With Google’s new privacy changes rolling out today, March 1, push pack from users, analysts, and now regulation authorities has been firm. On Tuesday, though, the resistance gained traction in Europe as well. Negative feedback in Europe came in the form of statements from the National Commission for Computing and Civil Liberties (CNIL), the French data protection authority. The agency issued a letter to Larry Page, Google’s co-founder and CEO, contending that the policy changes cloud the actual ways the company uses private user information. This data is of course what Google uses to sell targeted advertising, one of the primary revenue-generators for the company and areas of competition between them and Facebook.
Google made the announcement regarding the privacy changes in January positioning it as a way to both simplify and streamline privacy policies for all of their online features and applications delivered across the globe. CNIL conducted an initial investigation of Google policy changes at the request of the data protection authorities of the European Commission. In the letter, they stated, “Our preliminary investigation shows that it is extremely difficult to know exactly which data is combined between which services for which purposes, even for trained privacy professionals.” The agency continues on to offer their disapproval stating, “The CNIL and the EU data protection authorities are deeply concerned about the combination of personal data across services: they have strong doubts about the lawfulness and fairness of such processing, and about its compliance with European Data Protection legislation.”
These concerns of EU authorities will be addressed further in the coming weeks when they send a questionnaire to Google requiring greater detail in their policy. This feedback from the French regulator is not just bad press for Google, however, as they have the authority to go beyond warnings and levy fines against the company of up to €300,000 ($400,000) for breaking privacy laws in France. According to The New York Times, court orders can be sought to block the practices if they are judged to violate privacy laws, but would need to be done on a per-country basis. All this comes amid EU regulators working hard as it is to adapt their privacy policies to the current internet landscape and cloud computing capabilities while looking to streamline them across the EU, as current policies and their enforcement are largely on a per-country basis.
Google is undaunted and moving ahead with the release of their policies, but these developments out of France could jeopardize the company’s operations in the country and other EU states going forward. Future issues would most likely come in the form of fines, rather than blocks of the site and its applications, but one can never be sure as this is uncharted territory. If larger blocks do occur, there are clear search engine optimization issues that would need to be addressed by SEO companies looking to optimize businesses’ presence on Google SERPs and other applications.