Google Faces $400K Fine in France Over Privacy Policy

Google FranceGoogle has not responded in a timely manner to the French data protection authority's demand that it make changes, and will now face sanctions in the form of a fine of more than $400,000.

The French watchdog CNIL has been chasing Google and has announced the passing of a three month deadline for Google to comply. The fact that Google chose to delay shouldn't have come as much of a surprise.

Google has already resisted one deadline from the CNIL for four months, leading CNIL to ask Google again to be more specific on the way that it uses data.

Three months ago Google said it was happy to play this one by ear.

"Our privacy policy respects European law and allows us to create simpler, more effective services," said a Google spokesperson. "We have engaged fully with the authorities involved throughout this process, and we'll continue to do so going forward."

One thing in Google's favor is that the CNIL request isn't binding. Rather, the French regulator hopes that the web giant will capitulate and meet to hear about how bad it is.

"This formal notice doesn't aim to substitute for Google to define the concrete measures to be implemented, but rather to make it reach compliance with the legal principles, without hindering either its business model or its innovation ability," CNIL explained in June. "If Google Inc. does not comply with this formal notice at the end of the given time limit, CNIL's Select Committee (formation restreinte), in charge of sanctioning breaches to the French Data Protection Act, may issue a sanction against the company."

The CNIL said that it has no alternative but to start a sanctioning process.

"The Chair of the CNIL will now designate a rapporteur for the purpose of initiating a formal procedure for imposing sanctions, according to the provisions laid down in the French data protection law," it said.

In reaction to this news, Google repeated its earlier statement, however it added a clearer nod toward the French data protection authority.

"Our privacy policy respects European law and allows us to create simpler, more effective services," it said. "We have engaged fully with the CNIL throughout this process, and we'll continue to do so going forward."

This article was originally published on the Inquirer.