Commentary

Google's Privacy Policy Illegal, Dutch Officials Say

Google's current privacy policy, which allows the company to mesh together data collected from  different platforms -- including Gmail, Android and YouTube -- violates Dutch law, officials said today.

“The combining of personal data by Google since the introduction of its new privacy policy ... is in breach of the Dutch data protection act,” Dutch privacy regulators stated. “Google combines the personal data from internet users that are collected by all kinds of different Google services, without adequately informing the users in advance and without asking for their consent.”

Jacob Kohnstamm, chairman of the Dutch data protection authority, added in a statement: "Google spins an invisible web of our personal data, without our consent. And that is forbidden by law.”

The Dutch authorities say they will decide whether to “take enforcement measures” after conducting a hearing.

The decision marks the latest in a series of EU moves against Google. Earlier this year, the French agency CNIL criticized Google for failing to adequately respond to complaints about its new policy. Soon after that move, the U.K. Information Commissioner's Office told the search company that its 2012 privacy policy doesn't give consumers enough information about how Google will draw on data about users.

European officials are responding to Google's well-publicized March 2012 changes to its privacy policy. The new version allows the company to combine information that was collected across different services. Signed-in users can't opt out of the aggregation. But people can get around Google's data compilation by accessing sites without signing in, or use different browsers for different services.

For its part, Google has always said that it wants to use the data in order to target people more precisely. The company also points out that it isn't collecting any more data than in the past, only using it in new ways.

Next story loading loading..