In an e-mailed statement from the Dutch authority, privacy regulators indicate what they are expecting from Google. These include asking Internet users for their 'unambiguous consent' and giving them 'clear and consistent information' on how Google uses their personal information.
The Dutch Data Protection Authority (DPA) specifically demands that Google "...ask for the unambiguous consent of users for the combining of personal data from the different Google services. This can be achieved via a separate consent screen. Unambiguous consent can't be obtained through information about this processing in the general (privacy) terms and conditions."
"Google catches us in an invisible web of our personal data without telling us and without asking us for our consent," said Jacob Kohnstamm, chairman of the Dutch DPA.
What the Dutch regulators wanted is for Google to inform users how the company utilizes the gathered data. Google uses these data to customize its advertising. The company achieves this by combining data from the users' search engine queries, cookies, third-party websites tracking, emails, video browsing and location details.
"This combining occurs without Google adequately informing the users in advance and without the company asking for consent. This is in breach of the law," said the DPA.
According to Google, the company had already made changes in order to harmonize the privacy policies for over 60 of its products in 2012.