The Italian Data Protection Authority (DPA) said Google had agreed to it conducting inspections at its Californian headquarters, the first time a European Union regulator will make checks on the company inside U.S. territory. The Italian DPA said that Google would implement all the measures imposed by the Italian watchdog and that for the first time in Europe, it will be the subject of regular checks to monitor progress status of the actions to bring its platform into line with the Italian legislation.

The Italian DPA approved the verification protocol which envisages quarterly updates on progress status and empowers the DPA to carry out on-the-spot checks at Google's US headquarters to verify whether the measures being implemented are in compliance with Italian law.

The protocol enables the DPA to continuously monitor the changes Google is required to make to the processing of personal data relating to users of its services – including its search engine, emailing, YouTube and social networking services.

"Google will have to improve its privacy policy by making it unambiguous and easily accessible and tailoring it to the specific service (such as Gmail, Google Wallet, Chrome, etc. )," Italy's DPA said.

In order to profile users of its services, Google will have to first obtain their informed consent. This requirement will have to be implemented, though via different mechanisms, both for new accounts and for existing Google accounts.

Google will also have to fully implement the measures set forth in a decision adopted by the Italian DPA in May 2014 regarding use of cookies and other identifiers – including unregistered users.

The US giant will also have to further improve its data storage and deletion mechanisms as for users' personal information. In particular, a specific timeframe will have to be in place regarding data deletion from both online and back-up systems.

Internal rules on anonymization will have to be revised to ensure that the relevant procedures are fully effective and compliant with the guidance already provided by European DPAs.

That's the latest privacy challenge for Google in the EU. The search giant has been under investigation by several EU data protection authorities since it consolidated some 70 existing privacy policies into one in March 2012, combining data collected on individual users across its services, including YouTube, Gmail and social network Google+.

Regulators in France and Spain have fined Google for breaking local laws on data protection.