacy policy were unlawful.

A Google spokesman said late Tuesday that the company would appeal, arguing that its terms and privacy policy are indeed lawful. If Google loses its appeal and doesn’t change the clauses, it could face fines of up to €250,000 ($338,500) per violation, which in this case means per clause.

According to the VZBV, Google has maintained that consumer advocates should not be able to sue over privacy policies as these do not fall under the category of “terms and conditions” (consumers have to agree to terms and conditions, but only say they’ve read the privacy policy). The advocacy group wants the new coalition government, the formulation of which is currently being negotiated, to fix that part of the law.

In case you’re wondering how this judgement came through covering 13 privacy policy clauses as well as 12 terms-and-conditions clauses, if the law says privacy policies aren’t actionable in the same way as terms and conditions are, then join the club. VZBV itself doesn’t know yet, as the court has not yet published its rationale, but a spokeswoman for the organization told me it may be because Google deliberately split off certain terms into the privacy policy in order to protect itself.

Google unified its privacy policies at the start of 2012 to allow it to do things like having Google Search pick up on the user’s YouTube activity. Europe’s data protection officials are not pleased about this.

This post was updated at 3.20am PT to explain technicalities of the case.

  1. As usual, German authorities treating its citizens as mentally incapable of making choices freely.

    Lets remember Germany’s government revenues through taxation represent +40% of its national GDP.

    If they are not ruling s*h*i*t like this, what are they going to waste tax-payers money in?

    Share
  2. Thanks David, I was going to put up news of this in English onto http://iubenda.com/blog.

    The court’s rationale is yet to be published, will be interesting to read the details.

    Share
  3. Jack N Fran Farrell Wednesday, November 20, 2013

    Terms and conditions should include security of personal data. Before that is assured and a log kept of those persons responsible and the purposes for which the data was unencrypted, privacy policy “Macht Nicht”.

    Share

Comments have been disabled for this post