However, Viviane Reding alleged that the new policies break European data protection rules that insist companies are transparent about how they handle customer data.
Reding made the allegation in two separate interviews with the Guardian and the BBC after a speech given at the London School of Economics yesterday in defence of the European Commission’s proposed Data Protection Regulations.
In her presentation, Reding noted EU member states could object to Google’s new policies, although the fines they can currently levy would be immaterial to the company. She admitted, however, that the EC is itself currently powerless to do anything about Google’s privacy breaches.
According to legal academic and blogger Paul Bernal, Reding noted that under the proposed reforms to the EC Data Protection Directive, Google could be fined up to €560 million, 2% of its global annual revenues, for a breach.
The UK Information Commission, Christopher Graham, was most cautious. "We don’t know if Google is operating outside of EU law… I’m not going to say it isn’t lawful as it’s being investigated," he told a London seminar on Wednesday night.
"The new policy doesn’t change any existing privacy settings or how any personal information is shared outside of Google," she wrote. "We aren’t collecting any new or additional information about users. We won’t be selling your personal data"