Led by the French, organisations in Britain, the Netherlands, Germany, Spain and Italy agreed on Tuesday on the joint action, with the ultimate possibility of imposing fines or restrictions on operations across the entire 27-country European Union.
Last year, the company merged 60 separate privacy policies from around the world into one universal procedure. The European organisations complain that the new policy doesn't allow users to figure out which information is kept, how it is combined by Google services or how long the company retains it.
Google says it merged its myriad privacy policies in March 2012 for the sake of simplicity, and that the changes comply with European laws.
The fines' financial impact on Google Inc would be limited - French privacy watchdog CNIL has the right to fine the company up to 300,000 euros ($385,000), approximately the amount it earns in three minutes, based on its projected revenue of $61 billion this year. Britain can fine up to 500,000 pounds, but rarely does.
But successful legal action would hurt Google's image and could block its ability to collect such data until it addresses the regulators' concerns.
Each of the six European states bringing legal action against Google has to make its own decision on how to handle perceived violations.
"No one is against Google's objective of simplicity. It's legitimate. But it needs to be accompanied by transparence for consumers and the ability to say yes or no," Isabelle Falque Pierrotin, head of French privacy regulator CNIL, said in a recent interview. "Consumers have the right to know how the information is being used and what's being done with it."
But regulations tend to lag technology, and the delay is more pronounced in a digital age when small bits of information can offer increasingly powerful - and lucrative - insights into the psyches of consumers or voters.
Proposed Europe-wide data protection legislation will take until at least 2015 to be fully implemented.
In March, Google agreed to a $7 million fine to settle a 38-state investigation in the US into software that intercepted emails, passwords and other sensitive information sent over unprotected wireless networks in neighborhoods worldwide.
Google blamed an engineer who rigged a data-collection program for its online mapping service that then collected communications on Wi-Fi networks from early 2008 until the spring of 2010.
Earlier this year, Microsoft started an ad campaign linking Google to privacy concerns, hoping to cause defections to its own programs.
Two weeks ago, a European Parliament committee signed off on continent-wide legislation that would include a "right to be forgotten," requiring companies that operate online to show Internet users the personal information collected and, if requested, delete it. It's no simple request when information is gathered from countless computers and mobile devices and stored on servers all around the world.
In the meantime, it's unclear how far beyond fines the regulators are willing to go to impose their will on Google.