France’s Commission Nationale de l’Informatique (CNIL) had expected to decide in June whether Google’s new approach to privacy that took effect in March conforms with European law, but the process has been slowed as the company provided more information to the regulator.
“We just received answers to questions we put to the company in May, and we are studying them closely,” said Isabelle Falque-Pierrotin, the director of the CNIL, at a press conference on Tuesday.
The CNIL will then draw its conclusions and present them to the wider group of data protection regulators of the 27 European Union member states, known as the G29.
Under its new approach, Google consolidated 60 privacy policies into one and completed its ability to pool the data collected on users across its services, including YouTube, Gmail and its social network Google+
The Mountain View, California-based search giant says this allows it to better tailor search results and improve services for consumers. Users are not allowed to opt out.
The CNIL review could lead to financial penalties of up to 300,000 euros or administrative sanctions for the U.S. search giant, but it is not clear whether they would be imposed collectively or if individual states would seek their own fines.
The Wall Street Journal reported late on Monday that Google is close to paying $22.5 million to settle charges that it bypassed the privacy settings of customers using Apple’s Safari browser.
The fine would be the largest penalty ever levied on a single company by the U.S. Federal Trade Commission, the Journal said citing officials briefed on the settlement terms.