Google recently announced its plans to introduce one privacy policy to cover all of its uses of personal data across all the services it offers worldwide; currently Google has separate privacy policies across its range of services. It intended to introduce the change on 1 March 2012.
Google’s aim behind having one privacy policy across its services is to make its position on privacy easier to understand and to improve the experience of its users – Google hopes to be able to use data between its services to offer a more personalised experience to users when they login to their user account.
The Article 29 Working Party, which is made up of representatives from the data protection regulators of each European Union (EU) member state, has now asked Google not to introduce the changes until the French data protection regulator, the CNIL, has assessed what impact the single policy might have on EU citizens, with many critics expressing concern that the new policy will mean citizens will have less control over the use of their data as it will be freely transferable across services.
Google has responded to criticism by arguing that users will still be able to use many of its services without having a user account and disclosing personal data to Google, and those that do sign up to an account will be able to review the privacy policy and use various privacy tools to dictate how Google can actually use their information. Google has also indicated that it may not be willing to postpone the launch of the new policy, citing the fact that the European Commission and various data protection regulators have already been consulted when the single privacy policy was being put together.