EU

In the “right to be forgotten” battles, Google’s on the defensive again.

Phillip Nones Content Creation and Content Management, Government, Media, Media Consumption, Publishing, Security, Social Commentary , , , , , , , ,

untitledSuddenly, the conflict between Google and the European Union countries regarding the censoring of search results has taken on even wider worldwide proportions.

This past week, the courts have upheld the French government’s data protection office (CNIL) order for Google to broaden the “right to be forgotten” by censoring search results worldwide — not just in Europe.

Google had appealed the initial CNIL ruling.

The CNIL rejected Google’s argument that a worldwide implementation of the European standard of censoring search results would mean that the Internet would be only as free as the “least free place.” (Think Belarus or Syria.)  But in its ruling, the CNIL noted that a country-by-country implementation of the “right to be forgotten” would mean that the right could be circumvented too easily.

While it’s true that more than 95% of Google searches in Europe are performed via European versions of the company’s search engine tool, such as google.fr and google.co.uk, identical searches can be performed easily using google.com, meaning that anyone trying to find “forgotten” information on an individual can do so easily, irrespective of the European standard.

file-and-forgetAs I blogged back in May, The European Court of Justice’s 2014 ruling meant that Google is required to allow residents of EU countries to delete links to certain harmful or embarrassing information that may appear about themselves in Google search results.

The directive has turned into a real thicket of challenges for Google.

What the definition of “harmed and embarrassing” is is somewhat amorphous, as the court’s ruling encompassed links to information ranging from excessive and harmful on one end of the scale all the way down to links that are merely outdated, inadequate or irrelevant.

Since the ruling went into effect, Google has had to field requests to remove more than one million links from European search results.

Link removal isn’t accomplished via some sort of “bot” procedure.  Instead, each request is considered on a case-by-case basis by a panel of arbiters made up of attorneys, paralegals and search engineers.

Approximately one-third of the links in question have been removed following panel review, while about half have remained in search results.

The rest – the real toughies – are still under review, and their status as yet unresolved.

Obviously, for this activity to spread from covering just European search engines to include potentially the entire world isn’t what Google has in mind at all.  (If Google could have its way, doubtless the whole notion of “the right to be forgotten” would be off the table.)

But the situation is getting pretty hot now. French authorities imposed a 15-day compliance deadline, after which Google could be fined nearly US$350,000.

Of course, the amount of that penalty pales in comparison to the cost Google would incur to comply with the directive.

But that fine is just the opening salvo; there’s no telling what the full degree of financial penalties might turn out to be for continued non-compliance.

I wrote before that it’s difficult to know where the world will eventually end up on the issue of censoring search engine results.  Today, I don’t think we’re anywhere closer to knowing.

China’s controversial product supplier pledge: An “on the ground” view from the Far East.

Phillip Nones Banking, Business, Economics, Government, Manufacturing, Sales, Security , , , , , , , , , ,

The business world is abuzz about the latest moves by China to regulate the behavior of U.S. and other foreign companies that choose to do business in that country.  What’s the real skinny?

contract

While much of the reporting and commentary has been decidedly scant on details, we can actually take a look at the official document that contains the various provisos the Chinese government is intending to impose on foreign companies.

Ostensibly, the declaration is aimed at “protecting user security.” Here are the six provisions that make up the declaration:

Information Technology Product Supplier Declaration of Commitment to Protect User Security

Our company agrees to strictly adhere to the two key principles of “not harming national security and not harming consumer rights” and hereby promises to:

#1.  Respect the user’s right to know. To clearly advise users of the scope, purpose, quantity, storage location, etc. of information collected about the user; and to use clear and easy-to-understand language in the user agreement regarding policies and details of protecting user security and privacy.

#2.  Respect the user’s right to control. To permit the user to determine the scope of information that is collected and products and systems that are controlled; to collect user information only after openly obtaining user permission, and to use collected user information to [sic] the authorized purposes only.

#3.  Respect the user’s right to choice. To allow the user to agree, reject or withdraw agreement for collection of user information; to permit the user to choose to install or uninstall non-essential components; to not restrict user selection of other products and services.

