The Italian legal system is really cracking down on Google this time around. The tech giant might be facing criminal charges and up to a €1 million ($1.35 million) fine if the company does not change its data handling methods in the next year and a half.
The Italian data protection commissioner has been coordinating with his counterparts across the European continent and has passed a ruling on Monday regarding this matter with Google. The company must in the next 18 months define the time period it retains users’ data as well as delete users’ data when requested within 2 months for data stored on “active” systems and within 6 months for backed-up data.
Google must also make it absolutely clear to users that their data data is mixed and matched across Google services for marketing purposes, both by cookies and by more advanced behavioral “fingerprinting” technologies as well as get explicit opt-in permission from users before using their data in this manner. By the end of September, Google must give to the regulator a roadmap of compliance steps.
Google has about 95 percent of the search market in Europe so its policies affect more or less everybody. Google has been fined in France for €150,000 in January and in Spain for €900,000 last December with regards to this unified policy. However, with the risk of criminal proceedings, the case in Italy may be too serious to just ignore with a bunch of cash. Also, I think this time around Google may need to realize that the sum of the fines are growing.
Google better be taking matters seriously as Italy may not be as laid back as other European countries based on Italy’s fairly disgraceful privacy-related conviction of top Google execs a few years ago for a bullying clip that had been uploaded to Google Video.