One of the secrets to really effective spying is to collect all available information about your target, no matter how mundane or trivial. This approach has been used by government intelligence agencies since the beginning of spies. The CIA and NSA collect vast quantities of such information, and they have been doing this since their inception.
But now its Google thats playing the same role, not so that it can ferret out terrorists or destroy Iranian uranium centrifuges again, but so the company and its clients can sell you stuff. But the process is the same. If you gather enough information thats available to you through any means, you dont need to break into the secret stuff. You can figure it out just by analyzing whats out there in the wild.
This intelligence gathering, whether by a governmental intelligence agency or Google, is normally very labor-intensive. But these days computers are doing the heavy lifting. The bottom line is that Google probably knows more about you than you know about yourselfeven if you dont use any of Googles products.
Unlike the FCC, which is the U.S. agency that was asking Google about its information gathering practices, the CNIL has some actual teeth. Where the FCC had no means to compel answers from Google and no investigatory staff for follow up, the EU has both. In the EU, where the memories of secret police spying and obsessive dossier-keeping are still fresh, privacy rules have the force of law. If the EU regulators feel that Google is breaking the law in the EU, they can compel Google to change its ways with fines and possibly restrictions to its operations.
Its worth noting that the privacy rules in the EU are quite a bit different from those in the U.S. A private company simply cannot share personal information with anyone. They cannot collect information without specific permission, and personal information cannot be held or transmitted beyond the borders of the EU.