Google's latest privacy policy could land it with a fine of upto $1
billion under a new law allowing Europe-wide challenges to U.S.-based
Internet giants, Europe's top justice official said on Tuesday.
Viviane
Reding, the European Union's commissioner for justice, said rules being
finalised by the European parliament and EU countries would allow a
single EU data regulator to fine companies on behalf of all national
watchdogs.
"The one-stop-shop regulator could threaten a company
which does not obey the rules with a fine of up to two percent of global
turnover," Reding told journalists.
Asked what kind of offence
would receive the full two percent fine Reding pointed to Google. "The
test case (Google) is a clear one."
The overhaul of the existing EU data protection regime could come into effect next year and would allow for bigger single fines.
It would also require all countries to have fines. Some states do not now levy penalties.
Google's total revenue in 2012 amounted to $50 billion which would make a two percent fine $1 billion.
Under
current European rules, only individual countries can levy fines
against companies that violate data privacy laws. Fines range from
300,000 euros to 600,000 euros.
Reding said that the ongoing
dispute between EU data protection regulators and search engine Google
showed the weaknesses of the current system, which relies on each
country identifying and punishing privacy breaches.
She added that
Google's decision to ignore a warning by regulators in October to
change its privacy policy was a clear-cut case for a fine.
Google said it had not ignored warnings and had since amended its privacy policy.
European
data watchdogs have said they plan to take "repressive" action against
Google by this summer for its privacy policy, which took effect last
March and allows the search engine to pool user data from across all its
services ranging from YouTube to Gmail.
While regulators say Google's policy infringes users' privacy, the company said it is not breaking any laws.
The
new law now would place greater responsibility on companies such as
Facebook to protect users' information and threaten those who breach the
code with fines.
U.S. companies have been lobbying heavily
against the regulation which forces them to seek water-tight permission
from users for collecting their data and also gives users more rights to
obtain and delete their own data from services like Facebook.
The
European Parliament is currently reviewing the rules drafted by the
European Commission. They will then need the consent of EU member
nations before becoming law, a process that could take up to a year.
© Thomson Reuters 2013