Tuesday, April 20, 2010

Privacy guardians warn multinationals to respect laws

International data protection regulators are meeting in Washington, DC and are planning to hold a press conference this afternoon. Here is the announcement they have released to the media:

Privacy guardians warn multinationals to respect laws

WASHINGTON, DC, April 20, 2010 /PRNewswire via COMTEX/ -- Ten data protection authorities from around the world say Google Inc. and other international corporations are overlooking privacy values and legislation when they launch new online products.

EDITORS NOTE: The heads of some of the data protection authorities that signed the joint letter to Google Inc. will host a press conference today in Washington, D.C., where the International Association of Privacy Professionals is holding its annual global summit. Journalists outside of Washington may listen in via teleconference. Details are provided below.

Privacy Commissioner of Canada Jennifer Stoddart and several international counterparts have issued a joint letter directing Google Inc. and other international corporations to respect the privacy rights of people around the globe.

"While we hear corporations such as Google pay lip service to privacy, we don't always see this reflected in the launch of new products," says Commissioner Stoddart.

"As part of an unprecedented collaboration, data protection authorities representing over 375 million people in 10 countries are speaking with a common voice to remind these organizations that they must comply with the privacy laws of each country where they roll out online products and services."

Commissioner Stoddart was among the signatories to a joint letter to Google Chief Executive Officer Eric Schmidt expressing deep concern about his company's privacy practices, particularly in relation to the recent launch of its social network, Google Buzz.

The letter, signed by the heads of data protection authorities in Canada, France, Germany, Ireland, Israel, Italy, the Netherlands, New Zealand, Spain and the United Kingdom, stated:

(W)e are increasingly concerned that, too often, the privacy rights of the world's citizens are being forgotten as Google rolls out new technological applications. We were disturbed by your recent rollout of the Google Buzz social networking application, which betrayed a disappointing disregard for fundamental privacy norms and laws. Moreover, this was not the first time you have failed to take adequate account of privacy considerations when launching new services.

The data protection authorities go on to note that the privacy problems associated with the initial global rollout of Google Buzz in February should have been "readily apparent" to the company.

Google Mail, or Gmail, had been a private, one-to-one web-based e-mail service, but was abruptly melded with a new social networking service. Google automatically assigned users a network of "followers" from among people with whom they corresponded most often on Gmail, without adequately informing those users about how this new service would work or providing sufficient information to permit informed consent.

These actions violated the fundamental, globally accepted privacy principle that people should be able to control the use of their personal information.

Gmail users - understandably concerned that their personal information was being disclosed - were highly critical of the new service. In response, Google apologized and quickly introduced changes to address the widespread criticism.

Previously, Google has raised significant privacy concerns in many countries with the launch of its Street View service, which displayed images of street scenes on the Internet.

In the letter, the data protection authorities recognized that Google is not the only online company that has introduced services with inadequate protections for privacy. However, they urged Google to set an example "as a leader in the online world."

"We therefore call on you, like all organizations entrusted with people's personal information, to incorporate fundamental privacy principles directly into the design of new online services."

The letter makes specific recommendations for enhancing privacy protections and asks Google to explain how it will comply with national privacy laws in the future.

The Privacy Commissioner of Canada is mandated by Parliament to act as an ombudsman, advocate and guardian of privacy and the protection of personal information rights of Canadians.

No comments: