Automated scan indicates shortcomings in privacy policy 14 tech companies

The BEUC a European umbrella organization for consumer groups, has automated research into the privacy policy of fourteen tech companies, including Google, Apple and Facebook. The conclusion is that these failures in the light of privacy law AVG

According to BEUC that the research carried out in collaboration with the European University Institute, the privacy policy of Google, Facebook, Amazon, Apple, Microsoft , WhatsApp, Twitter, Uber, Airbnb,, Skyscanner, Netflix, Steam and Fortnite-maker Epic Games. The companies are selected based on the popularity of their services. The research took place in June with an ‘ai-bot’ named Claudette who uses machine learning to set the privacy policy of the companies along the yardstick of a ‘golden standard’ and identifies problematic passages. BEUC comes to the conclusion that eleven percent of all sentences in the texts contain unclear language and that about a third provides insufficient information or is otherwise ‘potentially problematic’.

The organization writes that the general data protection regulation , which has been in force since the end of May, requires that privacy policy includes all necessary information and is written in comprehensible language. In addition, the processing of personal data mentioned in the policy must actually be lawful. BEUC chairman Monique Goyens says: “A little more than a month after the AVG has become applicable, the privacy policy of many companies may not comply with the norm of the law, which is very worrying, and it is crucial that the enforcement authorities study this issue further. “

For example, the privacy policy of Amazon would miss a lot of information . This is also the case with Google ; the analysis also points to ‘problematic processing’ of personal data. Amazon reacts to The Guardian on the findings and states that protecting the privacy of users ‘always has the highest priority’ and that the company has recently created a new privacy page where all institutions can be found to be. Google states in its response that it has adjusted its privacy policy to the requirements of the AVG and that it uses clear language. In addition, it would provide explanations in illustrations and videos and would give users control over their settings.

BEUC wants to inform the European Data Protection Board about the findings. Recently, a Norwegian consumer organization published a critical report about the privacy menus of Google, Facebook and Microsoft, in which it stated that the companies use ‘dark patterns’ to entice people into less privacy-friendly settings.