France Moves to Impose Sanctions Against Google Over Privacy Policy


French officials today moved to impose sanctions against Google for failing to alter its privacy policy.


France's CNIL (Commission nationale de l'informatique et des libertés) said it will initiate 'a formal procedure for imposing sanctions, according to the provisions laid down in the French data protection law.'


The CNIL had given Google three months to make changes to its privacy policy. On the final day before the deadline, Google contested the request, 'notably the applicability of the French data protection law to the services used by residents in France,' CNIL said. As a result, the changes were not made, and CNIL made good on its sanction threat.


At issue is an update to Google's privacy policy that went into effect on March 1, 2012. The revamp consolidated 70 or so privacy policies across Google's products down to one. But with this change, Google also switched to one profile for users across all services rather than separate logins for offerings like YouTube, Search, and Blogger.


It's that account consolidation bit that had privacy advocates up in arms. In early Feb. 2012, the EU's Article 29 Working Party asked Google to 'pause' its privacy policy update, but Google declined. By October, CNIL issued several recommendations that covered how Google might improve its privacy policies, but Google did not make any changes.


In Feb. 2013, CNIL criticized Google for not responding to its privacy-related inquiries in a timely fashion. In April, it announced plans to crack down on Google, and by June, it threatened sanctions and imposed the three-month deadline.


Google did not immediately respond to a request for comment, but has consistently argued that it does not believe its revamped privacy policy runs afoul of any privacy rules.


The CNIL said its request wanted Google to:


Define specified and explicit purposes Inform users with regard to the purposes of the processing implemented Define retention periods for the personal data processed Not proceed, without legal basis, with the potentially unlimited combination of users' data Fairly collect and process passive users' data Inform users and then obtain their consent in particular before storing cookies in their terminal.

Comments

Popular posts from this blog

Eset nod32 ativirus 6 free usernames and passwords

5 Reasons iPhone 6 Won't Be Popular

Tips: Optimize your blog loading times