It all began in March 2012, when Google consolidated all its privacy policies into one uniform policy applicable across all Google services harvesting user data, including YouTube, Gmail, Google maps and Google+. Users cannot opt out of the policy.
EU-wide infringement procedures against Google
The data protection authorities from Germany, Italy, the Netherlands, Spain and the United Kingdom have also launched enforcement actions against Google.
Specifically, Google must within three months:
Define specified and explicit purposes to allow users to understand practically the processing of their personal data;
Inform users by application of the provisions of Article 32 of the French Data Protection Act, in particular with regard to the purposes pursued by the controller of the processing implemented;
Define retention periods for the personal data processed that do not exceed the period necessary for the purposes for which they are collected;
Not proceed, without legal basis, with the potentially unlimited combination of users’ data;
Fairly collect and process passive users’ data, in particular with regard to data collected using the “Doubleclick” and “Analytics” cookies, “+1” buttons or any other Google service available on the visited page;
Inform users and then obtain their consent in particular before storing cookies in their terminal.
Read this article in Slovene