EU Hardens Stance on Google's Unified Privacy Policy

Another Slap On The Wrist From EU Privacy Leaders For Google

By Published on .

Google again has received a wrist slap from European Union privacy leaders, though whether the latest moves are a real threat to the company remains to be seen. At issue is a sweeping change Google made to its product privacy policies in March 2012, collapsing sixty of those policies into one.

A task force under the Article 29 Working Party, a body which encompasses a data protection authority from each EU member state, has "launched actions" targeting Google for failing to make changes requested by the party in October.

The push by the EU group is overseen by Commission Nationale de l'Informatique et des Libertes, a French privacy group. The CNIL today lamented Google's inaction on changes to its unified privacy policy.

On 19 March 2013, representatives of Google Inc. were invited at their request to meet with the taskforce led by the CNIL and composed of data protection authorities of France, Germany, Italy, the Netherlands, Spain, and the United-Kingdom. Following this meeting, no change has been seen.

The article 29 working party's analysis is finalized. It is now up to each national data protection authority to carry out further investigations according to the provisions of its national law transposing European legislation.

Now those six countries have launched actions such as investigations and inspections, depending on each country's individual laws. A CNIL press release about the actions refers to them as "coordinated and simultaneous enforcement actions," though it is unclear what enforcement might entail.

The group wants Google to offer clearer and more comprehensive information of the data it collects on users, and asked Google to give people more control over when data is combined, and allow them to opt-out from the data merging process. The group said Google has not fulfilled any of those demands, and does not reveal retention periods for personal data it gathers.

"Our privacy policy respects European law and allows us to create simpler, more effective services," noted a Google spokesperson in an e-mailed statement. Regarding the Data Protection Authorities, the statement continued, "We have engaged fully with the DPAs involved throughout this process, and we'll continue to do so going forward."

Most Popular