The national committee on information and liberty (CNIL), France have asked Google to pay a fine of 150,000 euros (approximately equal to $200,000).
CNIL have asked Google to put up a warning message on its French Domain which must read, that the company’s unified privacy policy from March 1, 2012 does not comply with French law.
The decision was made after the French privacy regulatory group CNIL found Google violating several provisions of French Data protection Act.
The provisions which Google was found violating, are listed below:
- The company does not sufficiently inform its users of the conditions in which their personal data are processed, nor of the purposes of this processing. They may therefore neither understand the purposes for which their data are collected, which are not specific as the law requires, nor the ambit of the data collected through the different services concerned. Consequently, they are not able to exercise their rights, in particular their right of access, objection or deletion.
- The company does not comply with its obligation to obtain user consent prior to the storage of cookies on their terminals.
- It fails to define retention periods applicable to the data which it processes.
- Finally, it permits itself to combine all the data it collects about its users across all of its services without any legal basis.
“We’ve engaged fully with the CNIL throughout this process to explain our privacy policy and how it allows us to create simpler, more effective services. We’ll be reading their report closely to determine next steps,” A Google spokesperson said on CNIL’s demand.
