In summary, the CNIL investigation recommends that Google provides clearer information to its users, especially on the purposes and categories of data processed. Secondly, it raises concerns over the combination of data across services and asks Google to offer its users improved control in this area. Finally, it recommends that Google should clearly define its retention periods for the personal data it processes. In the public presentation of the report, CNIL’s president, Isabelle Falque-Pierrotin, suggested that if Google did not act on these recommendations, then litigation from the Authorities may follow.
Google is considering its response to the report, and Larry Page has defended its necessity for creating new products for its users. Pro-privacy groups have welcomed it, while other parties have questioned whether the Authorities have been too soft on Google by merely making recommendations. The second round of this particular privacy battle is awaited with interest on all sides.