Google faces regulator warnings over privacy policy

data protection
5 Jul, 2013

Company must rewrite terms in order to comply with European legislation.

Google has been told its updated privacy policy still does not comply with data protection and privacy legislation in several European countries.

Government privacy watchdogs in the UK, Germany and Italy have all warned the search giant that it must rewrite its terms and conditions or face legal sanctions.

Our privacy policy respects European law and allows us to create simpler, more effective services.

The company has already faced similar warnings from France and Spain’s privacy bodies last month.

In a statement, the Information Commissioner’s Office (ICO), which oversees privacy and data protection in the UK, said: “We have today written to Google to confirm our findings...that its updated privacy policy raises serious questions about its compliance with the UK Data Protection Act.

“In particular, we believe the updated policy does not provide sufficient information to enable UK users of Google’s services to understand how their data will be used across all of the company’s products.”

The company has until 20 September to amend the policy or face legal sanctions, the ICO said.

The moves come just 15 months after Google altered its privacy policy to unify data collection, and is the latest of a number of privacy scandals that have bedevilled the company.

In Europe, the company has been censured over the collection of WiFi data, including usernames and passwords, through its Street View cars.

On 21 June 2013, the ICO gave Google 35 days to delete all the data it had collected or face contempt of court procedures, after the body found it had retained data even after being told to delete it previously. Google claimed the disks had been retained accidentally.

Furthermore, the company has been asked to clarify the data protection implications of its Google Glass wearable computing technology on both sides of the Atlantic, after it emerged the device can take photos and videos of people without their knowledge or consent.

In a statement, Google said: “Our privacy policy respects European law and allows us to create simpler, more effective services. We have engaged fully with the authorities involved throughout this process, and we’ll continue to do so going forward.”

However, the company declined to elaborate on how this is possible when facing litigation from European data protection regulators.