g-docweb-display Portlet

Google: The Italian Dpa Initiates a Proceeding to Establish Compliance with Italian Legislation

Stampa Stampa Stampa
PDF Trasforma contenuto in PDF

versione italiana


Google: The Italian Dpa Initiates a Proceeding to Establish Compliance with Italian Legislation
A Coordinated Action with the DPAs from 5 EU Member States

The Italian DPA initiated a proceeding in respect of Google Inc. to establish compliance with the Italian legislation on the protection of personal data. The focus is on whether the processing of personal data by the Mountain View company is in line with the principles of relevance, non-excessiveness and data minimization as well as with the obligations concerning users´ information and consent.

This proceeding is part of a joint action undertaken by an ad-hoc task force that includes the DPAs from France, Germany, Italy, Netherlands, Spain and the United Kingdom.

The Working Party made up of all the DPAs from the 27 EU Member States analysed Google´s privacy policy between March and October 2012 to check whether it was in line with the European data protection directive (95/46/EC). The new privacy policy allows Google, among other things, to combine data from users of different services – from Gmail to YouTube and Google Maps, to name but a few of them –  without any limitations.

The findings of this analysis were published on 26 October 2012 and the EU DPAs urged Google Inc. accordingly to make several changes within 4 months as those changes were considered necessary to bring the processing operations into line with the legislation in force.

After the 4-month period expired, representatives from Google Inc. asked for a meeting with the Task Force; the meeting was held on 19 March 2013  but no steps have been taken so far to implement the changes although the company had stated their willingness to do so.
Thus, each of the six DPAs involved will carry out additional inquiries by officially initiating separate proceedings, which will nevertheless be simultaneous as well as coordinated very closely.

"Google may not collect and process personal data from European citizens without taking account that specific rules are in place in the EU to protect citizens´ fundamental rights. The joint action by European DPAs is meant to reaffirm this principle and ensure that those rights are safeguarded" – stated the Italian DPA´s President, Mr. Antonello Soro. "The Italian DPA has long been working on the international level exactly to make sure that EU citizens´ privacy is respected not only by EU undertakings, but also by Internet giants and all electronic communications companies regardless of where they are established. We want to prevent "safe havens" from being set up where fundamental rights are not upheld", Mr. Soro concluded.

Rome, 2 April 2013