Received an email from Google Fi that their policy is to “opt you in” to sell your phone-call and purchase info to advertisers. They call the data your CPNI — “Customer Proprietary Network Information”. Making this an opt-out when it’s a combo of your shopping data plus phone-call data (including destination and location) plus Google identity seems pretty egregious to me.
Anyway, the emailed notice is easy to overlook as just another policy update that you wouldn’t do anything about. But you can opt out.
At https://fi.google.com/account, go to “Privacy & security”, and deselect “Allow CPNI sharing”. It’s not in the Fi app; you have to do it in a browser.
I assume this is outside of Europe right? This breaks GDPR in every conceivable manner
Google Fi is exclusive to U.S. customers so it doesn’t matter if it breaks GDPR.
Yeah it does. GDPR applies for EU citizens regardless of where they are. It’s why every website in the fucking world has a cookie banner now. An EU citizen could register for Fi service with a VPN and a mailbox at a UPS store and Google’s handling of their data would be subject to GDPR.
So yeah, it definitely matters, and I wouldn’t be surprised if they get sued because of this.
Maybe the EU says the GDPR applies to all EU citizens regardless of where they are, but that doesn’t matter. ox at a UPS store and Google’s handling of their data would be subject to GDPR.
Maybe the EU says the GDPR applies to all EU citizens regardless of where they are, but that doesn’t matter. They only have the right to enforce the GDPR within their jurisdiction, regardless of where a EU citizen is.
Please see here.
The EU has no enforcement ability outside of their own borders regardless of what they tell you.
You think I can come into the EU with a concealed gun in my pants and say “but in my country…” LOL. You EU guys are brainwashed and gullible to a level on par with N Koreans.
So uh, you think Google doesn’t operate or do business in the EU? They have 20+ offices there. In the example I gave, they would 100000% be subject to GDPR, fullstop; it’s not a question, matter of opinion, or debate. They’d even be subject to it if an EU citizen was physically inside the US on vacation and opened a Fi account while they were here.
I’m from Virginia and knowing compliance stuff (GDPR, CCPA, PCI DSS, NIST 800-*, etc) is a requirement of my job.
Nobody’s discussing Googles EU operations, clearly they can enforce any shit they want within their own borders. The discussion is Google Fi, which is US only. I’m also in VA, and assuming like you, do a lot of work connected to gov’t, and sorry, but compliance certs being required by your job are relevant to a foreign govt trying to enforce their regulations outside of their borders to a service thats not even available to their citizens is relevant how exactly?
Yea this should be for the rest of the world.