ICO confirms Google must change privacy policy

The Information Commissioner’s Office has today written to Google, confirming that its privacy policy was not specific enough and that the updated policy raises “serious questions about its compliance with the UK Data Protection Act”.

The ICO said the updated policy doesn’t inform users enough about how Google will use their data across their products.

Google now must change its privacy policy to clear it up for individual users, and failure to do so will leave it open to “the possibility of formal enforcement action”.

In June this year, Google was told to bin Street View data it “mistakenly collected” and accidentally held onto by the ICO, but was let off without a fine.  

The ICO promised it would be keeping a close eye on Google’s actions, and the ruling came as Google was placed under scrutiny by other European countries and the European Commission itself. 

Indeed, the ICO was working in tandem with other members of the Article 29 Working Party – 27 other authorities from around Europe – and promises to work towards protecting individual privacy.  

So far, the EC has posed the most serious threat to Google. Failure to comply with EC orders could actually touch Google’s profits in a significant sense, compared to the hundred thousand or tens of millions it gets threatened with elsewhere.