Google and Personal Data Protection

  • Bart van der Sloot
  • Frederik Zuiderveen Borgesius
Part of the Information Technology and Law Series book series (ITLS, volume 22)


This chapter discusses the interplay between the European personal data protection regime and two specific Google services, Interest-Based Advertising and Google Street View. The chapter assesses first the applicability of the Data Protection Directive, then jurisdictional issues, the principles relating to data quality, whether there is a legitimate purpose for data processing, and lastly the transparency principle in connection with the rights of the data subject. The conclusion is that not all aspects of the services are easy to reconcile with the Directive’s requirements.


  1. Anguelov D et al (2010) Google street view: capturing the World at street level. IEEE Comput Soc Comput 43(6):32–38CrossRefGoogle Scholar
  2. Battelle J (2005) The Search. How Google and its rivals rewrote the rules of business and transformed our culture. Penguin Group, New YorkGoogle Scholar
  3. Burdon M (2010) Privacy invasive geo-mashups: privacy 2.0 and the limits of first generation information privacy laws. University of Illinois Journal of Law Technology & Policy. No. 1, 2010Google Scholar
  4. Bygrave L (2002) Data protection law: approaching its rationale, logic and limits. Kluwer Law International, The HagueGoogle Scholar
  5. Gomez J et al. (2009) Know Privacy, Final Report. UC Berkeley, School of Information. Accessed 1 June 2009
  6. González Fuster G et al (2010) From unsolicited communications to unsolicited adjustments. Redefining a key mechanism for privacy protection. In: Gutwirth S et al (eds) Data protection in a profiled World. Springer, Dordrecht, pp 105–117CrossRefGoogle Scholar
  7. Gutwirth S, De Hert P (2006) Privacy, data protection and law enforcement. Opacity of the individual and transparency of power. In: Claes E, Duff A, Gutwirth S (eds) Privacy and the criminal law. Antwerp, Intersentia, pp 61–104Google Scholar
  8. Gutwirth S, Poullet Y (2008) The contribution of the Article 29 Working Party to the construction of a harmonised European data protection system: an illustration of ‘reflexive governance’? In: Asinari VP, Palazzi P (eds) Défis du droit à la protection de la vie privée. Challenges of privacy and data protection law—Challenges of privacy and data protection law. Bruylant, Brussels, pp 570–610Google Scholar
  9. Hoofnagle CJ (2009) Beyond Google and evil: how policy makers, journalists and consumers should talk differently about Google and privacy. First Monday, Volume 14, Number 4. Accessed 6 April 2009
  10. Koëter J (2009) Behavioral targeting en privacy: een juridische verkenning van internet gedragsmarketing. Tijdschrift voor internetrecht 2009-4Google Scholar
  11. Komanduri S et al. (2011) AdChoices? Compliance with online behavioral advertising notice and choice requirements. CMU-Cylab-11-005. Accessed 30 March 2011
  12. Korff D (2010) Comparative study on different approaches to new privacy challenges, in particular in the light of technological developments, Working Paper 2.0. Accessed 20 January 2010
  13. Kotschy W (2010) Directive 95/46/EC—Data protection directive. In: Büllesbach A et al (eds) Concise European IT law. Kluwer Law International, Alphen aan den RijnGoogle Scholar
  14. Krishnamurthy B, Wills C (2009a) On the leakage of personally identifiable information via online social networks. WOSN’09: the second workshop on online social networks.
  15. Krishnamurthy B, Wills C (2009b) Privacy diffusion on the web: a longitudinal perspective. In: Proceedings of the 18th international conference on world wide web.
  16. Kuner C (2007) European data protection law: corporate compliance and regulation. Oxford University Press, OxfordGoogle Scholar
  17. Kuner C et al. (2009) Study on online copyright enforcement and data protection in selected Member States.
  18. Kuner C et al. (2010) Study on online copyright enforcement and data protection in selected Member States (Netherlands, Poland, UK).
  19. McDonald AM (2010) Footprints near the surf: individual privacy decisions in online contexts (diss.) Paper 7.
  20. Ohm P (2009) Broken promises of privacy: responding to the surprising failure of anonymization. University of Colorado Law Legal Studies Research 2009 (Article No. 09–12), 13 August 2009Google Scholar
  21. Rundle AG et al (2011) Using Google street view to audit neighborhood environments. Am J Prev Med 40(1):94–100Google Scholar
  22. Toubiana V, Nissenbaum H (2011) An Analysis of Google logs retention policies. Journal of Privacy and Confidentiality. Volume 3, Issue 1, Article 2, 2011Google Scholar
  23. Traung P (2010) EU Law on Spyware, Web Bugs, Cookies, etc., Revisited: Article 5 of the Directive on Privacy and Electronic Communications. Bus Law Rev 31:216–228Google Scholar
  24. Van Eijk NANM et al (2011) A bite too big: Dilemma’s bij de implementatie van de Cookiewet in Nederland (Dilemmas with the implementation of the Cookie law in the Netherlands), TNO-report no. 35473. Accessed 28 February 2011.

Copyright information

© T.M.C. ASSER PRESS, The Hague, The Netherlands, and the authors/editors  2012

Authors and Affiliations

  • Bart van der Sloot
    • 1
  • Frederik Zuiderveen Borgesius
    • 1
  1. 1.Institute for Information LawUniversity of AmsterdamAmsterdamThe Netherlands

Personalised recommendations