The French data protection agency Commission nationale de l'nformatique et des libertes (CNIL) [official website] said Monday that EU data protection agencies intend to take action [press release] against Google [corporate website; JURIST news archive] and investigate the Internet company's failure to comply with EU privacy laws. In October, after several months of investigating, 27 EU states warned [JURIST report] Google that its confidentiality rules do not comply with EU law and gave the company four months to implement recommendations from the EU data protection agencies. The recommendations included improving data subjects' information, clarifying the combination of data across Google's services, and providing precise retention periods for the personal data it processes. CNIL also noted that Google has failed to provide any precise and effective answers within the four-month deadline. Committed to act and continue their investigations, EU data protection authorities designed an action plan, led by CNIL, to coordinate their repressive action during a meeting in Paris last month. It will be submitted to the Article 29 Working Party [materials] for approval during the next plenary meeting on February 26.
Google has faced many legal challenges regarding the privacy of internet users. In December an Italian court overturned a conviction of Google executives [JURIST report] for privacy violations from allowing a bullying video to be posted on its site. In November the company was fined $22.5 million [JURIST report] for alleged privacy misrepresentations concerning Apple's Safari Internet browser. In February 2012 a federal judge dismissed [JURIST report] a suit filed by the Electronic Privacy Information Center (EPIC) [advocacy website], a consumer privacy group, that asked the Federal Trade Commission (FTC) [official website] to block Google's proposed privacy changes [text] that would allow a user's information to be shared among several Google products, including YouTube, Gmail and Google Maps.