France, the United Kingdom, Germany, Italy, Spain and the Netherlands have launched investigations into Google’s privacy practices after the company elected not to make changes following requests from these countries. Google faces possible fines and other action, depending on how these governments view Google’s policies and how they comply with the countries’ laws.
French privacy watchdog CNIL has been very vocal about Google’s policies since they went into effect last year. If you’ll recall, Google essentially consolidated the privacy policies of its various products into one central policy, which better allows it to share data from one of its products to the next, effectively turning Google into one main product, as opposed to a bunch of separate ones. Google’s policy does this without changing anything about how it shares data with third parties.
CNIL says in a statement:
After this period has expired, Google has not implemented any significant compliance measures.
On 19 March 2013, representatives of Google Inc. were invited at their request to meet with the taskforce led by the CNIL and composed of data protection authorities of France, Germany, Italy, the Netherlands, Spain, and the United-Kingdom. Following this meeting, no change has been seen.
The article 29 working party’s analysis is finalized. It is now up to each national data protection authority to carry out further investigations according to the provisions of its national law transposing European legislation.
CNIL goes on to say that all the authorities composing the task force have launched actions.
Meanwhile, Alma Whitten, Google’s first privacy director, is stepping down after three years in this position.