Spanish Data Protection Agency has slapped a €900,000 (£751,000) fine on Google over three separate instances of violation of Spain’s Data Protection Act.
The Spanish watchdog, Agencia Española de Protección de Datos (AEPD), claimed that Google doesn’t provide enough information to its users on what all data it collects and for what purpose. The AEPD said that Google collects data through different services and keeps it for an indefinite time making it difficult for users to exercise the rights of its citizens.
The information watchdog also claimed that the search engine giant impeded users’ right to exercise citizien’s rights after the company decided to revise its privacy policy in March 2012 despite the outcry in Europe.
“The Agency declares the existence of three violations of the LOPD and imposes a penalty of 300,000 euros to Google for each infringement, requesting him to fulfill with the provisions of law without any delay,” AEPD notes in its report.
According to AEPD, “Google unlawfully collects and processes personal information of both authenticated (those who log in their Google accounts) and non-authenticated users, as well as of those who act as “passive users” because they have not requested Google’s services but access to web pages that include elements managed by the Company.”
This, AEPD claims, is a direct violation of article 18 of the Spanish Constitution, which talks about “right to the protection of personal data.”
Google has said that it will be working with the agency closely and will consider the latest report and respond accordingly. “We’ve engaged fully with the Spanish Data Protection Agency throughout this process to explain our privacy policy” and “We’ll be reading their report closely to determine next steps”, Google said in a statement.
