We note that today the office of the Irish Data Protection Commission levied a fine of €225m on Whatsapp, a messaging arm of Facebook. This was done in the context of outrage from a number of other European Data Protection Commissioners. They felt quite rightfully that the original proposed fine of €30m was far too low given the revenues of Facebook. It was not a sufficient incentive to obey the law.
Overall, it looks very bad for Ireland that the Irish DPC had to be dragged kicking a screaming to levy a sensible fine for egregious breaches of European law. None of it augurs well for the “one stop shop” regime developed by the GDPR which has seen a comparatively under resourced and infective Irish Data Protection Commission attempt to regulate some of the biggest IT companies in the world. We have pointed out for many years back to the EMI v. Eircom cases that a poorly resourced and ill-equipped commission will do more harm than good.
There is little doubt however from the DPCs findings that “big tech” can act in an arrogant and at times unlawful manner. We saw it back during the “browser wars” commencing in the late 90’s when Microsoft faced sanction in the US and Europe. This arrogance continues, but at least is starting to attract regulatory attention, particularly in Europe and Asia. It perhaps also explains the current spend on lobbying by “big tech”
We had some experience of big tech arrogance it ourselves recently. The issue stemmed from when we called out the HSE as a result of the data breach which occurred in May 2021, and pointed out that the HSE could potentially face substantial claims against them (an update on this will follow shorty). Some people took exception to us pointing out the law in the area, and we received a number of negative reviews on google business.
Some of the “reviewers” merely deposited “one star” such as that by the wonderful “chris peters”, and more were hate filled diatribes from the lowest reaches of society. All the reviews however had something in common, they were fake and calculated to cause harm to the business. The reviewers had no knowledge of our business, and were part of a concerted effort to cause harm.
As a firm we do not solicit Google reviews. Some firms do, and more power to their elbow, but our view is that the worst place to get a measure of a law firm is from an online review. We say this because our view is that the solicitor-client relationship is far more personal and complex than ordering a pizza or getting a cab. The result however of the handiwork by the various online “trolls” was that when a potential client for our contract details there was an impression given by Google that we were a pretty dire outfit. This was not OK.
So what do you do when faced with an bad review on google?
The first thing to do is to report it using Google’s report function, this is if you can find it. It is well hidden, and the instructions given by Google do not necessarily tally with the current version of their website. Google will then “review” the posting and decide whether to remove it or not. They will then communicate their decision. There is no obvious way to appeal their reviewer’s decision. You will see this email, and this email alone:
In the text Google refer to the reviewer as a “customer”, but the have confirmed to us:
the applicable terms of service do not require users to post under their real names. The fact alone therefore that you did not believe you had acted for or been contacted by individuals bearing those names did not mean that the Reviews were necessarily other than honest opinions, reﬂective of a genuine experience with your ﬁrm. (letter dated 26th August 2021)
In other words anyone can “review” any firm or business, anonymously. Google will accept the word of an anonymous poster, but not the word of a lawful business saying those reviews are false or incorrect. Google will not seek any verification from the poster of the review, but will assume it to be correct. Eventually they will give in but in our case it took 7 legal letters to Google before they took action.
How do you contact Google.
It is very difficult to do so. One of the largest IT companies in the world does not appear to have an email address or a phone number. They will deny receiving online reports through their own system (see letter dated 27th July) even when there is a record of it (see letter dated 29th July) and the only sure way to communicate with them is, wait for, An Post. Yes, the best way to make sure you communication reaches Google is to send it by Registered Post to Google Ireland Ltd. Gordon House, Barrow St., Dublin 4!
How do quickly do Google react?
The view of Google is that over two weeks a reasonable period to reply to correspondence, even in respect of a defamatory review which may be causing harm to a business. (see letter of the 26th August 2021). Indeed we were corresponding with Google since 11th June, and they used their own delay in replying to correspondence as a reason to justify further delay. It is fair to say we could have issued injunctive proceedings against Google at an earlier stage, and ultimately were at the point of so doing before the reviews were finally removed.
Do google obey rules?
This is the key point. No, Google seem comfortable to interpret Irish Caselaw as they choose (see full file) and In their letter of the 26th August Google made light of any obligation to abide by the eCommerce Directive or Defamation Act 2009. Indeed Google ultimately concluded their removed the various negative reviews based not on Irish Law, but on its policies. To quote:
Google Ireland’s Policy Team has now concluded, based on the latest information provided by your ﬁrm, that removal of the Reviews the subject of this correspondence is appropriate for violation of its policies (but not on the basis of apparent unlawfulness)
In a similar theme to the Whatsapp ruling, it is becoming clear that “big tech” companies are happy to treat Irish and European law with distain, and prefer instead to quote the pre eminence of their own “policies”. This will not end well.
For those interested in reading the full correspondence between ourselves and Google, it can be downloaded here. O’Dowd Solicitors offer specialist advice in IT and Data Protection law.