Spanish Data Protection Agency has slapped a €900,000 (£751,000) fine on Google over three separate instances of violation of Spain’s Data Protection Act.
The Spanish watchdog, Agencia Española de Protección de Datos (AEPD), claimed that Google doesn’t provide enough information to its users on what all data it collects and for what purpose. The AEPD said that Google collects data through different services and keeps it for an indefinite time making it difficult for users to exercise the rights of its citizens.
“The Agency declares the existence of three violations of the LOPD and imposes a penalty of 300,000 euros to Google for each infringement, requesting him to fulfill with the provisions of law without any delay,” AEPD notes in its report.
According to AEPD, “Google unlawfully collects and processes personal information of both authenticated (those who log in their Google accounts) and non-authenticated users, as well as of those who act as “passive users” because they have not requested Google’s services but access to web pages that include elements managed by the Company.”
This, AEPD claims, is a direct violation of article 18 of the Spanish Constitution, which talks about “right to the protection of personal data.”