Google has been accused of breaching one of the General Data Protection Regulation’s (GDPR) principles surrounding consent that requires companies to provide a specific purpose for collecting and processing user personal data.
In a complaint [PDF] filed to the Irish Data Protection Commission (DPC), Chromium-based browser Brave alleges that Google’s privacy policy infringes the GDPR “purpose limitation” principle as it “does not transparently and explicitly specify the purposes for which the data is collected and processed”.
The GDPR’s purpose limitation principle requires organisations to only collect and process personal data for a narrow purpose that must be explicitly expressed to consumers.
Labelling Google’s privacy policies as “hopelessly vague and unspecific”, Brave chief policy and industry relations officer Johnny Ryan said Google’s reasons for collecting data and allegedly limiting detail about how the information is used – such as “developing new services” – resemble examples of bad practices that have been drawn out by the GDPR.
Ryan also alleges that while Google provides personalised ads for users based on their interests, it has limited information regarding the purposes of processing and why users are seeing a certain ad.
https://www.zdnet.com/article/brave-accuses-google-of-using-vague-privacy-policies-that-breach-gdpr/#ftag=RSSbaffb68
origin - https://www.pipiscrew.com/2020/03/brave-accuses-google-of-using-hopelessly-vague-privacy-policies-that-brea/ brave-accuses-google-of-using-hopelessly-vague-privacy-policies-that-breach-gdpr