Slippery Google greases up, aims to squirm out of EU privacy grasp

Will the huge advertising firm manage to spin its way free of the law?


Special Report Google is wriggling desperately to escape new European privacy rules that could force it to take some responsibility for what information it republishes in response to a given search – in particular a search of someone's name.

The European Parliament voted in favour of data protection reforms in March, which the EU's press office proudly proclaimed was "irreversible". But they may not be cemented in place if Google gets its way. The process is still open to amendments – and there's one amendment in particular that the Californian advertising giant would urgently like to add.

This involves removing the right of ordinary citizens to ask for irrelevant data that isn't in the public interest to be deleted from search engines. Google may find its long history of arrogance and disdain in dealing with European authorities a handicap here, no matter the amount of friendly commentary it manages to plant in the Anglophone media regarding the issue.

Last month the European Court of Justice ruled that Google was subject to European data protection laws – and must therefore take account of an individual's fundamental right to "a private life" – expressed in Article 8. The Court carefully explained that this was not some absolute "right to be forgotten", but had to be balanced against the public interest to know. The links to be removed would have to be old and irrelevant, and magnified by the search engine's reputational power into something unfair.

Sources suggest that Google will wait until an independent council of European data protection bods complete a review of the reforms - they met last week - before making its move. This process is called the Article 29 Working Party.

Why does Google care? It's a telling question. The gigantic advertising company can begin bouncing link-removal requests from citizens to the Information Commissioner's Office right away. Then Google can - if it's as serious as it claims to be about preserving its search results - appeal each and every ruling made by the ICO in favour of complainants. The multi-stage legal procedure takes around 18 months. So by around 2017 we could have a decent track record from which to decide whether a tweak to data protection legislation in Europe actually needs to be made.

But Google doesn't want that. It wants to be completely exempt from the law, and it wants to be so as soon as possible. The ads giant has launched a broad-based PR campaign pushing to "change the law", creating a false impression that it's being asked to make difficult decisions in vast numbers (in fact courts ultimately decide, not Google), and that the situation is burdensome for it (when in fact it can bounce all the complaints to the data protection registrar, and wait for the legal system to do all the work).

Google has announced a hand-picked team of five "advisors" with which it would consult on this matter. One of them, Wikipedia co-founder Jimmy Wales (who now lives in the UK), appeared on TV recently to give a highly misleading interpretation of the ECJ ruling - one which flatly contradicted the text handed down by the court. Sadly, he did so without challenge from the BBC host, Andrew Marr, who introduced him as "one of the internet's undisputed legends" and "founder of the era-defining encyclopaedia, Wikipedia".

In fact, the CJEU ruling states that the decision will indeed be left to the courts and judges. In plain English, the Court explained:

The Court points out that the data subject may address such a request directly to the operator of the search engine (the controller) which must then duly examine its merits. Where the controller does not grant the request, the data subject may bring the matter before the supervisory authority or the judicial authority so that it carries out the necessary checks and orders the controller to take specific measures accordingly ...

Wales was dissembling when he claims Google is being forced to make ethical interpretations typically made by judges.

Academics are also helping to lobby for Google's desired change in the law. In an interview with us, another of Google's five Advisors on the issue, Professor Luciani Floridi, also called for changes to the law. But he declined to suggest what kind of change that might be.

"To be honest I do not know why Google has taken the steps it has taken to putting that form online and organising that advisory committee," Florini told us. But everything pointed to a legal change.

"Some improvements could be made," Floridi told us. "The current legislation we have is a bit strained."

How, exactly?

"I'd really rather not comment."

We now have two of the five advisors Google appointed pressing for a change in the law - and long before 2017, when lawmakers could consider a Europe-wide change in the law on the basis of real evidence.

Similar topics

Broader topics


Other stories you might like

  • Deepfake attacks can easily trick live facial recognition systems online
    Plus: Next PyTorch release will support Apple GPUs so devs can train neural networks on their own laptops

    In brief Miscreants can easily steal someone else's identity by tricking live facial recognition software using deepfakes, according to a new report.

    Sensity AI, a startup focused on tackling identity fraud, carried out a series of pretend attacks. Engineers scanned the image of someone from an ID card, and mapped their likeness onto another person's face. Sensity then tested whether they could breach live facial recognition systems by tricking them into believing the pretend attacker is a real user.

    So-called "liveness tests" try to authenticate identities in real-time, relying on images or video streams from cameras like face recognition used to unlock mobile phones, for example. Nine out of ten vendors failed Sensity's live deepfake attacks.

    Continue reading
  • Lonestar plans to put datacenters in the Moon's lava tubes
    How? Founder tells The Register 'Robots… lots of robots'

    Imagine a future where racks of computer servers hum quietly in darkness below the surface of the Moon.

    Here is where some of the most important data is stored, to be left untouched for as long as can be. The idea sounds like something from science-fiction, but one startup that recently emerged from stealth is trying to turn it into a reality. Lonestar Data Holdings has a unique mission unlike any other cloud provider: to build datacenters on the Moon backing up the world's data.

    "It's inconceivable to me that we are keeping our most precious assets, our knowledge and our data, on Earth, where we're setting off bombs and burning things," Christopher Stott, founder and CEO of Lonestar, told The Register. "We need to put our assets in place off our planet, where we can keep it safe."

    Continue reading
  • Conti: Russian-backed rulers of Costa Rican hacktocracy?
    Also, Chinese IT admin jailed for deleting database, and the NSA promises no more backdoors

    In brief The notorious Russian-aligned Conti ransomware gang has upped the ante in its attack against Costa Rica, threatening to overthrow the government if it doesn't pay a $20 million ransom. 

    Costa Rican president Rodrigo Chaves said that the country is effectively at war with the gang, who in April infiltrated the government's computer systems, gaining a foothold in 27 agencies at various government levels. The US State Department has offered a $15 million reward leading to the capture of Conti's leaders, who it said have made more than $150 million from 1,000+ victims.

    Conti claimed this week that it has insiders in the Costa Rican government, the AP reported, warning that "We are determined to overthrow the government by means of a cyber attack, we have already shown you all the strength and power, you have introduced an emergency." 

    Continue reading

Biting the hand that feeds IT © 1998–2022