The French data protection authority CNIL, tasked by EU privacy watchdogs to investigate Google’s new privacy policy has found that the policy does not seem to be in compliance with EU data protection legislation.
As previously reported, the Article 29 Data Protection Working Party, a group of 27 national data protection and privacy authorities that advises the European Commission on privacy issues, wrote to Google Inc. to ask for a pause in the implementation of Google’s new privacy policy while the group checked for possible consequences for Google’s users in the European Union.
The request came after Google announced that it will be replacing its privacy policy with a new one that is to come into effect on Thursday, 1 March 2012.
The new policy will be applicable across all Google services that harvest user data and will be, claims Google, implemented in order to create a unified, simpler and more understandable privacy policy across all services.
The new policy will not change existing privacy settings and will not collect any new or additional data, argued Google, denying the EU request for a delay in its implementation.
EU privacy watchdogs, headed by the French CNIL, have on Monday, 27 February once again written to Google, calling for a pause in the implementation of the new policy while the EU investigation takes place, indicating that their preliminary analysis shows the new privacy policy does not meet the requirements of the European Directive on Data protection.
“The CNIL and EU data protection authorities are deeply concerned about the combination of personal data across services”write the privacy watchdogs,”they have strong doubts about the lawfulness and fairness of such processing, and about its compliance with European data protection legislation.”