#4.  Guarantee product safety and trustworthiness. To use effective measures to ensure the security and trustworthiness of products during the design, development, production, delivery and maintenance processes; to provide timely notice and fixes upon discovery of security vulnerabilities; to not install any hidden functionalities or operations the user is unaware of [sic] within the product.

#5.  Guarantee the security of user information. To employ effective measures to guarantee that any user information that is collected or processed isn’t illegally altered, leaked, or used; to not transfer, store or process any sensitive user information collected within the China market outside China’s borders without express permission of the user or approval from relevant authorities.

#6.  Accept the supervision of all parts of society. To promise to accept supervision from all parts of society, to cooperate with third-party institutions for assessment and verification that products are secure and controllable and that user information is protected etc. to prove actual compliance with these commitments.

Often with China, there are “official” pronouncements … and then there’s what’s “really” going on behind the curtain.

So to find out the real skinny, I decided to ask my brother, Nelson Nones, who has lived and worked in East Asia for years.  Since Nelson’s business activities take him to China and all of the other key Asian economies on a regular basis, I figured that his perspectives would be well-grounded and worth hearing.  Here’s Nelson’s take:

Points 1 through 3 are fundamentally no different from the provisions of personal data protection laws already on the books in the 27 member states of the European Union, plus Australia, Hong Kong, Iceland, India, Japan, South Korea, Liechtenstein, Macau, Malaysia, New Zealand, Norway, Singapore, the Philippines, Taiwan and some U.S. states.  Nor do they materially differ from privacy policy best practices — so I would not see these as particularly onerous or unreasonable.

The key difference is that these points are not enshrined in law in Mainland China, so compliance is voluntary at the moment (as it was in Singapore until 2013) – presumably binding on only those companies that sign this declaration. 

News reports also indicate that China has asked only American technology companies to sign its Declaration of Commitment, implying that domestic Chinese companies aren’t necessarily held to the same standards — although if this is truly the case, it might actually put Chinese companies at a competitive disadvantage by enhancing the appeal of American technology products to discerning Chinese users.

Point 4 doesn’t generally fall within the scope of existing personal data protection laws, but in my view its provisions fall well within the QA and warranty commitments that any legitimate technology company should be prepared to make in today’s competitive environment.

Comparing Point 5 with legislation currently in force within the European Union, Australia, Hong Kong, Iceland, India, Japan, South Korea, Liechtenstein, Macau, Malaysia, New Zealand, Norway, Singapore, the Philippines, Taiwan and some U.S. states, this point lacks some really key definitions, including:  

  • Who exactly is a “data subject” who is entitled to personal (i.e. user) data protection?
  • Who exactly is the “data controller” who owns the user information that is being collected or processed?
  • Who might be the “data processor” who stores and/or processes user information on behalf of the “data controller”?

EU Data Protection DirectiveThe legislation and regulations I’ve reviewed in this realm provide very explicit (and varied) definitions of these entities. Unlike China’s Declaration of Commitment, for instance, the E.U. Data Protection Directive allows “data controllers” or “data processors” to transfer user data outside the E.U., as long as the country where the data is transferred protects the rights of “data subjects” as much as the E.U. 

It also defines which “data controllers” and “data processors” must comply with E.U. law, based on whether or not they store or process personal information with the E.U., or operate within the E.U. (regardless of where the data is actually stored or processed).

The requirement to keep sensitive user information within China’s borders, in the absence of permission from users or “relevant authorities” to transfer, store or process it elsewhere, could also be seen as an attempt by the Chinese government to enlist the help of American technology companies in circumventing the U.S. government’s ongoing Internet data-gathering programs.

If this attempt succeeds, it might further enhance the appeal of American technology products to discerning Chinese users. 

Point 6 is garnering the most headlines in the West because of the implied threat that cooperating with “third-party institutions for assessment and verification … to prove actual compliance with these commitments” could mean being forced to reveal source code or encryption algorithms.  

However, in classic Chinese style, none of that is actually spelled out. 

Green Dam Youth Escort ServiceA little history about this: Over the past decade, the Chinese government has put forward various proposals for controlling IT – and then abruptly withdrawing them in the face of domestic as well as global criticism. Here are two: 

As for implications, China’s Declaration of Commitment shouldn’t have significant impact on companies that aren’t in the consumer IT market.  At best, its first five points could potentially improve the competitiveness of American IT products in the  Chinese market.    

