Serial privacy violator Google may face fines in the millions of dollars in Europe as six countries Tuesday opened formal investigations into how Google combined its privacy and data policies last year without bothering to seek users' consent.
The actions by France, Britain, Germany, the Netherlands, Italy and Spain came as Google refused to make changes in privacy policies requested by a group of European data protection authorities.
For the Internet giant, such fines are rapidly becoming a cost of doing business — and a rather trivial one at that. As the Associated Press pointed out, the French privacy watchdog CNIL can fine a company a maximum of 300,000 euros ($385,000). Based on a projected revenue of $61 billion this year, it earns 300,000 euros in about three minutes. The Brits could impose a fine of up to 500,000 pounds ($750,000).
Maybe with this constant drip, drip of privacy violations Google executives will come to their senses and realize the company runs the risk of losing users' trust with a seriously negative impact on business. For now that doesn't seem to be the case. "Our privacy policy respects European law and allows us to create simpler, more effective services," said Google spokesman Al Verney after the investigations were announced.
In other words Google knows what's right and it's whatever the company decides to do. After all, their motto is "Don't be evil," so how could anything they do be wrong?
Let's review what's happened. A year ago Google announced that it would combine data and privacy policies across its many services. Google said this would make the user experience simpler and more intuitive. Google didn't point out that it would make the data gathered about users more valuable and fatten its bottom line. Those digital dossiers it compiles about us is how we are sold to Google's advertisers. Remember you're Google's product, not it's customer.
Noting that Google didn't ask permission before combing users' information, Europe's Data Commissioners launched a joint investigation, led by France. In October they said the new policy is a "high risk" to privacy, but didn't declare it illegal. They gave Google until February to make changes. Responding with its usual arrogant manner, Google refused.
"Regulators in six states have begun the process of looking at penalties, and each must now act based on national law," Isabelle Falque-Pierrotin, CNIL's president, told Bloomberg News. "We have put in place a countdown for Google now. Promises to change will no longer be enough."
Technically the six data authorities could block Google from operating in their respective countries, but I doubt that will happen. I fear this is the most likely outcome: Simply put, Google is arrogant. They have become a serial privacy violator and see the relatively minuscule fines they have faced as a mere cost of doing business. They violate your privacy, say it was a mistake, claim they care about privacy, occasionally pay a token fine and carry on with business as usual until the next violation when they cycle begins anew.
Maybe the Europeans can break the cycle, but I'm not optimistic.
