The DPA, in a report yesterday, said that Google has “no legal ground” to collect and unify information about website visitors using tracking cookies.
Chairman of the College for the Protection of Personal Data, Jacob Kohnstamm, said that Google’s combining and collection of data from multiple services and third-party websites for personalized ads, personalization of services, product development and analytics purposes “spins an invisible web of our personal information, without our permission, and that is outlawed.”
The watchdog further added that Google “does not adequately inform users about the combining of their personal data from all these different services.”
DPA has asked Google to attend a meeting to discuss its concerns, after which it would decide whether to take any action against Internet search giant which could include fines.
Spain’s Data Protection Agency in June said that it had begun sanction proceedings after initial investigations showed Google Spain and Google Inc. not complying with the country’s data protection law. It said the company could also face fines of up to 300,000 euros ($408,000).