Changes made to Google’s privacy policy could potentially breach data protection laws according to European regulators. As a result, 24 out of 27 data and privacy regulators in the region have signed off on a letter to the search giant asking them to revise the policy. The letter has yet to be signed by those representing Greece, Lithuania and Romania, according to a new report from Reuters.

Regulators didn’t go as far as to say the changes were illegal but they would like to see Google address some of the issues and require consent from affected users when dealing with certain data collection practices.

The key issue has to do with how Google collects user data from various sources and what they plan to do with it. The EU regulators believe that combining personal data on such a large scale creates a high level of risk with regards to user privacy.

Google revised their privacy policy in January 2012. If you recall, the company consolidated 60 individual privacy policies into a single document to cover the entire Google ecosystem. The document governs how the search giant collects data about users spanning all of their services including Gmail, Google+ and YouTube.

Less than a week after the policy was updated, the EU assigned French data protection authority CNIL to investigate the matter. Google replied to the initial inquiry with a 94-page document that apparently didn’t meet the EU’s approval.

The letter being sent to Google is the culmination of nine months worth of research and feedback into the privacy policy.