Bloomberg Anywhere Remote Login Bloomberg Terminal Demo Request


Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world.


Financial Products

Enterprise Products


Customer Support

  • Americas

    +1 212 318 2000

  • Europe, Middle East, & Africa

    +44 20 7330 7500

  • Asia Pacific

    +65 6212 1000


Industry Products

Media Services

Follow Us

Bloomberg Customers

Google Probe by French Privacy Agency May Prompt More Inquiries

Google Inc. could face a fresh round of criticism from European watchdogs after a French regulator reports on whether changes to its privacy policy violate data-protection rules.

France’s National Commission for Computing and Civil Liberties, or CNIL, will announce its conclusions tomorrow. Given the European Union’s patchwork approach to data protection, regulators may then decide to pursue their own cases against the company.

As a result, the matter may not end with France for Google, said Nick Graham, a data protection lawyer at SNR Denton in London. “While CNIL’s views will be persuasive, other data-protection regulators in other EU countries could take a different line and levy their own sanctions.”

Google, operator of the world’s largest search engine, is facing privacy investigations by authorities around the world as it debuts new services and steps up competition with Facebook Inc. for users and advertisers. Google changed its system this year to create a uniform set of policies for more than 60 products, unleashing criticism from regulators and consumer advocates concerned it isn’t protecting data it collects.

“Our new privacy policy is an important part of our layered approach to providing users with clear and comprehensive information about how we use data,” Al Verney, Mountain View, California-based Google’s spokesman in Brussels, said in an Oct. 11 e-mail. “We are confident that our privacy notices respect the requirements of European data protection laws.”

CNIL Audit

After Google announced its plans in January, European privacy regulators asked their French counterpart to look into whether the resulting controls meet the bloc’s standards on their behalf as they weren’t given time to vet it, CNIL said.

The report “has been approved and shared with all European authorities,” CNIL said Oct. 11. The audit’s goal “was to clarify the implications of these new rules for Google users.”

The two have had several public exchanges since the inquiry began. Google twice rebuffed CNIL requests to wait to implement the changes until it could assess whether they comply with European standards. CNIL also submitted two rounds of questions to Google, once seeking details on the new policy and how it affected users, and a second time asking to clarify or expand on the earlier responses.

In a February letter, CNIL said its preliminary analysis showed the policy may not meet EU requirements and criticized Google for not alerting all European privacy authorities about its plans earlier. Some “only heard about the changes a few days before the announcement,” Isabelle Falque-Pierrotin, CNIL’s chairwoman said in the letter.

Dangerous Precedent

“For a company to willfully ignore the collective concern of regulators worldwide sets a very dangerous precedent,” said Nick Pickles, director of U.K. privacy advocate Big Brother Watch. Google “has appeared far from frank and there’s a great deal of uncertainty about the willingness of the company to engage with these issues and ensure consumers do have a clear understanding of what happens to their data.”

Google didn’t change existing privacy settings or collect additional data on users, the company’s global privacy counsel, Peter Fleischer, told European privacy watchdogs at the Article 29 Data Protection Working Party in a letter on Google’s blog.

“We briefed most of the members of the working party in the weeks leading up to our announcement,” Fleischer wrote in a Feb. 3 entry. “None of them expressed substantial concerns.”

Europe’s privacy watchdogs differ in their investigative and enforcement powers. EU Justice Commissioner Viviane Reding proposed changing the bloc’s 17-year-old data-protection rules and how they’re administered to toughen protections and make things simpler for companies, putting them under one regulator rather than potentially facing multiple inquiries on the same subject, as Google faced on its Street View mapping service.

In the meantime, agencies are striving to coordinate actions to speak with one voice and minimize redundant efforts. CNIL’s work conducting one investigation into a Europe-wide question on Google is one of the first examples of this.

Please upgrade your Browser

Your browser is out-of-date. Please download one of these excellent browsers:

Chrome, Firefox, Safari, Opera or Internet Explorer.