France’s data protection watchdog said Friday it would take action against US giant Google for failing to comply with national privacy guidelines.
The issue of data protection has gathered steam worldwide following revelations by Edward Snowden, a former contractor with the National Security Agency, that the US had a vast, secret programme called PRISM to monitor Internet users.
France’s CNIL said Google had failed to comply with data protection guidelines within a three-month deadline and said it would begin a formal sanction procedure, under which the US giant could be fined up to 150,000 euros ($205,000).
CNIL had asked Google to inform web users in France on how it processes their personal data and to define exactly how long they can store the information.
It had also requested that the US giant obtain users’ permission before storing cookies on their computers, referring to files that track netizens and allow companies to target them with tailored commercials.
“On the last day of this (three-month) period, Google responded to the CNIL. Google contests the reasoning of the CNIL and has not complied with the requests laid down in the enforcement notice,” the watchdog said in a statement.
“In this context, the Chair of the CNIL will now designate a rapporteur for the purpose of initiating a formal procedure for imposing sanctions.”
In its response, Google made no mention of any challenge to CNIL’s reasoning and maintained it respects European law.
The changes make it easier for Google to collect and process data that could be used by advertisers to target individuals with offers tailored to their specific interest, thereby increasing the company’s revenue potential.
Google has defended the changes it made last year on the ground that they simplify and standardise its approach across its various services.
But critics argue that the policy, which offers no ability to opt out aside from refraining from signing into Google services, gives the operator of the world’s largest search engine unprecedented ability to monitor its users.
While always on the agenda, the issue of data protection took on an extra dimension when Snowden’s revelations were published in June.
Under PRISM, the National Security Agency can issue directives to Internet firms demanding access to emails, online chats, pictures, files, videos and more.
Since then, keen to dispel any suspicion over their role in the programme, Yahoo, Google, Facebook and others have pushed for permission to disclose more details to users about demands for data made on them in the name of fighting terrorism or other threats.