latest updates from easySERVICE™
The CNIL, known within privacy and data protection circles as an aggressive and determined agency, also published a dozen “recommendations.” Members of the Article 29 Working Party, a group of data protection officials from each member states, said the 27 European authorities have “unanimously adopted the findings of the audit.”
Included in the recommendations, the CNIL suggested Google should strengthen the consent sought for combining data for the purposes of service improvement and advertising; provide a centralized opt-out solution; and adapt the combination rules to distinguish between security and advertising.
Google was also warned for not clarifying how long it stores user data for, otherwise known as data retention.
In a press release issued Thursday, the Commission Nationale de l’Informatique et des Libertes (CNIL) said that following a year-long investigation, Google’s data collection policies are in breach of French data protection and privacy laws.
Should the search giant fail to comply after the imposed three-month deadline, Google will face a fine of up to €150,000 ($198,000) and a second fine of up to €300,000 ($397,000) if the company fails to act.
But other data protection regulators around Europe, including the U.K. (which can serve a maximum £500,000 ($758,000) fine against a company), the Netherlands, Germany, Italy, and Spain are mulling over similar actions, the CNIL said.
Financial reprimands may not be enough for Google to change its mind. The two fines combined remains small change to Google. France’s two fines alone would take the company less than 15 minutes to regenerate in revenue.
Share your thoughts in the comments below and don’t forget to like this post.
Source: Associated Press