On May 6, 2013, the Global Privacy Enforcement Network (“GPEN”) announced its first “Internet Privacy Sweep,” in which 19 data protection authorities are participating. This joint effort, which runs May 6-12, 2013, involves a review of the information notices posted online by major websites.
The French Data Protection Authority (“CNIL”) is participating in this initiative and has announced that it would subject 250 top websites to further scrutiny.
According to the CNIL, the purpose of the review is to examine whether web users are properly informed of:
- the types of personal data collected;
- the purposes for which the data are collected;
- whether personal data are transferred to third parties; and
- whether web users can object to the transfer of their personal data to third parties.
The CNIL also considered whether this information was provided in clear and plain language such that web users can easily understand the notice.
The CNIL may carry out more detailed reviews if its initial findings reveal serious breaches of the French Data Protection Act. It also is possible that other data protection authorities that are participating in the Internet Sweep may take similar action
Related articles
- [Opinion] Google’s collision course with member states (euobserver.com)
- Google faces European privacy probe (bbc.co.uk)
- Google gets six-nation probe over privacy policy (pcpro.co.uk)
- Google faces privacy investigation over merging search, Gmail and YouTube data (telegraph.co.uk)
- Google facing legal threat from six European countries over privacy (guardian.co.uk)
- New Customer Commons Survey: Most People Protect Privacy Online by Hiding or Lying about Personal Information (prweb.com)
- Can CNIL Make Google More Transparent? (rudebaguette.com)
- EU data-protection authorities launch joint action against Google (newstatesman.com)
- Google facing action over privacy policy flaws (irishtimes.com)
- Google faces action in Europe over privacy policy (mercurynews.com)
