Google is in the firing line after it’s come to light that they haven’t been completely transparent with how they’re using user data.
Italy’s competition and consumer watchdog has launched an investigation into Google’s methods for obtaining user consent to link activities across its services. Which, is essential for ad profiling. The watchdog suspects these practices may constitute “unfair commercial practices.” It could be a big issue for Google if that’s the case.
Background
Google’s consent practices
The investigation focuses on how Google gathers user consent in the EU. To link activities across apps like Google Search, YouTube, Chrome, and Maps. This linkage allows Google to create detailed profiles for targeted advertising. A primary revenue source for the company. Users should be informed of any apps linking together to collect their data.
Italian AGCM’s concerns
The AGCM’s main issue is that Google’s consent requests might be misleading and aggressive. They claim users receive inadequate, incomplete, and potentially misleading information, which could affect their consent choices. Often, users will find themselves likely to agree to access that they might otherwise decline, due to feeling backed into a corner.
Google’s response
In response to the investigation, a Google spokesperson stated the company will cooperate with the Italian authorities and analyse the details of the case. Once an investigation has been launched, it should become clear whether Google have breached any rights. Or violated user’s consent choices in any kind of way.
Regulatory context
Digital markets act (DMA)
Since March, Google has been under the EU’s Digital Markets Act (DMA), which applies to major internet “gatekeepers” like Meta, Amazon, and Microsoft. The DMA requires these companies to obtain clear consent before processing personal data for ads or combining data from different services.
Broader implications
The AGCM’s probe may be filling a gap left by the European Commission (EC). Which is also investigating Google under the DMA but focusing on different issues like self-preferencing in search and anti-steering in Google Play.
Key points
- Lack of Transparency: The AGCM alleges that Google isn’t transparent about the effects of linking user accounts.
- Inadequate Information: The regulator believes Google doesn’t fully explain the range of services affected by data combination and the options for limiting consent.
Compliance with GDPR
The DMA mandates that consent practices comply with the General Data Protection Regulation (GDPR). Which requires that consent be “freely given, specific, informed, and unambiguous.” This includes presenting consent requests clearly and intelligibly.
Italy’s investigation highlights ongoing concerns about Google’s data practices and the need for transparency and compliance with EU regulations. As the investigation proceeds, it will be crucial for Google to address these issues to maintain trust and comply with legal standards.
