European Data Watchdog Wary of Google’s Fitbit Buy |

European Data Watchdog Wary of Google’s Fitbit Buy

The government body is worried that the company may gobble up health and activity data of millions of Fitbit users


Google is once again in the eye of an impending European storm. The European Data Protection Board (EDPB) is raising serious concerns over the Search giant’s plans to acquire wearable technology company Fitbit as it could mean that the company would gobble up health and activity data of millions of users worldwide.

The company has already been facing flak in the United States over reports of how it was sharing personal health data of millions of patients under its Project Nightingale where it had tied up with the country’s second largest healthcare system Ascension. Google is facing the antitrust heat from lawmakers in the US over these stories.

Earlier this month, the Irish Data Protection Commission (DPC) had opened a formal probe into Google’s processing of people’s location data. Reacting to these reports, the company recently announced that it would make it tougher for apps on its network to access data around the user’s location.

Google, which announced its intent to acquire Fitbit last November at $7.35 per share in an all-cash deal in a $2.1 billion deal, now needs to convince the European regulators that they do not intend gobbling up all the health, activity and sleep data of more than 28 million active users on the wearable device.

A statement from EPDB clearly indicates that the regulator has concerns over accumulation of sensitive data by the company. “There are concerns that the possible further combination and accumulation of sensitive personal data regarding people in Europe by a major tech company could entail a high level of risk to the fundamental rights to privacy and to the protection of personal data,” the statement said.

Google, which has been quietly ramping up its health vertical that now boasts over 500 staffers, seems to be getting on the wrong side of regulators in Europe with the Irish DPC quickly supporting the EPDB statement saying that it was a reflection of the collective views on data protection across the region.

The EPDB statement reinforces the perspective among member nations that the long-term implications of a country’s economic independence and protection of its data and consumer rights should be considered paramount while reviewing any proposal for a merger or acquisition that could lead to anti-trust issues.

The statement, made available on the EPDB website, goes on to suggest that the regulator would continue to be vigilant in this and similar cases in the future while going on to remind Google and Fitbit of their obligations under Europe’s General Data Protection Regulation (GDPR) rules.

“The EDPB reminds the parties to the proposed merger of their obligations under the GDPR and to conduct a full assessment of the data protection requirements and privacy implications of the merger in a transparent way. The Board urges the parties to mitigate possible risks to the rights to privacy and data protection before notifying the merger to the European Commission,” the statement concludes.

Meanwhile, TechCrunch reports quoting a statement from Google that acquiesces about the deal being subject to regulatory approvals and says “Protecting peoples’ information” is core to what they do and that they would continue to work constructively with regulators to answer their questions. It also directed readers to its blog post on the acquisition where it had reiterated that personal information is never sold.

Of course, there is no clear indication of what would happen next. Whether it is just a case of regulators bearing their fangs to ensure compliance or if Europe would once again go after Google is something only time will tell.

TAGS: Google, GDPR, European Data Protection, FitBit, acquisition, Antitrust, Data Privacy