Today, EU privacy regulators--led by the French Data Protection Office CNIL--and joined by Canada and several Asia Pacific countries, told Google it had to fundamentally revise its approach to how it treats privacy (letter attached). Speaking truth to digital power, the EU explained that Google had violated provisions of its data protection law and now had to make fundamental changes. Google, they said, needed to be honest with users about what data was collected and why. It has to provide greater layers of information, transparency and control to its EU users---including involving the use of "sensitive" information such as "location, credit card data, unique device identifiers...biometics," as well as with mobile phone use. In its letter today, EU regulators Article 29 Working Party explained that:
In this era of Big Data, citizens and consumers have become helpless fodder for a powerful data profiling and tracking apparatus that threatens our privacy. Today's decision by the EU on Google is a much needed `truth to digital power' wake-up call. We need principled regulators to rein in practices that may make money--but have too large a social and political cost.