Google ordered to comply with data protection laws

June 24, 2013

Enforcement action has been launched against Google in Europe, as the company has failed to comply with requests to improve its data protection policies.

An investigation was carried out between February and October last year to find out whether Google's privacy policy met the requirements set out in European data protection legislation.

However, the National Commission on Informatics and Liberties (CNIL) – which regulates data protection in France – observed that the technology giant had not put any "significant compliance measures" into force.

An investigation spearheaded by CNIL found that Google was in breach of the French 1978 Data Protection Act, which was put into place to inform people how their personal data is being used.

Google has now been given three months to set out any processes it has put in place to help consumers understand the processing of their personal data.

Furthermore, it is encouraged to make sure that any personal data is not held for a disproportionate amount of time, as well as making sure consent is sought before gathering cookies.

CNIL has warned that if Google does not comply with this formal notice within the three-month period, its select committee that is tasked with sanctioning breaches to the Data Protection Act may present a sanction against the company.

Investigations are likewise being carried out in a number of countries throughout Europe, including the UK, where the Information Commissioner's Office is deciding whether or not Google's privacy policy is compliant with the UK Data Protection Act 1998.

Meanwhile, the Italian Data Protection Authority is waiting for extra information to be supplied by Google after a formal inquiry was launched at the end of May. It is also deciding whether sanctions will be necessary.

A security audit is also being carried out in Germany, Spain and the Netherlands.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *