Google accused of misleading consumers to grab more data for ads

by with No Comment Tech

man in front of Google sign

Image Credits: Krisztian Bocsi/Bloomberg / Getty Images

Italy’s competition and consumer watchdog has announced an investigation into how Google gets users’ consent in order to link their activity across different services for ad profiling, saying it suspects the adtech giant of “unfair commercial practices.”

At issue here is how Google obtains consent from users in the European Union to link their activity across its apps and services — like Google Search, YouTube, Chrome and Maps. Linking user activity lets it profile them for ad targeting, the company’s main source of revenue.

In response to the Italian AGCM’s investigation, a Google spokesperson told TechCrunch, “We will analyze the details of this case and will work cooperatively with the Authority.”

Since early March, Google has been subject to the EU’s Digital Markets Act (DMA), an ex-ante competition regime that applies across the European Union, including in Italy. The company is one of several designated internet “gatekeepers” that own and operate a number of major platforms (aka “core platform services”). Other gatekeepers include Amazon, ByteDance, Meta and Microsoft.

The pan-EU regulation is relevant to Italy’s investigation of Google, since the DMA has made it mandatory for these gatekeepers to obtain consent before they can process users’ personal data for advertising, or to combine their data harvested from across their services. The AGCM’s probe appears to be focused on the latter area.

“[T]he request for consent that Google submits to its users to the linking of the services offered may constitute a misleading and aggressive commercial practice,” the AGCM wrote in a press release.

“Indeed, it appears to be accompanied by inadequate, incomplete and misleading information and it could influence the choice of whether and to what extent consent should be given.”

The regulator’s action is interesting, since it is typically the European Commission that leads enforcement against these gatekeepers. However, the EC’s ongoing investigation of Google under the DMA, announced back in March, does not focus on whether it gets consent for linking user data. The EC has said its DMA probe concerns self-preferencing in Google search; and anti-steering in Google Play.

The Italian authority looks to be taking the opportunity to act on concerns the Commission has yet to get around to. A spokesperson for the regulator confirmed it is empowered to issue penalties of up to €10M if it confirms unfair commercial practices.

Competition enforcement in the EU and across member states generally aims to avoid duplicating effort, but in this case, it may be that the Italian regulator is picking up the slack.

A Commission spokesperson told TechCrunch it “takes note” of the AGCM investigation into consumer choices implemented by Google in relation to its obligations under the DMA, adding: “The investigation complements enforcement work under the DMA. In implementing the DMA, gatekeepers have to comply with other relevant EU and national rules, including but not limited to consumer protection and data protection rules.”

In its press release, the AGCM said it is concerned that Google’s request to users seeking their consent does not provide them with the information necessary to make a free and informed choice. And when it does, Google provides information “inadequately and imprecisely,” the AGCM said. Specifically, the regulator suspects Google is not being transparent about “the real effect” on users when they consent to their accounts being linked.

Additionally, the regulator suspects Google isn’t being open about the full picture. It is worried about the level of information Google provides “with respect to the variety and number of Google’s services for which ‘combination’ and ‘cross-use’ of personal data may occur, and with respect to the possibility of modulating (and thus limiting) consent to only some services.”

The DMA states that consent for linking accounts for advertising purposes must comply with standards set out in another pan-EU law, the General Data Protection Regulation (GDPR), which stipulates that consent must be “freely given, specific, informed and unambiguous.”

The GDPR also sets conditions on how consent can be sought through written statements in an online interface. It requires such requests to be “presented in a manner which is clearly distinguishable from the other matters, in an intelligible and easily accessible form, using clear and plain language.”

While data protection authorities usually lead on enforcement of the GDPR, the DMA’s incorporation of the former’s consent standards by reference leads to what we see here: Italy’s competition and consumer watchdog scrutinizing Google’s consent flow.

The “Linked Google services” settings menu for Google Account holders.
Image Credits: Screenshot by Natasha Lomas/TechCrunch

As well as worrying about the information that Google provides users, the AGCM is concerned about how Google is asking people for their consent. That suggests the “techniques and methods” it is using for requesting consent could be a problem, too.

The authority said it suspects Google’s consent flow “could condition the freedom of choice of the average consumer,” leading to users being “induced to take a commercial decision that he/she would not have taken otherwise, by consenting to the combination and cross-use of his/her personal data among the plurality of services offered.” Or, in fewer words: Google might be manipulating people to agree to link their accounts.

Manipulative or so-called “dark pattern” design has been an unfortunate feature of online choice flows for years across all sorts of consumer services. But increasing regulation of digital platforms and services in the EU looks to be challenging the user-hostile tactic at long last.

As well as the DMA referencing GDPR standards for consent, enabling more enforcement bodies to scrutinize choice flows, the bloc’s Digital Services Act (DSA) outright bans the use of design that uses deception or other types of underhanded nudges to distort or impair users’ ability to make free choices.

Just last week, the EU confirmed its first preliminary findings of a breach of the DSA’s rules against deceptive design, when it announced that it suspects the blue check system on X (formerly Twitter) of being an illegal dark pattern.