However, I would advise any tech companies that may be wondering what to do, to sit on their hands for a while. Law in China is always a “work in progress,” so the safest bet is to wait for that “progress” for as long as possible.

So there you have it – the view from someone who is smack in the middle of the business economy in East Asia. If you have your own perspectives to share on the topic, I’m sure other readers would be interested to hear them as well.

A Newspaper Startup in 2012 … Is this Madness?

Phillip Nones Uncategorized , , , , , , , , , , ,

European Daily, preview editionOver the past decade or more, seemingly all the business trends on the newspaper front have been negative. So to read that a new transnational newspaper is being planned for a Fall 2012 launch comes as a pretty big surprise.

Yes, you heard that right:  The European Daily plans to hit the streets in a few months’ time. In the meantime, the budding newspaper already has a website up and running.

The European Daily is the brainchild of three young entrepreneurs from Sweden and Germany. “We are a publication that partly targets a more senior audience who, to a great extent, still prefers print, as well as a traveling audience who wants to read their news on a flight or at their hotel,” says Johan Malmsten, one of the three founders.

Does this sort of thinking sound like a recipe for success in 2012?

At first blush, it seems like a pipe dream. Two huge roadblocks appear to be standing in the way of success. First, the market dynamics have been ugly for traditional newspapers … their traditional business model swept away by the Internet and changing ways that consumers access the news.

Add to this the mounting political and economic crisis in Europe, which could result in the European Union’s breakup, rather than any sort of renewed consolidation.  Is this the right time to be introducing a media property that’s “pan-European” in its character?

Mr. Malmsten discounts these threats. Instead he asserts, “Some people have praised us on our perfect timing, given the vivid current debate about Europe and the fact that a European news source and a common public sphere have never been as much in demand.”

“Europe is a daily reality for millions of Europeans, and that won’t change. We see giving these people a news source and a daily point of reference as our mission,” he adds.

Looking at the newspaper’s launch plans, it’s pretty clear the investors are fully committed to their mission. A staff of 30 is being constructed for the paper — about half of them focused on content.  The editorial team will be based in Amsterdam in Holland.

A “preview” edition of the European Daily was printed last year and ~40,000 copies were distributed in key urban centers like Paris, London, Berlin and Brussels. Reportedly, the reception was highly positive.

But I have doubts whether a completely new newspaper title can be launched successfully – especially one that’s based on a conventional print-centric product with a digital adjunct. It seems like we’ve seen this movie before:  This very formula has been tried and found wanting – even among established newspaper brands.

It will be interesting to look back in about two or three years and see if this endeavor adds up to much – or instead has gone by the wayside.

Anyone care to weigh in with odds on the front end?

The European Union Versus Marketers

Phillip Nones Uncategorized , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

EU e-Privacy Initiative attacks ad tracking via cookiesI wonder how many marketers are focused on what’s happening in Europe on the digital marketing front? While companies here are busily engaged in making sure ad tracking is being done to the nth degree, in the UK and Continental Europe, new legal restrictions on advertising tracking threaten to upend a lot of these efforts, particularly for multinational brands.

In short, the EU’s e-Privacy Directive restricts the use of “cookies” and virtually all other digital ad tracking methods. And the legal frameworks set up around this directive would require any marketer with users in any EU country to be subject to EU-wide and country-specific privacy legislation.

The new privacy initiatives are far more restrictive than the present US-EU “safe harbor” agreement, which merely requires American companies to notify users when cookies are used on a website. The new regs covering web pages, web apps and mobile apps would require giving notice each time a cookie is used, thereby setting up a flurry of endless notifications that promises to seriously degrade the online browsing experience.

The seemingly reasonable compromise of adding information to a “terms of use” agreement isn’t acceptable to the EU either, unless all users are issued the new agreement and they certify their acceptance.

And just to make sure everyone knows how serious all of this is, the new regs call for the imposition of financial and/or criminal penalties for the non-compliant use of cookies. But for the moment at least, only two relatively small countries besides the UK – Estonia and Denmark – have implemented controls to enforce the EU directives.

