Consumer groups from seven European countries, including Poland and Netherlands, have filed GDPR complaints against Google’s location tracking which is in violation of the bloc’s new privacy laws. Members of The European Consumer Organisation (BEUC), each of the countries claim that Google’s “deceptive practices” around location tracking deprive users of exercising a real choice about enabling it, while Google fails to, at the same time, properly inform users about what the tracking entails. If upheld, the complaints could lead to Google having to pay a hefty fine. Google is facing a similar charge in the US, where the search engine giant has been accused of tracking phone users irrespective of privacy settings.
The consumer groups, in the Czech Republic, Greece, Norway, Slovenia, and Sweden, have each filed complaints with their respective national data protection authorities, reports a research by their Norwegian counterpart. Consumer lobby the European Consumer Organisation (BEUC) have alleged that Google uses various methods to encourage users to enable the settings ‘location history’ and ‘web and app activity’ integrated into all Google user accounts.
BEUC, speaking on behalf of the countries’ consumer groups, has said, “These unfair practices leave consumers in the dark about the use of their personal data. These practices are not compliant with the General Data Protection Regulation (GDPR), as Google lacks a valid legal ground for processing the data in question. In particular, the report shows that users’ consent provided under these circumstances is not freely given.”
Location History is turned off by default, and you can edit, delete, or pause it at any time. If it’s on, it helps improve services like predicted traffic on your commute. If you pause it, we make clear that – depending on your individual phone and app settings – we might still collect and use location data to improve your Google experience. We’re constantly working to improve our controls, and we’ll be reading this report closely to see if there are things we can take on board. – Google spokesperson
Google is neither the only nor the first tech giant facing a major GDPR complaint. Earlier this year, the Irish data privacy commissioner said it would be investigating Facebook over a security breach affecting more than 29 million accounts. Being a new piece of legislation, enacted in May, GDPR violations remain relatively untested in courts so it’s unclear exactly how strong of a case the seven consumer groups have. If successful, GDPR states that Google might be liable to pay a fine of up to four percent of its global revenues, an approximate amount of $4 billion based on its 2017 filings.