Google Could Face $1 Billion Fine Under New EU Privacy Rules: Report

Google reportedly could potentially be fined $1 billion for shortcomings in its data privacy policies under new laws being finalized in the European Union.

The new rules will allow European nations, which have stricter data privacy rules than in the United States, to force companies like Google to adhere to those tougher rules or face fines, according to a Feb. 19 report from Reuters. Under the new European laws, one government entity in the EU could represent all the EU nations in a claim against Google or another company that doesn’t comply with European data privacy laws, the story stated.

“The one-stop-shop regulator could threaten a company which does not obey the rules with a fine of up to 2 percent of global turnover,” Viviane Reding, the European Union’s commissioner for justice, told Reuters. The Google case from the EU is an example of a situation where the full 2 percent fine would be pursued, Reding said.

In Google’s case, with some $50 billion in annual revenue in 2012, that could mean a $1 billion fine for the company if it is punished by the EU. Fines for data privacy infractions today are far lower in individual European nations, with penalties ranging from $401,619 to $803,228, based on the case, the report stated.

“Reding said that the ongoing dispute between EU data protection regulators and search engine Google showed the weaknesses of the current system, which relies on each country identifying and punishing privacy breaches,” Reuters reported.

A Google spokesman who asked to remain anonymous said the company continues to cooperate with European authorities to resolve the matter. “Our privacy policy respects European law and allows us to create simpler, more effective services,” the spokesman said. “We have engaged fully with the CNIL [the French Commission Nationale de l’Informatique et des Libertes] throughout this process, and we’ll continue to do so going forward.”

One of the key issues that is arising in Europe surrounds Google’s handling of personal user data. Google “has been combining data from across its sites so it can improve the way it tailors its advertising to individuals,” according to a Feb. 19 story by The Daily Mail. That sharing of data is one of the main reasons for the controversy abroad.

Google’s privacy policies have been particularly criticized in Europe. In October 2012, the EU issued a report saying that Google wasn’t being clear enough about how it uses consumer data that it collects.

Privacy issues surrounding Google and its use of consumer data have been on the minds of regulators in Europe and the United States for some time.

In January 2012, Google announced major changes to its data privacy policies, which folded 60 of its 70 previously separate product privacy policies under one blanket policy and broke down the identity barriers between some of its services to accommodate its then-new Google+ social network, according to an earlier eWEEK report. Google’s streamlining came as regulators continued to criticize Google, Facebook and other Web service providers for offering long-winded and legally gnarled privacy protocols. The Google privacy policy changes went into effect March 1, 2012.

The biggest change that was enacted concerned Google’s user accounts. When users are signed in, Google may combine identity information users provided from one service with information from other services. The goal is to treat each user as one individual across all Google products, such as Gmail, Google Docs, YouTube and other Web services.

Google claims this will lead to a simpler user experience, but it will also make it impossible for users to opt out of having their identities applied to dozens of Websites they might not have agreed to use.

In May 2012, French regulators accused Google of not being cooperative with investigators looking into privacy issues concerning the company and its practices there. A French regulatory agency said it had sent Google a questionnaire about the new privacy policy in March 2012, and that Google’s answers, which were received last April, were “often incomplete or approximate.” A follow-up survey also left questions remaining.