Received an email from Google Fi that their policy is to “opt you in” to sell your phone-call and purchase info to advertisers. They call the data your CPNI — “Customer Proprietary Network Information”. Making this an opt-out when it’s a combo of your shopping data plus phone-call data (including destination and location) plus Google identity seems pretty egregious to me.

Anyway, the emailed notice is easy to overlook as just another policy update that you wouldn’t do anything about. But you can opt out.

At https://fi.google.com/account, go to “Privacy & security”, and deselect “Allow CPNI sharing”. It’s not in the Fi app; you have to do it in a browser.

  • tool@lemmy.world
    link
    fedilink
    English
    arrow-up
    3
    arrow-down
    2
    ·
    edit-2
    1 year ago

    Google Fi is exclusive to U.S. customers so it doesn’t matter if it breaks GDPR.

    Yeah it does. GDPR applies for EU citizens regardless of where they are. It’s why every website in the fucking world has a cookie banner now. An EU citizen could register for Fi service with a VPN and a mailbox at a UPS store and Google’s handling of their data would be subject to GDPR.

    So yeah, it definitely matters, and I wouldn’t be surprised if they get sued because of this.

    • baduhai@sopuli.xyz
      link
      fedilink
      English
      arrow-up
      5
      ·
      1 year ago

      Yeah it does. GDPR applies for EU citizens regardless of where they are. It’s why every website in the fucking world has a cookie banner now. An EU citizen could register for Fi service with a VPN and a mailbox at a UPS store and Google’s handling of their data would be subject to GDPR.

      Maybe the EU says the GDPR applies to all EU citizens regardless of where they are, but that doesn’t matter. ox at a UPS store and Google’s handling of their data would be subject to GDPR.

      Maybe the EU says the GDPR applies to all EU citizens regardless of where they are, but that doesn’t matter. They only have the right to enforce the GDPR within their jurisdiction, regardless of where a EU citizen is.

      • tool@lemmy.world
        link
        fedilink
        English
        arrow-up
        6
        arrow-down
        1
        ·
        1 year ago

        The EU has no enforcement ability outside of their own borders regardless of what they tell you.

        So uh, you think Google doesn’t operate or do business in the EU? They have 20+ offices there. In the example I gave, they would 100000% be subject to GDPR, fullstop; it’s not a question, matter of opinion, or debate. They’d even be subject to it if an EU citizen was physically inside the US on vacation and opened a Fi account while they were here.

        You EU guys are brainwashed and gullible to a level on par with N Koreans.

        I’m from Virginia and knowing compliance stuff (GDPR, CCPA, PCI DSS, NIST 800-*, etc) is a requirement of my job.