BERLIN — A German privacy regulator fined Google
€145,000 on Monday for its systematic, illegal collection of personal
data while it was creating its Street View mapping service, and it
called on European lawmakers to significantly raise fines for violations
of data protection laws.
The data protection supervisor in the German city-state of Hamburg,
Johannes Caspar, said the fine, which was close to the €150,000 maximum
he could legally levy, was woefully inadequate to stop the data
practices of corporations as large as Google.
The fine levied by Mr. Caspar, the largest assessed so far by European
regulators in Europe over the practice, amounts to 0.002 percent of
Google’s $10.7 billion in 2012 net profit.
“As long as violations of data protection law are penalized with such
insignificant sums, the ability of existing laws to protect personal
privacy in the digital world, with its high potential for abuse, is
barely possible,” Mr. Caspar said.
In 2010, Mr. Caspar’s agency became the first to uncover Google’s
collection of the data from Wi-Fi routers in Germany, and the company
acknowledged that it had also collected similar data around the world,
prompting an uproar from Washington to Hong Kong.
Google characterized the collection as inadvertent and the result of a
programmer’s error. Fragments of personal e-mails, photographs and other
unencrypted digital data were collected by Google’s fleet of Street
View automobiles as they passed by homes compiling panoramic maps that
cover about five million miles of roadway in 49 countries.
Peter Fleischer, the Google global privacy counsel, reiterated the
company’s regrets, and said Google had taken internal steps to make sure
the violations were not repeated.
“We work hard to get privacy right at Google,” Mr. Fleischer said in a
statement. “But in this case we didn’t, which is why we quickly
tightened up our systems to address the issue.”
The Google project leaders had inadvertently collected the data, he
reiterated. “We never wanted this data, and didn’t use it or even look
at it,” Mr. Fleischer said. “We cooperated fully with the Hamburg D.P.A.
throughout its investigation.”
Google said it would not appeal the fine.
The disclosures set off a series of investigations by regulators around
the world, most of which were settled by Google with a simple apology or
with fines that were considered trivial for the world’s biggest
Internet search company.
In March, Google agreed to pay a fine of $7 million and to aggressively
police its own employees on privacy issues to settle a lawsuit brought
by 38 states in the United States. In Europe, Ireland and Britain
dropped their inquiries and did not impose fines after Google agreed to
delete data illegally collected in their countries.
The French regulator, the National Commission on Computing and Liberty,
fined Google €100,000 in 2011. The lone criminal investigation to result
from the incident, initiated by the state prosecutor in Hamburg, was
closed without charges being brought last year.
Privacy law is enforced at the national level in the European Union.
The top E.U. privacy body, the Article 29 working group, is an advisory
committee to the European Commission and does not have the legal power
to levy fines.
Mr. Caspar, the Hamburg privacy regulator, called on European lawmakers
who are considering revisions to the main data protection law for the
27-nation European Union to allow for fines of up to 2 percent of a
company’s annual sales. Based on Google’s revenue last year, the maximum
fine could have totaled $1 billion.
Mr. Caspar described the proposed 2 percent penalty for data protection
violations as “economically significant.” European lawmakers are not
expected to complete their deliberations on the privacy revisions until
next year at the earliest.
SOURCE : http://www.nytimes.com/2013/04/23/technology/germany-fines-google-over-data-collection.html
0 comments:
Post a Comment