Google (News - Alert) is once again in trouble with European regulators about its privacy policy.
Despite several warnings, Google has failed to implement “any significant compliance measures” in its new privacy policy, according to the European authorities.
The result will be six individual investigations among the nations comprising the body that developed the policy directive – known as the Article 29 Group.
The European Data Protection Directive also said it sought many improvements in the company’s privacy policy – some four months ago.
The CNIL (France's Commission Nationale de l’Informatique et des Libertés) performed an initial inquiry on behalf of data protection authorities from France, Germany, Italy, The Netherlands, Spain and the United Kingdom. Officials also met with Google officials last month, and the CNIL concludes “no change has been seen,” according to an agency statement.
Each of the six national data protection authorities will now investigate Google and its privacy policy under relevant national laws.
Google revised its privacy policy in 2012 by the consolidation of 60 policies into one document, which apparently violates U.K. data protection law, U.K. regulators told The Register.
“It is now up to each national data protection authority to carry out further investigations according to the provisions of its national law transposing European legislation,” according to a statement released to the media.
European regulators had said they wanted to see "specific information" in the Google policy so it’s “clearer” about individual products and services. The CNIL has alleged Google's new privacy policy has “incomplete information and uncontrolled combination of data across services,” TechZone360 reported. The regulators also want to see “improved control over the combination of data across its numerous services.”
Google also needs to change the tools used to collect data “to avoid an excessive collection” of data. There is also concern about “the scope of the collection and the potential uses of the personal data,” CNIL said. The data can be used for different uses, such as academic research, advertising, product development and security.
Last year, CNIL warned Google that it could face legal action if it did not make the needed changes.
Meanwhile, 37 state attorneys general in the United States said in February they were “troubled” by what happens to personal information under the policy, according to a letter to Google from the National Association of Attorneys General.
“Google’s new privacy policy is troubling for a number of reasons,” the NAAG letter stated. “On a fundamental level, the policy appears to invade consumer privacy by automatically sharing personal information consumers input into one Google product with all Google products. Consumers have diverse interests and concerns, and may want the information in their Web History to be kept separate from the information they exchange via Gmail. Likewise, consumers may be comfortable with Google knowing their Search queries but not with it knowing their whereabouts, yet the new privacy policy appears to give them no choice in the matter, further invading their privacy.”
In the past, Google claimed it is not violating the law, and says it is keeping customers informed of policy changes, according to The Register.
In January, the U.S. Federal Trade Commission (FTC (News - Alert)) reached a settlement agreement with Google which called for Google to make voluntary changes to its search practices in response to questions about antitrust laws.
There were allegations Google was unfairly highlighting Google-owned services at the top of its search results.