Offener Brief an Google: Unterschied zwischen den Versionen

Aus Freiheit statt Angst!
Zur Navigation springen Zur Suche springen
 
K (hat „intern:Offener Brief an Google“ nach „Offener Brief an Google“ verschoben: Ein offener Brief im internen Bereich???)
 
(32 dazwischenliegende Versionen von 12 Benutzern werden nicht angezeigt)
Zeile 1: Zeile 1:
=Info=
+
<!--Berlin, 17 June 2007
Entwurf von Jan.
 
Bitte lesen, diskutieren, ausführen, verbessern.
 
 
 
=Brief=
 
 
 
Berlin, 17 June 2007
 
 
 
  
 
Mr Peter Fleischer
 
Mr Peter Fleischer
  
 
Privacy Counsel
 
Privacy Counsel
 
  
 
Google
 
Google
Zeile 19: Zeile 11:
 
F-75002 Paris
 
F-75002 Paris
  
Sent via email: pfleischer@google.com
+
Sent via email: pfleischer@google.com -->
 
 
  
 
Dear Mr Fleischer,
 
Dear Mr Fleischer,
  
in your June 10 letter
+
in your letter dated June 10th [1] to the Chairman of Article 29 Working Party, Mr Peter Schaar, you claim
[http://64.233.179.110/blog_resources/Google_response_Working_Party_06_2007.pdf]
 
to the Chairman of Article 29 Working Party, Mr Peter Schaar, you claim
 
 
that data protection is one of Google's main interests. We appreciate
 
that data protection is one of Google's main interests. We appreciate
your efforts in improving protection of your customer's privacy,
+
your willingness to improve protection of your customers privacy. Even so we
especially reducing the data retention period to 18 months. Even so we
+
are strongly concerned about Google's ongoing violation of European law.
are strongly concerned about Google still violating applicable law of
 
European countries.
 
  
 
You argue that it would not be possible to preserve your interests in
 
You argue that it would not be possible to preserve your interests in
 
security, innovation and fraud-resistance without storing personal data
 
security, innovation and fraud-resistance without storing personal data
like IP addresses, search logs and user behaviours for at least 18
+
such as IP addresses, search logs and user behaviour for a minimum of 18
months. We recognise the difficulty of finding a way that both honours
+
months at least. However in a democratic society it is up to Parliament and not commercial enterprises to balance the users' and the providers' needs.
Google's needs and respects privacy protection considerations on the
 
other hand. However to come to a compromise in this question belongs not
 
to Google's area of responsibility, but is the task a democratic
 
legislative.
 
  
For example German law specifically prohibits data retention as long as
+
For example German law specifically prohibits the retention of personal data unless it is needed for billing purposes. As most services offered by Google are free of charge, storing personal data obtained from these services is therefore illegal. Local laws are applicable to Google, and the
the information is not needed for accounting purposes. Therefore storing
 
personal data is illegal for most services offered by Google as they are
 
largely free of charge. Local laws are applicable for Google and the
 
 
level of data protection should follow the laws of the country with the
 
level of data protection should follow the laws of the country with the
strictest privacy protection.
+
strictest protection of privacy.
  
We fully accord with your questions related to the EU Data Retention
+
We do fully accord with your questioning of the EU Data Retention
Directive. As long as it is unclear how member states will implement
+
Directive. However, the directive is limited to E-Mail, Message Services and VoIP services on the Internet and does not apply to your search engine, for example. There is no reason why Google should bow to obligations that do not exist.
this directive there dominates uncertainty. But until then only current
 
laws are applicable. There is no reason why Google should bow to
 
obligations that do not exist. Additionally Ireland and Slovakia filed a
 
lawsuit against the Data Retention Directive at European Court of
 
Justice. It is still unsure if EU member states will have to implement
 
standardised data retention at all.
 
  
Further you give some concrete samples why data retention is necessary
+
You give examples of why data retention is supposed to be necessary
for operation of Google services. Of course analysing user trends is the
+
for the operation of Google services. Of course analysing user trends may be necessary for software like Google Spell Checker, but anonymised data would
basis for software like Google Spell Checker, but anonymised data would
+
be absolutely sufficient for this purpose. Additionally, the
absolutely be sufficient to fulfil this task. Additionally, the
+
protection of your servers against criminal attacks does not justify a
protection of your servers against criminal attacks does not need such a
+
blanket collection of personal data of all customers. Retaining data on a case by case basis is sufficient as demonstrated by several large websites in Germany that have long operated without logging any personally identifiable data. In any case, the retention of data does not, by itself, prevent or stop attacks. Moreover, dealing with fraud is the business
widespread collection of personal data: retention of a few weeks
+
of public prosecutors, not of private companies. Prosecutors may order the collection and preservation of data when needed.
logfiles would be enough. Moreover, dealing with fraud is the business
 
of criminal prosecution, not every single company ones.
 
