cross-posted from:
https://piefed.zip/c/technology/p/1086069/google-criticizes-europe-s-plan-to-adopt-free-software
[https://piefed.zip/c/technology/p/1086069/google-criticizes-europe-s-plan-to-adopt-free-software]
> Google has criticized the European Union’s intentions to achieve digital
sovereignty through open-source software. The company warned that Brussels’
policies aimed at reducing dependence on American tech companies could harm
competitiveness. According to Google, the idea of replacing current tools with
open-source programs would not contribute to economic growth. > > Kent Walker,
Google’s president of global affairs and chief legal officer, warned of a
competitive paradox that Europe is facing. According to the Financial Times, he
said that creating regulatory barriers would be harmful in a context of rapid
technological advancement. His remarks came just days after the European
Commission concluded a public consultation assessing the transition to
open-source software. > > Google’s chief legal officer clarified that he is not
opposed to digital sovereignty, but recommended making use of the “best
technologies in the world.” Walker suggested that American companies could
collaborate with European firms to implement measures ensuring data protection.
Local management or servers located in Europe to store information are among the
options. > > The EU is preparing a technological sovereignty package aimed at
eliminating dependence on third-party software, such as Google’s. After
reviewing proposals, it concluded that reliance on external suppliers for
critical infrastructure entails economic risks and creates vulnerabilities. The
strategy focuses not only on regulation but also on adopting open-source
software to achieve digital sovereignty. > > According to Google, this change
would represent a problem for users. Walker argues that the market moves faster
than legislation and warns that regulatory friction will only leave European
consumers and businesses behind in what he calls “the most competitive
technological transition we have ever seen.” As it did with the DMA and other
laws, Google is playing on fear. Kent Walker suggested that this initiative
would stifle innovation and deny people access to the “best digital tools.” > >
The promotion of open-source software aims to break dependence on foreign
suppliers, especially during a period of instability caused by the Trump
administration. The European Union has highlighted the risks of continuing under
this system and proposes that public institutions should have full control over
their own technology. > > According to a study on the impact of open-source
software, the European Commission found that it contributes between €65 billion
and €95 billion annually to the European Union’s GDP. The executive body
estimates that a 10% increase in contributions to open-source software would
generate an additional €100 billion in growth for the bloc’s economy.
GDPR Art.5 and other parts try to guarantee data subjects transparency on how their data is processed. The overlooked problem is when a data subject installs a closed-source app, they have no idea how their personal data is being processed inside that black box. And since the processing is performed by the data subject themself, they have no legal mechanism to become informed on how the data is processed.
FOSS solves this. FOSS is a crutch for a GDPR hole. Google’s advocacy is an assault on data protection. Yet they have the audacity to claim closed-source s/w gives a data protection benefit.
(update) Closed-source licenses → extra perverse
The last license agreement I read for a closed-source phone app prohibited studying the app or reverse-engineering it. So not only are data subjects technologically blocked from transparency on how their data is processed, they are also contractually blocked from even trying.
Is “they” me? Hosting services is not an issue because it’s a service, which means the hosting service has a GDPR obligation to express in plain language how data is processed. Code transparency does not matter in that regard.
When a controller pushes closed-source software onto data subjects who are expected to execute it on their own equipment, then the GDPR hole manifests. The controller has no obligation to tell you how your data is processed by their black box software. And worse, they go as far as to contractually block you from studying the code. In this case, your only hope for transparency is to use FOSS instead. And (as you say) that ad hoc privilege is only useful for those who can read code. But at least reviewers can explain in plain language to others what the code does.
If “they” is Google, Google is claiming closed source benefits data protection:
“Walker suggested that American companies could collaborate with European firms to implement measures ensuring data protection. Local management or servers located in Europe to store information are among the options.”
Is “they” me? Hosting services is not an issue because it’s a service, which means the hosting service has a GDPR obligation to express in plain language how data is processed. Code transparency does not matter in that regard.
When a controller pushes closed-source software onto data subjects who are expected to execute it on their own equipment, then the GDPR hole manifests. The controller has no obligation to tell you how your data is processed by their black box software. And worse, they go as far as to contractually block you from studying the code. In this case, your only hope for transparency is to use FOSS instead. And (as you say) that ad hoc privilege is only useful for those who can read code. But at least reviewers can explain in plain language to others what the code does.
If “they” is Google, Google is claiming closed source benefits data protection:
“Walker suggested that American companies could collaborate with European firms to implement measures ensuring data protection. Local management or servers located in Europe to store information are among the options.”