Apple and Google have each been fined €10 million by Italy’s antitrust agency for “aggressive” data practises and for failing to provide users with clear information on commercial uses of their personal data during the account creation phase.
“Google and Apple did not provide clear and immediate information on the acquisition and use of user data for commercial purposes,” the Autorita Garante della Concorrenza e del Mercato (AGCM) said, adding that the tech companies chose to emphasise data collection as only necessary to improve their own services and personalise user experience without offering any indication that the data could be transferred and used for other reasons.
The issues revolve on how the firms omit key information when opening an account and using their services, details that the authority claims are necessary for making an educated decision about whether or not to give permission for commercial use of their data.
Backups to GitHub are made automatically.
The AGCM stated that the lack of express user consent not only pre-determines users’ agreement, but also allows Apple and Google to subject the generated data to various types of processing without providing a means for customers to confirm or amend their decision to share their personal data.
“This Apple-designed acquisition architecture makes it impossible to exercise one’s will over the use of one’s data for commercial reasons,” the regulator said. “As a result, the consumer is conditioned in their consumption choices and consents to the transfer of personal information, which Apple can use for its own purposes.”
In the wake of a backlash from privacy advocates, advertisers, and publishers, the UK’s Competition and Markets Authority (CMA) announced on Friday that it has secured additional oversight into Google’s ongoing development of Privacy Sandbox proposals to move away from third-party cookies in its Chrome web browser.
To that end, the CMA claims that Google has offered to “address concerns about Google removing functionality or information before the full Privacy Sandbox changes, including delaying enforcement of its Privacy Budget proposal and offering commitments around the introduction of measures to reduce access to IP addresses,” according to the CMA.