EU watchdogs need 'teeth' to clamp down on privacy breaches

Data watchdogs from the UK, France, Spain, Germany, Italy and the Netherlands are launching a joint action against U.S. search-engine giant Google

Story highlights

  • Current EU data privacy rules only allow for fines of up to $1.3 million on corporates
  • Joint action against U.S. search-engine Google over alleged breaches of EU privacy rules
  • In March, Google was hit by 100,000 euro fine from France's privacy watchdog, CNIL

European regulators need effective deterrents to stop Internet companies breaching data protection laws, according to the European Union justice department.

The call comes as data watchdogs from the UK, France, Spain, Germany, Italy and the Netherlands team up to launch a joint action against U.S. search-engine giant Google over alleged breaches of EU privacy rules.

The joint action by Europe's heavyweights is a response to Google's announcement in January on new privacy settings. The Mountain View-based group said it collects and compiles data about its users based on their activity on its various sites -- from its search page to Gmail to YouTube to phones running its Android operating system.

Yesterday, it was announced that Google's first privacy director, Alma Whitten, would be stepping down after three years in the job.

Read more: Opinion: Is the social web an asteroid for the Google dinosaur?

The current EU rules only allow for fines of up to 1 million euros ($1.3 million) on corporates that breach data protection sanctions.

But a new EU-wide directive that could come into force at the end of this year will give regulators the power to impose penalties of up to 2% of a multinational's global annual turnover.

    Mina Andreeva, a spokesperson for EU Justice Commissioner Viviane Reding, told CNN that Google has not followed up on the "concrete recommendations" made in October last year.

    Read more: Google launches monthly user-activity feature

    Andreeva added that new rules are designed to give regulators "teeth" and ensure that companies respect consumer privacy. "We need effective and deterrent sanctions," she said, "If a big international company is fined 1 million euros, they just laugh about it and continue breaching data privacy."

    In a statement, a Google spokesperson said: "Our privacy policy respects European law and allows us to create simpler, more effective services," adding that Google would continue to engage fully with the data protection authorities on the matter.

    Read more: Solving 'the Google problem' key to Internet's success

    Andreeva rejected the idea that the new rules will deter U.S. or non-EU companies from investing in the 27-nation single market but said that customers are not willing to trade privacy for money.

    "They [Google] have a market opportunity with 500 million potential customers and this is an opportunity not to be missed but they must respect the data protection rules that we have," she told CNN.

    In March, Google was hit by a fine from France's privacy watchdog, CNIL, over data obtained mistakenly through the company's Street View service. The 100,000 euro fine was the largest ever dished out by the French regulator.