Facebook, Google, Amazon and other tech giants could be non-compliant with GDPR, claims EU consumer group

clock • 2 min read

AI GDPR compliance tool could be used to web crawl for non-compliant privacy policies

The European Consumer Organisation (BEUC) has claimed that Amazon, Facebook and Google are among 14 of the world's biggest online and technology companies could be non-compliant with GDPR.

It claims to have built its own tool, called Claudette, that uses artificial intelligence to interpret the documents and conduct an automated analysis of the companies privacy policies. Only Amazon, Facebook and Google have been named of the 14 that the BEUC claims are non-compliant.

Other organisations privacy policies it examined, though, included Apple, Microsoft, Twitter, Uber, WhatsApp, AirBnB, Netflix, Steam, Booking.com, Skyscanner and Epic Games, maker of the popular Fortnite game.

These companies were all targeted as major organisations that not only collect a lot of information on their users, but which should also be setting an example, the BEUC said.

"In total, all the policies amounted to 3,659 sentences (80,398 words). Of these, 401 sentences (11 per cent) were marked as containing unclear language, and 1,240 (33.9 per cent) contained ‘potentially problematic' clauses or clauses providing ‘insufficient' information," claimed the organisation in a statement.

"Our study suggests that the current privacy policies of online platforms and services still have a significant margin for improvement," concludes the report.

It continues: "None of the 14 analysed privacy policies gets close to meeting the standards put forward by the GDPR. Unsatisfactory treatment of the information requirements; large amounts of sentences employing vague language; and an alarming number of ‘problematic' clauses cannot be deemed satisfactory."

However, a next step, claims the organisation in its report, is to build the tool into a web crawler that can automatically analyse the privacy policies of any organisation.

"One could imagine a situation in which a web-crawler automatically traverses the web in search for privacy policies, scans them and communicates the results. On one hand, such a crawler could send information to the company… On the other, [it could] inform the civil society, the supervisory authorities, the press about its findings," suggested the report.

It suggests, too, that "civil society" could be equipped with the tool in order to conduct their own analyses of organisations' privacy policies and GDPR compliance. "When this is the case, they will leave no stone untouched, no policy unread, no infringement unnoticed," warns the BEUC.

The organisation's report also suggested that more legal force should be placed on privacy policies and argued that, as a first step, EU authorities should issue "clear guidelines on the form and contents" of organisations' privacy policies.

You may also like
Google announces €25mn investment in European AI skills

Skills

Company announces its AI Opportunity Initiative

clock 13 February 2024 • 2 min read
Gemini Advanced: Google launches subscription-based AI chatbot and app

Big Data and Analytics

Priced at $19.99 per month, Gemini Advanced gives users access to Google's most powerful AI model to date

clock 09 February 2024 • 2 min read
Open source originator: 'We have failed'

Open Source

Failing to pay developers has led to corporate takeover, says Bruce Perens

clock 07 February 2024 • 4 min read
Most read
01

Southern Water confirms customer data breach

14 February 2024 • 2 min read
03

Cisco: significant job cuts likely

13 February 2024 • 1 min read
05

AI charts a course for HMS Victory

14 February 2024 • 4 min read

Sign up to our newsletter

The best news, stories, features and photos from the day in one perfectly formed email.

More on Security

Bank of America admits data breach after supply chain hack

Bank of America admits data breach after supply chain hack

Customer info exposed

Tom Allen
clock 13 February 2024 • 2 min read
Breach exposes personal info in 'world's biggest casino' app

Breach exposes personal info in 'world's biggest casino' app

Casino owner tries to claim data was 'publicly accessible' on purpose

Vikki Davies
clock 12 February 2024 • 2 min read
 Klaxon: Security Excellence Awards deadline for entries is this Friday!

Klaxon: Security Excellence Awards deadline for entries is this Friday!

Time is running out to enter

clock 31 January 2024 • 1 min read