Dutch Authorities Find Google Violates Its Private Data Protection Act

Google’s decision to share user data across Google services, revealed in an update to its policy back in March 2012, isn’t strictly kosher with Dutch privacy law, the Dutch Data Protection Authority said Thursday. Google doesn’t “properly inform users which personal data the company collects and combines, and for what purposes,” according to a statement by the DPA issued via press release.

While the DPA says that Google is definitely in the wrong in this case, there aren’t any immediate measures being taken to punish Google or prescribe any corrective action. It does however state that Google’s current means for securing user permission to collect their data is insufficient. That means simply offering up a single general privacy policy and terms of service document isn’t enough, especially when combined with the fact that it is “almost impossible not to use Google services on the Internet,” according to the DPA.

Google is definitely in violation of the law according to the body, but Google itself denies the validity of that claim, according to an emailed statement received by Computerworld. Google also says it’s in constant communication with the Dutch DPA and will continue to work with the organization going forward to resolve the issue. The next step is a hearing at which Google will face the DPA’s decision about how to proceed in terms of corrective or disciplinary measures.

Google’s privacy policy switch definitely irked users, and clearly some government organizations have taken issue with it as well. There are more changes planned for implementation soon, like Google displaying Google+ images in ads unless users opt out. Hopefully this corrective action has some kind of effect on the Internet giant’s ability to unilaterally change the way it uses the user data it collects, but I’m not holding my breath.