Google Faces Fine for Not Complying With French Privacy Demands

Google Inc. faces a fine for failing to make changes to its privacy policies sought by French regulators.

Google informed France’s data-privacy regulator that it contested findings that its policies weren’t in compliance with national rules, the National Commission for Computing and Civil Liberties, the country’s data protection watchdog known as CNIL, said today on its Website. In June, the regulator gave Google a three-month deadline to comply with the requested modifications.

Google faces probes across Europe over changes to harmonize privacy policies for more than 60 products last year. Global data-protection regulators in June wrote to the Mountain View, California-based company urging Chief Executive Officer Larry Page to contact them about possible issues with its web-enabled eyeglasses, called Google Glass.

The data regulator will now appoint someone to start a formal sanctions procedure, CNIL said.

“Our privacy policy respects European law and allows us to create simpler, more effective services,” Al Verney, a Brussels-based spokesman for Google, said by phone. “We’ve engaged fully with CNIL throughout this process and will continue to do so going forward.”

CNIL can levy a maximum fine of 150,000 euros ($203,000), and 300,000 euros in case of a repeated offense, Isabelle Falque-Pierrotin, chairwoman of the French authority, said in June. Other regulators may impose sanctions of up to 1 million euros, potentially exposing Google to “several million euros” of fines on top of damaging its image, she said.

Personal Data

The French data protection watchdog had ordered the company to spell out for users why it collects information “to understand practically the processing of their personal data,” better inform users of its privacy policy, and “define retention periods of personal data processed that do not exceed the period necessary for the purposes for which they are collected.”

Six European privacy regulators started “coordinated” enforcement actions in April over the company’s failure to address complaints about its new privacy policy. A spokesman for the U.K. Information Commissioner’s Office said it is still reviewing Google’s response.

Data protection regulators from the 28-nation EU, that make up the so-called Article 29 Data Protection Working Party, wrote to Google Chief Executive Officer Larry Page last October, saying the company “empowers itself to collect vast amounts of personal data about Internet users” without demonstrating that this “collection was proportionate,” and asking the company to bring its policy in line with EU rules.

Before it's here, it's on the Bloomberg Terminal.