France is sick and tired of Google collecting its citizens’ data, and it’s moving to punish the company.
Its data protection agency, known by the French acronym CNIL, has issued an ultimatum. Google has three months to abide by the country’s user protection laws—which are much stronger than the U.S.’s—or CNIL faces fines of €150,000 (roughly $198,000 US). If Google still doesn’t comply, France can ramp it up and charge its maximum fine, €300,000 ($396,000).
CNIL’s demands are mostly related to transparency, including ordering Google to be more open about how it processes its users’ data and how long it stores it.
This is not, as one might suspect, a response to recent revelations that of the U.S.’s PRISM program, which allows its intelligence agencies like the NSA to easily tap Internet companies like Google for non-Americans’ communications.
Instead, it’s the latest in the convoluted legal drama resulting from Europe’s varying data protection laws. CNIL, along with similar agencies from 26 other countries, made a similar demand of Google in October, without threatening immediate fines.
France is the first of those countries to take more drastic action, but it won’t be the only one. CNIL warned that Spain, the U.K., Germany, the Netherlands, and Italy all had similar investigations underway.
Google, which presumably could afford €150,000, has long held that it abides by those countries’ data protection laws. A spokesperson for the company told the Daily Dot via email that “Our privacy policy respects European law and allows us to create simpler, more effective services. We have engaged fully with the authorities involved throughout this process, and we’ll continue to do so going forward.”