Download the authoritative guide: Cloud Computing 2018: Using the Cloud to Transform Your Business
"French data privacy regulator CNIL - which led the inquiry - said the US company had 'months' to make changes," reported BBC News. "Google has been told it should give clearer information about what data is being collected and for what purpose. It has also been told to give users more control over how the information is combined. It has been warned that if it took no action, CNIL would 'enter a phase of litigation.'"
The Guardian's Charles Arthur explained, "[the CNIL] have determined that Google's changes breached EU law because they did not give users any chance to opt out of the changes."
The New York Times quoted Isabelle Falque-Pierrotin, the chairwoman of CNIL, as saying, “If Google does not implement these recommendations, we will pass to a different phase, a phase of sanctions." The Times article also observed, "In France, CNIL has the legal ability to fine companies as much as €300,000 for privacy breaches. But whether CNIL will levy a fine, and whether other E.U. countries follow suit, remains unclear."