- Digital Identity Summit 2017: Brian Krebs Named as Keynote as Call for Speakers and Award Nominations Open
- Top 5 Reasons to Vote ThreatMetrix for the MRC People’s Choice Technology Award!
- Organized Fraud Rings Target Online Lenders and Emerging Financial Services, Reveals New ThreatMetrix Report
- ThreatMetrix Momentum Accelerates for Full Year 2016
- Digital Identity Summit 2017 Expands into Hong Kong, London and San Francisco
“In Dutch,” a moderately arcane idiom meaning “in trouble,” describes what Google has gotten itself into in The Netherlands by combining data from its many diverse services (YouTube, Gmail, etc.).
Reuters reports that after a seven-month investigation, the Dutch Data Protection Authority (DPA) requested a meeting with Google after which it would consider taking action including levying fines.
In the Reuters’ piece, Thomas Escritt explains:
The Dutch decision reflects concerns across Europe about the volume of personal data that is held in foreign jurisdictions [cloud] storage services… instead of on-site, giving individuals little control over their personal information.
Privacy campaigners have also pointed to documents leaked by the former CIA technician and National Security Agency contractor Edward Snowden that suggest U.S. intelligence services have access to material stored in U.S.-based cloud services.
“Google spins an invisible web of our personal data, without consent,” said Jacob Kohnstamm, the chairman of the DPA. “That is forbidden by law.”
In March 2012, Google unilaterally imposed new terms of service on users of all its cloud services, which include the YouTube video streaming site, the GMail email service, and the ubiquitous Google search engine. That decision triggered privacy investigations in six European countries, though the fines regulators can typically impose are modest.
In France, the maximum fine is 300,000 euros ($408,000). In a previous Dutch case involving the gathering of data from WiFi networks, a [spokesperson] for the agency said Google – which has a market capitalization of over $350 billion – could have been fined up to 1 million euros [$1,358.300] if it had not subsequently complied.
“Google does not properly inform users which personal data the company collects and combines, and for what purposes,” the DPA said in a statement.
The report said it was “almost impossible” for a Dutch Internet user not to interact with Google “be it via Search, YouTube or Maps, or passively through third-party websites”.