- CyberCrime Center
December 4, 2013
“In Dutch,” a moderately arcane idiom meaning “in trouble,” describes what Google has gotten itself into in The Netherlands by combining data from its many diverse services (YouTube, Gmail, etc.).
Reuters reports that after a seven-month investigation, the Dutch Data Protection Authority (DPA) requested a meeting with Google after which it would consider taking action including levying fines.
In the Reuters’ piece, Thomas Escritt explains:
The Dutch decision reflects concerns across Europe about the volume of personal data that is held in foreign jurisdictions [cloud] storage services… instead of on-site, giving individuals little control over their personal information.
Privacy campaigners have also pointed to documents leaked by the former CIA technician and National Security Agency contractor Edward Snowden that suggest U.S. intelligence services have access to material stored in U.S.-based cloud services.
“Google spins an invisible web of our personal data, without consent,” said Jacob Kohnstamm, the chairman of the DPA. “That is forbidden by law.”
In March 2012, Google unilaterally imposed new terms of service on users of all its cloud services, which include the YouTube video streaming site, the GMail email service, and the ubiquitous Google search engine. That decision triggered privacy investigations in six European countries, though the fines regulators can typically impose are modest.
In France, the maximum fine is 300,000 euros ($408,000). In a previous Dutch case involving the gathering of data from WiFi networks, a [spokesperson] for the agency said Google – which has a market capitalization of over $350 billion – could have been fined up to 1 million euros [$1,358.300] if it had not subsequently complied.
“Google does not properly inform users which personal data the company collects and combines, and for what purposes,” the DPA said in a statement.
The report said it was “almost impossible” for a Dutch Internet user not to interact with Google “be it via Search, YouTube or Maps, or passively through third-party websites”.
ThreatMetrix secures Web transactions against account takeover, payment fraud, identity spoofing, malware, and data breaches. The ThreatMetrix Global Trust Intelligence Network, which analyzes 500 million monthly transactions, provides context-based authentication and Web fraud prevention to help companies accelerate revenue, reduce costs and eliminate friction. ThreatMetrix protects more than 1,900 customers and 9,000 websites across a variety of industries, including financial services, enterprise, e-commerce, payments, social networks, government, and insurance. For more information, visit www.threatmetrix.com or call 1-408-200-5755.
Posted by Dan Rampe
Tags: Account Takeover, Account Takeover Fraud, Botnets, CNP fraud, Cookieless Device Identification, Cookies, Credit Card Fraud, Cyber attacks, Device Detection, Device Fingerprint, Device Fingerprinting, Device ID, Device Identification, Dutch Data Protection Authority, Fraud Prevention, Hacking, Identity Spoofing, Identity theft, Malware, Malware Detection, Malware Protection, Man-in-the-Browser Detection, MitB, Mobile fraud, Online Fraud, Phishing, Phishing Detection, PII, ThreatMetrix, ThreatMetrix Cybercrime Index, ThreatMetrix Global Trust Intelligence Network, ThreatMetrix Web Fraud Map, TrustDefender Cybercrime Protection Platform, Web Fraud