This report was updated with comment from the Commission and the AGCM. We also corrected a copyediting error to the list of gatekeepers

Google accused of misleading consumers to grab more data for ads

by with No Comment Tech

man in front of Google sign

Image Credits: Krisztian Bocsi/Bloomberg / Getty Images

Italy’s competition and consumer watchdog has announced an investigation into how Google gets users’ consent in order to link their activity across different services for ad profiling, saying it suspects the adtech giant of “unfair commercial practices.”

At issue here is how Google obtains consent from users in the European Union to link their activity across its apps and services — like Google Search, YouTube, Chrome and Maps. Linking user activity lets it profile them for ad targeting, the company’s main source of revenue.

In response to the Italian AGCM’s investigation, a Google spokesperson told TechCrunch, “We will analyze the details of this case and will work cooperatively with the Authority.”

Since early March, Google has been subject to the EU’s Digital Markets Act (DMA), an ex-ante competition regime that applies across the European Union, including in Italy. The company is one of several designated internet “gatekeepers” that own and operate a number of major platforms (aka “core platform services”). Other gatekeepers include Amazon, ByteDance, Meta and Microsoft.

The pan-EU regulation is relevant to Italy’s investigation of Google, since the DMA has made it mandatory for these gatekeepers to obtain consent before they can process users’ personal data for advertising, or to combine their data harvested from across their services. The AGCM’s probe appears to be focused on the latter area.

“[T]he request for consent that Google submits to its users to the linking of the services offered may constitute a misleading and aggressive commercial practice,” the AGCM wrote in a press release.

“Indeed, it appears to be accompanied by inadequate, incomplete and misleading information and it could influence the choice of whether and to what extent consent should be given.”

The regulator’s action is interesting, since it is typically the European Commission that leads enforcement against these gatekeepers. However, the EC’s ongoing investigation of Google under the DMA, announced back in March, does not focus on whether it gets consent for linking user data. The EC has said its DMA probe concerns self-preferencing in Google search; and anti-steering in Google Play.

The Italian authority looks to be taking the opportunity to act on concerns the Commission has yet to get around to. A spokesperson for the regulator confirmed it is empowered to issue penalties of up to €10M if it confirms unfair commercial practices.

Competition enforcement in the EU and across member states generally aims to avoid duplicating effort, but in this case, it may be that the Italian regulator is picking up the slack.

A Commission spokesperson told TechCrunch it “takes note” of the AGCM investigation into consumer choices implemented by Google in relation to its obligations under the DMA, adding: “The investigation complements enforcement work under the DMA. In implementing the DMA, gatekeepers have to comply with other relevant EU and national rules, including but not limited to consumer protection and data protection rules.”

In its press release, the AGCM said it is concerned that Google’s request to users seeking their consent does not provide them with the information necessary to make a free and informed choice. And when it does, Google provides information “inadequately and imprecisely,” the AGCM said. Specifically, the regulator suspects Google is not being transparent about “the real effect” on users when they consent to their accounts being linked.

Additionally, the regulator suspects Google isn’t being open about the full picture. It is worried about the level of information Google provides “with respect to the variety and number of Google’s services for which ‘combination’ and ‘cross-use’ of personal data may occur, and with respect to the possibility of modulating (and thus limiting) consent to only some services.”

The DMA states that consent for linking accounts for advertising purposes must comply with standards set out in another pan-EU law, the General Data Protection Regulation (GDPR), which stipulates that consent must be “freely given, specific, informed and unambiguous.”

The GDPR also sets conditions on how consent can be sought through written statements in an online interface. It requires such requests to be “presented in a manner which is clearly distinguishable from the other matters, in an intelligible and easily accessible form, using clear and plain language.”

While data protection authorities usually lead on enforcement of the GDPR, the DMA’s incorporation of the former’s consent standards by reference leads to what we see here: Italy’s competition and consumer watchdog scrutinizing Google’s consent flow.

The “Linked Google services” settings menu for Google Account holders.
Image Credits: Screenshot by Natasha Lomas/TechCrunch

As well as worrying about the information that Google provides users, the AGCM is concerned about how Google is asking people for their consent. That suggests the “techniques and methods” it is using for requesting consent could be a problem, too.

The authority said it suspects Google’s consent flow “could condition the freedom of choice of the average consumer,” leading to users being “induced to take a commercial decision that he/she would not have taken otherwise, by consenting to the combination and cross-use of his/her personal data among the plurality of services offered.” Or, in fewer words: Google might be manipulating people to agree to link their accounts.

Manipulative or so-called “dark pattern” design has been an unfortunate feature of online choice flows for years across all sorts of consumer services. But increasing regulation of digital platforms and services in the EU looks to be challenging the user-hostile tactic at long last.

As well as the DMA referencing GDPR standards for consent, enabling more enforcement bodies to scrutinize choice flows, the bloc’s Digital Services Act (DSA) outright bans the use of design that uses deception or other types of underhanded nudges to distort or impair users’ ability to make free choices.

Just last week, the EU confirmed its first preliminary findings of a breach of the DSA’s rules against deceptive design, when it announced that it suspects the blue check system on X (formerly Twitter) of being an illegal dark pattern.

