EU Versus Google: A Test Case For The Viability Of A Global Data Protection Policy?

Author:Ms Susan Foster
Profession:Mintz, Levin, Cohn, Ferris, Glovsky and Popeo, P.C.

(LONDON) The EU has escalated its existing investigation of Google's global privacy policy, a policy covering all of Google's services that was introduced by Google last year.  Up until April 3, the French data protection authority, CNIL, had effectively been tasked with engaging with Google in an investigation as to whether Google's global privacy policy complies with European data protection laws.  Dissatisfied with Google's response to date, five other data protection authorities from some of the largest EU countries (the United Kingdom, Germany, Spain, Italy and the Netherlands) are now joining France in a coordinated investigation. (The investigation has of course been covered by multiple news sources.  See, for example The Wall Street Journal article here for more information  — and some pithy reader comments.) The immediate consequences for Google in terms of potential financial penalties are negligible for a company of its size.  Each of the national authorities can levy fines, but they are capped under current law.  For example, the maximum fine in the UK is only £500,000.  Things would be quite different under the proposed Data Protection Regulation, where EU-wide fines could be as high as two percent of worldwide turnover.  See our earlier articles on the draft Regulation here and here. But...

To continue reading