Here in the United States, privacy legislation slowly wends its way around Congress, with many legislators understanding that the key to successful commerce online is the ability for marketers to match marketing messages to interested consumers. It’s in Europe where governments appear more than willing to cripple the ability of marketers to do the job they’ve sought to do for decades: Target their audiences with as much precision as possible.

As a result, some European businesses are making noises about abandoning Europe for the United States. The problem is, in the digital age with so much of the branding and commerce blurred between countries, it’s impossible for restrictive moves in one region not to cause negative repercussions somewhere else.

Otto von Habsburg at 97: A Link to the Past … and the Future

Phillip Nones Uncategorized , , , , , , , , , , , , , , , , , , , , , , , , , , ,
Four-year-old Otto von Habsburg, flanked by his parents, at the time of his father’s coronation as Emperor of Austria and King of Hungary (1916).

This past month, Otto von Habsburg celebrated his 97th birthday. As the eldest son of the last emperor of the Austro-Hungarian Empire, he is a link with history – the heir apparent to one of Europe’s most powerful dynasties that ruled Central Europe for more than 650 years.

Otto’s life was borne amid conflict. He was just a small boy of four when his father Karl ascended the throne of Europe’s third largest country, right in the middle of the First World War – a conflict which was to bring about the collapse of the monarchy in 1918. Emperor Karl died just a few short years later, making Otto the titular head of the impoverished family, which was forced to live “on the run” in Switzerland and Spain.

Throughout his years of schooling, Otto was tutored in the fiendishly difficult Hungarian language. This was deemed important because Otto’s father had never relinquished his claim to the throne of Hungary — and because Hungary was still technically a monarchy, ruled as regent by Admiral Miklós Horthy, once supreme commander of the Austro-Hungarian navy.

But soon thereafter came the destruction of Second World War and the spread of communism throughout most of the lands of the old empire. At this point, it seemed almost inevitable that Otto would be destined to become “just another” ex-royal personage, whiling away his days in carefree locations like Monte-Carlo, St. Tropez or the Aegean Isles.

But here is where Otto played his hand differently – and in the process became an important player on the international stage and an advocate for a new European political order. Renouncing any claims to the throne, he became instead an indefatigable champion of European unity. An ardent anticommunist, Otto believed the key to Europe’s future was to strive for common interests and common ground. He stood for election to the European Parliament and was an early member of that body, eventually serving for 20 years.

Otto von HabsburgHe also became an important historian and lecturer, traveling the world and speaking with audiences everywhere. I remember hearing Otto von Habsburg give a speech at St. Catherine’s College in St. Paul, MN in 1972, when I was a student in high school. The predictions Otto made in that speech were uncanny in their accuracy. He forecast almost to the exact year the fall of communism (1990), and he also warned about Europe’s smoldering powder-keg (the breakup of Yugoslavia into squabbling mini-states).

And when the Iron Curtain finally did come down in the early 1990s, Otto offered up his services to the new post-communist governments in the land of his forefathers. Subsequently, he played a significant role as a kind of unofficial cultural and social ambassador for several countries, most notably Slovenia, Croatia and Hungary. The prestige of the Habsburg name and its ties to a proud history provided added “cachet” to the early efforts of the post-communist governments to establish meaningful economic and business ties with the West. (Otto’s fluency in the Hungarian language, thanks to all the many hours of tutoring when he was a boy, turned out to be quite handy in a wholly unexpected yet very welcome way.)

Today, at age 97, Otto von Habsburg is still very much with us. He has slowed down a bit, but still shuttles regularly between his home in Bavaria and “his” cities of Budapest, Vienna and Zagreb. From the vantage point of history – where we can now see how the “brave new world” of the 20th Century brought forth more than its share of human misery along with all of the political innovation – the virtues of the “old order” have become easier to recognize.

Certainly, that is the case in the lands of the old Austro-Hungarian Empire, where Otto, “the man who would be king,” has not only been declared an official citizen of several countries, but is also respected by people all across the political spectrum. In the end, not a bad legacy at all.

So here’s a hearty toast to Otto von Habsburg: 97 years young and a true citizen of the world.