Six of the largest national data-protection authorities in the European Union have launched a joint action against Google to force the search-engine company to change how it handles personal data. 

The move by data-protection authorities in France, the UK, Germany, Spain, Italy and the Netherlands was announced by CNIL, the French data-protection authority, on Tuesday (2 April). The six authorities will carry out enforcement actions under their national laws, which are based on EU data-protection rules. Each authority can fine Google up to €1 million if the company refuses to change its practices.

The decision to take joint action follows an investigation led by CNIL that started in October 2012. After the investigation found that Google had breached national data-protection rules, the company was given four months to bring its practices into line with national legislation in the six countries. CNIL said this week that Google had not changed its practices.

Google issued a statement saying that it was co-operating with data-protection authorities. “We have engaged fully with the data-protection authorities involved throughout this process, and we’ll continue to do so,” it said.

Under current EU data- protection rules, national data-protection authorities are responsible for taking action against companies that breach data-privacy rules applying on their territory.

Co-ordinated action

The EU is currently working on a revision of data-protection rules so that one data-protection authority would take action on behalf of the entire EU. In the case of Google, the relevant authority would be Ireland, where the company has its European headquarters. If the changes proposed by the European Commission are approved by national governments and the European Parliament, the authority would be able to fine any company in breach of data rules up to 2% of its global turnover.

Viviane Reding, the European commissioner for justice, fundamental rights and citizenship, who proposed the changes to data-protection rules, said: “It is good to see that six national data- protection authorities are teaming up to enforce Europe’s common data-protection rules. Data protection authorities speak louder with one voice than with 27.”

Reding said that “concerted actions need to evolve from the exception to the rule” and that the proposed reform of EU data-protection legislation would make that possible.

Click Here: NRL Telstra Premiership