  
At last we want to remember how dangerous obsessive data retention
+
Finally, we would like to remind you of how dangerous extensive data collection
potentially can be. As a worldwide operating company Google should now
+
can potentially be. As a world-wide operating company, Google should be well aware that not all countries in the world are democracies. Data
that not all countries are democracies as EU states and USA are. Data
+
collected by private companies can be and is being abused by
collected by private companies could be and still are being abused by
 
 
totalitarian regimes. We wonder how it is possible to pervasively filter
 
totalitarian regimes. We wonder how it is possible to pervasively filter
Google search results for Chinese users if anonymising search strings
+
Google search results for Chinese users while anonymising search strings
compromises operation of Google services.
+
is supposed to compromise the operation of Google services. Furthermore we know that intelligence agencies - even in democratic societies - use (or more accurately abuse) the data you collect in order to spy on human rights or environmental NGOs, on legitimate protest groups and local activists. The only way to prevent abuse is to refrain from collecting personally identifiable data in the first place.
 +
 
 +
For the time being, you should at least consider opening anonymous gateways to your services such as the Google search engine. We are confident that offering services without retaining identifiable data during a test phase will convince you that the security of your services will not be compromised. It may even generate business from users who currently refuse using your services because of your blanket retention practices. [2]
 +
 
 +
Concluding, we demand you stay loyal to your company motto: Don't be evil. Prevent human rights violations by not storing personally identifiable data of your users!
 +
 
 +
Sincerely,<br>
 +
Working Group on Data Retention
 +
 
 +
[1] http://64.233.179.110/blog_resources/Google_response_Working_Party_06_2007.pdf<br>
 +
[2] http://www.privacyinternational.org/issues/internet/interimrankings.pdf
 +
 
 +
==Pressemitteilung==
 +
''Siehe:'' [[Internetnutzer kritisieren Googles Datenhunger und fordern anonyme Nutzungsmöglichkeit]]
 +
 
  
Sincererly,
+
[[Kategorie:English]]
xyz
+
[[Kategorie:Google]]
 +
[[Kategorie:Offene Briefe]]

Aktuelle Version vom 17. Dezember 2008, 15:42 Uhr


Dear Mr Fleischer,

in your letter dated June 10th [1] to the Chairman of Article 29 Working Party, Mr Peter Schaar, you claim that data protection is one of Google's main interests. We appreciate your willingness to improve protection of your customers privacy. Even so we are strongly concerned about Google's ongoing violation of European law.

You argue that it would not be possible to preserve your interests in security, innovation and fraud-resistance without storing personal data such as IP addresses, search logs and user behaviour for a minimum of 18 months at least. However in a democratic society it is up to Parliament and not commercial enterprises to balance the users' and the providers' needs.

For example German law specifically prohibits the retention of personal data unless it is needed for billing purposes. As most services offered by Google are free of charge, storing personal data obtained from these services is therefore illegal. Local laws are applicable to Google, and the level of data protection should follow the laws of the country with the strictest protection of privacy.

We do fully accord with your questioning of the EU Data Retention Directive. However, the directive is limited to E-Mail, Message Services and VoIP services on the Internet and does not apply to your search engine, for example. There is no reason why Google should bow to obligations that do not exist.

You give examples of why data retention is supposed to be necessary for the operation of Google services. Of course analysing user trends may be necessary for software like Google Spell Checker, but anonymised data would be absolutely sufficient for this purpose. Additionally, the protection of your servers against criminal attacks does not justify a blanket collection of personal data of all customers. Retaining data on a case by case basis is sufficient as demonstrated by several large websites in Germany that have long operated without logging any personally identifiable data. In any case, the retention of data does not, by itself, prevent or stop attacks. Moreover, dealing with fraud is the business of public prosecutors, not of private companies. Prosecutors may order the collection and preservation of data when needed.

Finally, we would like to remind you of how dangerous extensive data collection can potentially be. As a world-wide operating company, Google should be well aware that not all countries in the world are democracies. Data collected by private companies can be and is being abused by totalitarian regimes. We wonder how it is possible to pervasively filter Google search results for Chinese users while anonymising search strings is supposed to compromise the operation of Google services. Furthermore we know that intelligence agencies - even in democratic societies - use (or more accurately abuse) the data you collect in order to spy on human rights or environmental NGOs, on legitimate protest groups and local activists. The only way to prevent abuse is to refrain from collecting personally identifiable data in the first place.

For the time being, you should at least consider opening anonymous gateways to your services such as the Google search engine. We are confident that offering services without retaining identifiable data during a test phase will convince you that the security of your services will not be compromised. It may even generate business from users who currently refuse using your services because of your blanket retention practices. [2]

Concluding, we demand you stay loyal to your company motto: Don't be evil. Prevent human rights violations by not storing personally identifiable data of your users!

Sincerely,
Working Group on Data Retention

[1] http://64.233.179.110/blog_resources/Google_response_Working_Party_06_2007.pdf
[2] http://www.privacyinternational.org/issues/internet/interimrankings.pdf

Pressemitteilung

Siehe: Internetnutzer kritisieren Googles Datenhunger und fordern anonyme Nutzungsmöglichkeit

Abgerufen von „http://wiki.vorratsdatenspeicherung.de/index.php?title=Offener_Brief_an_Google&oldid=77588