Google appears to be skating on thin ice once again with EU regulators, after it apparently failed to act on a draft privacy specification presented at an early July meeting between the search engine giant and no less than five European data protection authorities
According to a published letter from Isabelle Falque-Pierrotin, the chair of the EU's Article 29 data protection working party, at the 2 July meeting, Google was presented with a draft specification on data privacy.
In this week's letter, however, Falque-Pierrotin says that Google must meet its obligations with respect to the European and national data protection legal frameworks and now has to determine the means to achieve these legal requirements.
"In order to guide Google in this compliance effort, the Article 29 Working Party [an EU umbrella data privacy organisation] has developed guidelines containing a common list of measures that your company could implement. A draft version was presented to representatives of Google on 2 July 2014, at a meeting in Paris in the presence of five European Data protection authorities," said the 23 September letter.
According to the Reuters newswire, data regulators in six European countries - Italy, France, Spain, Germany, Britain and the Netherlands - have already opened investigations into Google after it consolidated its 60 privacy policies into one and started combining data collected on individual users across its services, including YouTube, Gmail and Google Maps.
The problem with this new policy, says the newswire, is that it gives users no means to opt out of the programme.
The opt-out issue was also picked up by Nigel Stanley, practice director for cyber security, risk and compliance with OpenSky, who told SCMagazineUK.com that there really needs to be this facility for those Internet users that are concerned about their own data being collated by Google.