ICO Sets Deadline for Google over Data Protection Compliance
Google however, failed to alter the policy. Consequently, individual DPA watchdog authorities across Europe convened to form a taskforce, agreeing to potentially place separate levies on Google for the breaches resulting from the policy. This recent statement by the ICO is the result of that coalition. In addition to the ICO’s action, the Spanish DPA (AEPD), and the CNIL have also set deadlines. Italy and the Netherlands are also currently in the process of issuing its own warnings against Google.
Google has repeatedly argued that their policy is compliant and does not require alterations. Should they fail to amend their policy or provide more detailed information to users relating to their data, the ICO has warned Google that it may face formal enforcement action in addition to possible action from other individual authorities across Europe.
Amongst the options of enforcement action at the ICO’s disposal are: Monetary Penalty Notices (of up to £500,000 for any serious breach), Enforcement Notices, Decision Notices or pursuing Criminal Prosecution.