German Court Rejects Apple's Privacy Policy 124
redletterdave writes "A German court rejected eight out of 15 provisions in Apple's general privacy policy and terms of data use on Tuesday, claiming that the practices of the Cupertino, Calif. company deviate too much from German laws (Google translation of German original). According to German law, recognized consumer groups can sue companies over illegal terms and conditions. Apple asks for 'global consent' to use customer data on its website, but German law insists that clients know specific details about what their data will be used for and why."
Germany and proteciton of privacy. (Score:3, Informative)
Now and then politicians try to create another surveillance state for example to fight "child pornography", but fortunately they haven't succeeded to enact their crazy laws so far.
Re:better idea (Score:5, Informative)
Why should it be on the people? If the company doesn't want to follow their laws, they shouldn't sell their stuff in that country. By choosing to operate in Germany, they have to follow German laws for products sold in that country. Don't like it, decide not to sell there.
Re:To be fair (Score:5, Informative)
You don't have to- you only have to make sure its legal in the countries you sell it in. Germans aren't suing because of Apple violating their law in America, they're suing them for violating it in Germany. If you aren't willing to abide by the laws, then don't sell in that country.
Germans are not actually suing. They don't need to sue. Parts of Apple's policy have been declared invalid, which means that legally these parts don't exist.
Re:better idea (Score:4, Informative)
It should be "on the people" because some people may not have a problem with policies and may want to do business with Apple anyway.
What's your point?
The basis of the complaint was, that Apple is not transparent about what it does with the data collected.
If they are transparent about it and tell the users what exactly thy are going to do with the data BEFORE any data is collected, they're basically fine.
And then the users who are fine with can use those services.
But Apple, like many other companies, wants to have the right to do anything without telling what they do.
The European data protection laws lay the groundwork for users to be able to decide freely what services to use and what not.
The basis for a free decision is INFORMATION.
Re:To be fair (Score:5, Informative)
You know what I fear?
That Apple does just what you describe: Change the words of their privacy policies, but don't actually change the processes used to handle data.
But the _words_ of their privacy policy _is_ what was wrong. Nobody in Germany requested Apple to change its policies; they requested that Apple lists precisely what they do so that customers can make an educated decision whether to agree or not.
Re:To be fair (Score:5, Informative)
If you or your system is sending me personal information, then you can assume it's been stored somewhere, multiple times, and will be used for whatever purpose forever, and can't be deleted.
The EU and most member states have strict laws forbidding that. You have to justify storing any personal data, there are limits on what you can do with it, you can't keep it forever and must delete it under certain circumstances.
If it gets transmitted in the clear, consider it stored and used for ANY purpose.
In both the EU and US that would render the intermediate nodes routing the traffic liable for its content. In order to avoid liability they must not use the data in any way, merely pass it along.
It would be like sending a message on a post card then getting mad that people can see what you wrote, copy it, and do whatever they want with the copy.
It is actually illegal to open sealed envelopes not addressed to yourself here. That's why most banks don't send statements on the back of a postcard.