Google Faces Potential $19M Privacy Fine In The Netherlands


Google continues to face potential fines for failing to change its privacy policy in Europe. Since the company introduced its “simplified privacy policy” in 2012 it has faced Europe-wide criticism and the threat of fines for violating local data protection laws.

Multiple government data protection authorities across Europe are cooperating in an effort to compel Google to make changes in its privacy policy. The company has historically maintained that it complies with applicable European privacy rules.

In a new case coming out of The Netherlands, Google is facing a potential fine of up to $19 million for violating data protection laws there. Dutch regulators have given Google until February 2015 to make changes or face the fine.

Google has been fined or ordered to make similar privacy changes (and more complete disclosures to users) in France, Germany and elsewhere across Europe.

In 2012 Google consolidated its many disparate privacy policies into one. However that equally allowed the company to generate a 360-degree view of its users for personalization and ad-targeting purposes.

European governments have repeatedly objected to that idea, arguing that Google’s privacy policy is too vague, gives the company too much discretion over user data and fails to clearly disclose data-usage intentions or obtain necessary consent from users.

In issuing a similar privacy fine earlier this year, the French identified what was allegedly wrong with Google’s privacy policy:

  • The company does not sufficiently inform its users of the conditions in which their personal data are processed, nor of the purposes of this processing. They may therefore neither understand the purposes for which their data are collected, which are not specific as the law requires, nor the ambit of the data collected through the different services concerned. Consequently, they are not able to exercise their rights, in particular their right of access, objection or deletion.
  • The company does not comply with its obligation to obtain user consent prior to the storage of cookies on their terminals.
  • It fails to define retention periods applicable to the data which it processes.
  • Finally, it permits itself to combine all the data it collects about its users across all of its services without any legal basis.

Since that time Google says it has proposed a number of changes to its privacy policy in an effort to address regulators’ concerns. However those proposals didn’t satisfy the Dutch.

The post Google Faces Potential $19M Privacy Fine In The Netherlands appeared first on Search Engine Land.