The search giant sparked controversy in January after it said it was to change its privacy policies, by consolidating its services' policies into one single policy across all of its sites, including Google+, Gmail and YouTube.
ZDNet's Larry Dignan explained this by highlighting the good, the bad and the scary. He added: "I’m all for breaking down data silos, but when Google knows more about me than my wife I get a bit worried."
The regulators --- the Article 29 Working Party --- is made up of data protection representatives from each 27 member state, and is responsible for advising member states on data protection matters, and making recommendations to maintain the law.
The letter, addressed to Google chief executive Larry Page, reads [PDF]:
We wish to check the possible consequences for the protection of the personal data of these citizens in a coordinated procedure. We have therefore asked the French data protection authority, the CNIL, to take the lead. The CNIL has kindly accepted this task and will be your point of contact for the data protection authorities in the EU.
In light of the above, we call for a pause in the interests of ensuring that there can be no misunderstanding about Google's commitments to information rights of their users and EU citizens, until we have completed our analysis.
According to Reuters, Google finds the raising of concerns as a "surprise".
"We briefed most of the members of the working party in the weeks leading up to our announcement," said Al Verney, Google's spokesperson in Brussels.
This comes only less than a fortnight since Reding announced the proposed draft of the new Data Protection Regulation, which would be a "one-size-fits-all" law for all member states. The new Regulation includes measures to force Internet giants like Facebook and Google into acquiring explicit consent when handing over data to third-parties, while leaving out key provisions to protect European citizens from third-country law, like the United States'.
Web users will also have the "right to be forgotten". Internet companies and European data protection agencies have expressed their scepticism over the proposed measures.
The European Parliament must agree to the terms before the Regulation can be ratified into the law of member states.
Image source: Spencer E. Holtaway/Flickr.
- Confessions of a Google junkie (or, Privacy? What privacy?)
- Identity Matters: EPIC files FOI request over first Google Privacy Report to FTC
- CNET: Google wants ability to ‘combine’ your user data