Google Caves to EU Antitrust Pressure, Changes Data Practices

Germany’s antitrust efforts have paid off as Google agrees to change the way it collects and processes user data.

Shane Snider , Senior Writer, InformationWeek

October 6, 2023

6 Min Read
The website of internet giant Google searches for 'EU'
dpa picture alliance archive via Alamy Stock

At a Glance

  • A German antitrust investigation has successfully pressured Google into changing key data policies for many of its apps.
  • Companies will need to become flexible as regulations continue to change.
  • CIOs, CDOs and other IT leaders should pay heed to the regulatory developments abroad.

The European Union’s continued antitrust probes into Big Tech business have scored a major victory as Alphabet Inc.’s Google agreed to far-reaching user data practice changes to placate German investigators.

The German Federal Cartel Office (FCO), which acts as the country’s antitrust watchdog, in January raised objections to Google regarding its data processing terms, claiming users had little choice regarding how their data is used across the tech giant’s far-reaching services.

Google’s commitment includes changes to more than 25 services, including Gmail, Google News, Assistant, Contacts, and Google TV. Other services, including Google Shopping, Google Maps, Google Search, and others will be covered under the EU’s Digital Markets Act, which has similar data controls.

"Google will have to provide its users with the possibility to give free, specific, informed, and unambiguous consent to the processing of their data across services,” the FCO said in its decision document. “For this purpose, Google has to offer corresponding choice options for the combination of data … The Commitments cover in principle all services operated by Google and directed to end users in Germany with more than one million monthly active users...”

In a statement to InformationWeek, a spokesperson for Google said, "We have appreciated the constructive engagement with the FCO as we worked to address their concerns in this case. Google has a long history of providing people with industry-leading choice and transparency and provides simple controls to help people manage their data. The commitments outlined today continue this approach as we evolve our products to meet the expectations of users and regulators.”

Related:EU Big Tech Clampdown Probe Bites Apple, Microsoft

FCO officials said the change was a huge win for tech consumers. “In the future, users of Google services will have a much better choice as to what happens to their data, how Google can use them, and whether their data may be used across services,” Andreas Mundt, president of the FCO, said in a statement.

He added, “This not only protects the users’ right to determine the use of their data, but also curbs Google’s data-driven market power.”

Google Must Become More Flexible

Data brokering is a big business globally -- not just for data brokers dealing specifically in collecting personal data, but with Big Tech companies that use the information broadly for marketing and advertising. How that data is collected and used across platforms is facing increasing scrutiny globally as data privacy concerns grow. And new regulations could guide how many businesses treat and collect data.

Related:EU’s Digital Services Act Goes Live to Police Big Tech Apps

Chris Pierson, founder and CEO of cybersecurity company BlackCloak, tells InformationWeek in an e-mail interview that Big Tech companies will need to make policy adjustments regionally. “Companies like Google, that operate internationally with a broad audience, will need to continue to change and evolve their practices based on the customs and practices of each country,” he says.

He adds, “Regardless of the difficulty involved in splicing customer segments, the regulators continue to show that they are hyper-focused on their regional privacy laws and will scrutinize all aspects of a company’s products and services. Germany leads the world in having some of the most exacting regulations and puts real teeth behind the enforcement of them.”

Jim DuBois, author and former Microsoft CIO, offers a different take. While Google's commitment is with Germany, its policy changes will likely extend beyond borders, he says. "It is almost untenable to have different policies by country/state/union because every time they make a global feature improvement, they would need to change each individual instance that is different for different entity policies. It would make the tech company too slow to respond and innovate..."

Related:Keeping Up With Data Privacy Compliance: A Guide

The process is often slow and tactical, DuBois says. "When [regulators] all ask for different things, Big Tech is forced to wait until there is enough commonality or enough momentum somewhere that it makes sense for them to act by making another change that will satisfy as much of the world as possible... I don't believe that Germany forced Google's hand. I believe Google stalled long enough to learn/determine that they could compromise with Germany in a way that would allow them to make a change that would satisfy most of the rest of the world, too."

Big Tech Under Fire

The FCO’s investigations into Amazon, Meta, and Apple are ongoing. The cartel gained investigation powers in 2021 to probe companies considered to have “paramount significance” and broad market power. The watchdog body started the Google probe in May of 2021.

Big Tech companies are under mounting international pressure, particularly in the EU, as data privacy and antitrust concerns gain steam. Just this week, UK regulators opened an antitrust investigation into Amazon and Microsoft for their cloud services.

An FCO probe into Meta in June resulted in the company launching a new account center that would provide users with more choice in how their data is combined with activity across the platform.

While the commitments from Google apply only to users in Germany, the company will likely apply the same measures across the EU and perhaps further as more regulatory pushes gain steam.

BlackCloak’s Pierson says ultimately regulators want to work with Big Tech. “Countries and regulators will work with them here as the net result of turning off a ‘Google’ or a ‘Facebook’ would disrupt the lives of too many and cause backlash. Other tech companies are likely examining the impact, organizing a plan to ensure compliance, and setting forth timelines to comply so they can evade sanctions.”

But the end result may be less business activity for some countries with strict regulations, Pierson says. “As the world gets more fragmented in a country-by-country manner on privacy laws, I think it is likely that many companies will examine higher costs as a potential barrier to entry for that market.”

Takeaways for CIOs and IT Leaders

Pierson, who has in the past served as a CIO, says IT leaders need to pay close attention to regulation abroad. “CIOs and other IT leaders should be joined at the hip with a privacy leader providing advice and guidance to them on shifts and changes in laws. After examining this ruling, those same leaders will be working with business partners internally to examine the monetary impacts to compliance and may even modify their services in light of the regulatory stances being taken.”

He adds, “As data is the gold of the global economy, all tech leaders will need to build into their plans privacy protections and mechanisms to allow for more individualized choice.”

Martha Heller, CEO of Heller Search, says CIOs and CDOs can take away valuable lessons from Google's move.

"Most global companies have aggressive strategies to leverage customer data for increased revenue and market share," Heller tells InformationWeek in an email. "CIOs and chief data officers need to think hard about how EU regulatory standards can potentially impact these data strategies. If they fail to comply, they may discover lower than expected ROI on their data technology investments."

She adds, "With investments in data architecture at an all-time high, the earnings impact of these regulatory standards not only on the tech sector, but across all industries, could be profound."

DuBois notes that Big Tech has the capital to adjust to regulatory changes in a way that smaller companies do not -- so IT leaders often need to take a patient approach while the regulation fights play out. "CIOs and other IT leaders often have less complex environments than the Big Tech companies, but also less resources to make changes... so they are even more likely to follow Google's lead and make policy changes for their own systems that have precedent in regulatory bodies."

He adds, "I believe that Google and other tech companies actually do want to do what is best for consumers because if they don't, it won't be good for their business... despite regulations."

Read more about:


About the Author(s)

Shane Snider

Senior Writer, InformationWeek, InformationWeek

Shane Snider is a veteran journalist with more than 20 years of industry experience. He started his career as a general assignment reporter and has covered government, business, education, technology and much more. He was a reporter for the Triangle Business Journal, Raleigh News and Observer and most recently a tech reporter for CRN. He was also a top wedding photographer for many years, traveling across the country and around the world. He lives in Raleigh with his wife and two children.

Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.

You May Also Like

More Insights