The move is a shot across the bow for a range of companies, including Facebook, that rely on the European market of 500 million people for a hefty chunk of their business. It comes amid a new drive to make privacy protection in Europe — where people are generally more wary than Americans about surveillance by companies and governments — more coherent and efficient.
A request was sent Thursday by national data protection authorities to Google, asking that the search engine company suspend its plans to change its privacy policies on March 1 while they conduct an inquiry into the implications for citizens and users.
The authorities wrote to Larry Page, the chief executive of Google, to “call for a pause in the interests of ensuring that there can be no misunderstanding about Google’s commitments to information rights of their users and E.U. citizens.”
The European action follows the announcement by Google in late January that it would combine about 60 privacy policies for separate products to create a simple system for users that also satisfied the wishes of regulators.
The changes also would mean that Google could use information shared on one Google service in other Google services for people logged into a Google account. For example, Google could guide a user who had looked for recipes using the Google search engine to relevant cooking videos the next time that person signed in to YouTube, which is also owned by Google.
The company said Friday that it was prepared to answer any questions raised by the investigation but gave no indication that it would delay the changes. Instead, it suggested that any delay instituting the new policy would harm rather than help the 350 million users it had already notified about the changes.
The French data privacy regulator, known as CNIL, is conducting the investigation on behalf of 26 other E.U. governments. CNIL said Friday that there was no formal deadline for completing the inquiry.
The investigation is the clearest sign so far of a new drive to streamline privacy protection in Europe. That effort would require national authorities to delegate a single country, most likely where a company is based, to conduct privacy investigations.
Google has opened a large office in Paris, but the company said its European headquarters were in Dublin.
Mr. Le Grand, the French official, said his agency had the power to fine companies up to €100,000, or about $132,000, for a first offense and up to €300,000 for repeat offenses, amounts which add up to peanuts as far as Google is concerned.
But the fact that a member state is conducting the inquiry, rather than E.U. authorities in Brussels, illustrates how European laws remain a hodgepodge, particularly in the area of justice and home affairs.
The investigation into Google also seems to reflect a degree of coordination with like-minded counterparts in the U.S. Congress.
In recent years European authorities have also been disturbed by the way Google has treated privacy issues in Germany and in other countries related to its Street View mapping service and by the ramifications of Google’s project to digitize books.
In a three-page response posted on Friday afternoon on Google’s Web site, Peter Fleischer, the global privacy counsel for Google, wrote that there had been “misconceptions that have been spread about these changes by some of our competitors.”
Mr. Fleischer explained that the company had briefed data authorities across the European Union before the announcement and that at “no stage did any E.U. regulator suggest that any sort of pause would be appropriate.”
This is once again the result of Google being Google. For a more in-depth view of Google’s policies and how they directly affect YOUR privacy, I recommend “SEARCH & DESTROY, Why You Can’t Trust Google, Inc.” by Scott Cleland.
Thanks to David Jolly, JAMES KANTER, the New York Times and Doug Eisenburg, and
thanks for “listening”