Google changes privacy policy in light of investigation

Google has been forced to implement a change in its privacy policy after an investigation from the Information Commissioner’s Office (ICO)

Google has been forced to amend its privacy policy after an investigation from the Information Commissioner’s Office (ICO).

The regulator has asked the company to provide better information to users about how personal data is used after changes were made to its policy.

The ICO investigation found Google’s privacy policy provides only vague information to consumers about how it uses personal data collected from the use of its web services and other products.

The privacy policy, which was introduced in March 2012, was written to replace existing documents for more than 70 services, but the regulator claims information on data usage is still not detailed enough.

ICO head of enforcement Steve Eckersley said ensuring data is processed fairly and transparently is a key requirement of the Data Protection Act (DPA). 

“Whilst our investigation concluded that this case hasn’t resulted in substantial damage and distress to consumers, it is still important for organisations to properly understand the impact of their actions and the requirement to comply with data protection law," he said.

According to the regulator, Google has signed a commitment  to make more changes to its policy on privacy to meet the DPA. Changes must be implemented by June 2015 and the firm must make continued changes over the next two years.

"This investigation has identified some important learning points not only for Google, but also for all organisations operating online, particularly when they seek to combine and use data across services," said Eckersley.

"It is vital that there is clear and effective information available to enable users to understand the implications of their data being combined.”

The ICO states any company processing and collecting personal information must ensure information is lawfully processed, is accurate and is kept secure – in line with the principals of the DPA.

This is not the first time the search engine has come under fire for problems with its privacy policy, and the ICO has been working with other parties in Europe to try to get Google to amend its policies since 2013.

At the beginning of 2014, Google failed to block attempts by UK users to sue the company for bypassing privacy settings in Apple’s Safari browser to track online behaviour.

Following these demands, the Italian data protection watchdog gave the company 18 months to change the way it processes and stores user data. This was after France’s privacy watchdog, CNIL, fined Google €150,000 for failing to conform to local law regarding tracking and storing user information within the three-month deadline it had set.

Over the past year Google has been receiving requests to remove links to personal information from search results after Europe’s top court supported the controversial right to be forgotten in a landmark ruling.

Read more on Privacy and data protection