This report was updated with comment from the Commission and the AGCM. We also corrected a copyediting error to the list of gatekeepers

lordstown motors endurance electric pickup truck in white

Lordstown Motors charged with misleading investors about the sales potential of its EV pickup

by with No Comment Tech

lordstown motors endurance electric pickup truck in white

Image Credits: Lordstown Motors

The Securities and Exchange Commission has charged bankrupt Lordstown Motors with misleading investors about the sales prospects of its Endurance electric pickup truck.

Lordstown has agreed to pay $25.5 million as a result — money that the SEC says will go toward settling a number of pending class action lawsuits against the company.

“We allege that, in a highly competitive race to deliver the first mass-produced electric pickup truck to the U.S. market, Lordstown oversold true demand for the Endurance,” Mark Cave, associate director of the SEC’s Division of Enforcement said in a statement. “Exaggerations that misrepresent a public company’s competitive advantages distort the capital markets and foil investors’ ability to make informed decisions about where to put their money.”

The SEC says its investigation into Lordstown Motors — which began in 2021 — is ongoing. Lordstown is still in the process of Chapter 11 bankruptcy. Steve Burns recently purchased the majority of the assets related to the Endurance and is using it to promote a new startup called LandX. He is not specifically charged in the SEC’s order.

“Although I have not been charged by the SEC, they have falsely characterized my actions in their settlement today with Lordstown Motors,” Burns said in a statement provided to TechCrunch. “I categorically reject the suggestion that my actions constituted wrongdoing. The facts and the truth are supposed to matter. This is not the way our system is supposed to work.”

According to the SEC, Lordstown and its founder Steve Burns not only misrepresented how many preorders it had for the Endurance, but also lied about having access to all the parts required to build the truck.

“These statements told investors that Lordstown would be first-to-market with a viable electric pickup truck targeted for the commercial fleet market, and Lordstown already had an established base of customer demand evidenced by tens of thousands of ‘pre-orders’ from commercial fleet customers,” the commission writes in the order announcing the charges. “Knowing that this first-mover advantage would be critical to the company’s success, Lordstown and Burns misrepresented the true nature of the pre-orders for the truck, whether Lordstown had access to the key parts it needed to make the truck, and when the company would be able to deliver the truck to customers.”

The SEC explains that Lordstown’s sales team started contacting potential fleet customers in early 2020 and asked them to sign nonbinding letters of intent to buy the Endurance. The company then turned around and represented those letters as preorders in public statements and regulatory filings.

Giving the impression of a large order book was crucial to making the startup appear legitimate, and at one point the SEC says Burns “directed Lordstown’s salesteam to obtain additional pre-orders from customers to increase the total amount because pre-orders were
‘[r]eally important to the investment community and to our prospect[ive] fleet customers.’”

But Lordstown’s sales team was “comprised mostly of individuals with no sales experience in the automotive industry, [and] were not given any instructions or guidance to determine whether a customer was a commercial fleet customer,” the SEC writes. By January 2021, Burns was touting 100,000 preorders for the Endurance, which he said was “unprecedented in automotive history.”

It all started crashing down three months later, when short-selling research firm Hindenburg Research published a report about Lordstown alleging that most of the preorders were fake. An internal probe conducted by Lordstown’s board of directors discovered that this was largely true, as one supposed large purchaser “did not appear to have the resources to complete large purchases of trucks,” according to the SEC’s account of the events. The internal probe also discovered many other customers had only provided “commitments that appeared too vague or infirm” to be included in the total count.

Ultimately, between 40% and 71% of the preorders were misleading. Burns’ comments that the preorders were “very serious” and “very sticky” were also misleading.

Lordstown had said when it went public in a 2020 merger with a special purpose acquisition company (SPAC) that it would have access to parts from GM, which sold a factory to the startup and provided it with financial backing. It was supposed to be another legitimizing aspect of Lordstown’s business. But it wasn’t really the case, according to the SEC.

Instead, “the parts were made by GM’s suppliers under GM’s authorization, which was a complex, time-consuming process with no certainty as to whether GM would ultimately authorize Lordstown to use the parts,” according to the order. Lordstown management knew this before completing the SPAC merger. One officer told Burns in October that it had authorization for just four of 90 parts it had requested and that the timing of the Endurance “is now in jeopardy” as a result.

In fact, GM told Lordstown and Burns in December of that year that Lordstown’s parts request could burden the auto giant’s own supply chain and told them to find a backup option. But Lordstown kept promoting in regulatory filings that it had access to the parts, and Burns said in a November CNBC interview that GM “has opened up their parts bin.”

“The parts bin is very very valuable to us,” he said.

The SEC says that not only was this misleading, but that Lordstown did have to source parts from other suppliers, adding an additional $150 million in cost to the Endurance program.

Through all of this, Lordstown and Burns kept promoting a ship date of September 2021, and it stuck to that date in order to promote the idea of being the first electric pickup truck to market — even though it knew internally it could not hit that date, according to the SEC.

This story has been updated to include a statement from Steve Burns.