Sharing is caring...for Google, but not for Europe
In neither case was the user informed of this policy change. This provoked a rather stern response from the CNIL (the French data protection commissioner).
As of 11 October Microsoft has made the same privacy change, although the reaction hasn’t been quite so vitriolic – still it is worth re-iterating the point. Evidently this raises a number of privacy and data protection issues.
Google’s business model – the selling of ads targeted at an individual’s behaviour relies on browsing information from visitors. The new policy agreement prevents users from opting out unless they refrain from using Google entirely.
Users visiting a site which displays one of Google’s “+1″ buttons is recorded and kept for up to 18 months and can be associated with other data from other Google services. Data collected is then associated with a unique identifying number and stored by Google for two years – which can be renewed without consultation. This data is then used as the basis for targeted advertising.
Ultimately, Europe wants Google and Microsoft (and others), to provide users with the option to decide when their data is used for combined services and to give control over that data. The regulators also want to centralise the opt-out and decide which bits of personal data go where. Google and no doubt Microsoft are mulling-over the European proposal.
In the meantime companies who have accrued large banks of users or customers have a limited window from which to commercialise and sell their lists before the European Union data protection regulation applies.