European Union privacy regulators want Google to make its privacy policies easier to find and understand, with exhaustive lists of what data it holds and processes, in order to comply with EU law, they told the company this week.
WP29's recommendations are common guidelines for complying with national privacy laws, it said in a letter to Google published Thursday.
The group could extend the guidelines to apply to the whole industry at a later date, it said.
The guidelines are just one way the company could comply with the law, and are not compulsory, but neither do they pre-empt enforcement actions by national authorities, the WP29 said, adding that it remains open to discussing any other measures that Google would propose to address the legal requirements.
information or other credentials already used by Google to identify users.
In order to allow users to control the use of their personal data, Google must also provide them with more elaborate tools to manage their personal data and to control the usage of their personal data between all Google services, WP29 said. This could be done by making the current dashboard more accessible and including all Google services in that dashboard.
No deadline was set for Google to respond to the suggestions. The WP29 is considering issuing guidance on specific issues to the entire industry at a later stage.