A Google AdSense Help thread has well over a hundred posts from AdSense publishers complaining they received a serious notification from Google that they are in "breach" of "passing personally identifiable information (PII) to Google."
This email was sent from the Google Policy Team and reads:
It has come to our attention that you are passing personally identifiable information (PII) to Google through your use of one or more of Google\'s advertising products -- DFP, AdSense, and/or Doubleclick AdExchange.
Our systems have detected PII, including email addresses and/or passwords, being passed from each of the domain names below. We have also included below an example of an ad request that we received from your account (from which the PII detected has been redacted).
Our contracts and policies prohibit information being passed to us that we could use or recognize as PII. Sending us PII has put you in breach of those terms.
You should review your implementation of Google tags on your pages, including whether PII of any nature may feature in the URLs of such pages.
Please give this matter your immediate attention. You should submit your response in this form.
If you fail to achieve compliance with your contract within 30 days we may disable ad serving on your account(s). If you fail to submit any response within 14 days, access to your account will be suspended.
Domain names at issue:
Again, there are a tremendous number of AdSense publishers complaining they received this violation notice and are clueless as what to do.
Despite there being hundreds of posts in the thread, not a single Google representative has responded about the issue since it was posted on May 19th.
This may just be Google starting to enforce a policy they had in place for a while, but this is the first time they are enforcing it?
Again, Google needs to chime in and help these publishers.
Forum discussion at Google AdSense Help.
Update: Google has responded telling publishers to take action.