Google called before European privacy authorities

In October 2012, the Article 29 Working Party highlighted their concerns about Google’s new consolidated privacy policy.  This converted a series of 60 legacy privacy policies into a single document.  The EU was led by the CNIL (the French data protection authority).  This week, the Article 29 Working Party has announced that they will call Google to appear before it.  The search engine has said that their privacy policy is compliant and allows simpler and more effective services.  Clearly, the data protection authorities are keen to pursue this issue and say they plan “significant progress” before the summer.  Expect to hear more about this soon.  And by the way, it is not clear that the Article 29 Working Party has any power to require a data controller to appear before it.  One presumes that any legal powers will be those exercisable by the CNIL in the fragmented world of DP regulation.

The other interesting aspect of this story is that it reflects a greater desire for the European data protection authorities to coordinate their activities.  Under the draft Data Protection Regulation there will be a new “consistency” mechanism under which decisions taken by individual regulators which could have a pan-European impact will be subject to consultation and review by a European Data Protection Board (EDPB).  The EDPB will, effectively, be a replacement for the Article 29 Working Party.  In addition, the new Regulation will introduce supra-national regulation.  So a controller or processor will be regulated by the data protection authority of the Member State in which that controller or processor has its “main establishment”.  Sound familiar?  The European data protection authorities currently seem to be on a “test drive” of the new “consistency” mechanism well in advance of implementation of the new Regulation.  2013 will show us how effectively the authorities can work together.

Subscribe and stay updated
Receive our latest blog posts by email.
Nick Graham

About Nick Graham

Nick Graham is the Global Co-Chair of Dentons' Privacy and Cybersecurity Group. He specialises in data privacy, cybersecurity, information governance. Nick advises across all sectors including retail, telecoms, energy, manufacturing, banking, insurance, transport, technology and digital media.

Full bio