Google has agreed to give users more information about how it uses their personal data following an investigation by the Information Commission’s Office (ICO).
The area of concern was the privacy policy implemented by Google in March 2012, which the ICO said was “too vague” because it “did not include sufficient information for service users as to how and why their personal data was being collected”.

The ICO said the web giant has now signed a “formal undertaking” to improve the information it provides to users about collecting their data and to ensure that their privacy policy meets the requirements of the Data Protection Act.
The agreement requires Google to make the necessary policy changes by 30 June.
Google will also be forced to take further steps including user testing to ensure that its privacy policy for services including YouTube, Gmail and Google+ all continue to meet Data Protection Act requirements.
“This undertaking marks a significant step forward following a long investigation and extensive dialogue. Google’s commitment today to make these necessary changes will improve the information UK consumers receive when using their online services and products,” said Steve Eckersley, head of enforcement at the ICO
“Whilst our investigation concluded that this case hasn’t resulted in substantial damage and distress to consumers, it is still important for organisations to properly understand the impact of their actions and the requirement to comply with data protection law,” he continued.
“Ensuring that personal data is processed fairly and transparently is a key requirement of the Act,” said Eckersley, before going on to state that all online firms which collect data should take heed of the investigation into Google.
“This investigation has identified some important learning points not only for Google, but also for all organisations operating online, particularly when they seek to combine and use data across services,” he said.
“It is vital that there is clear and effective information available to enable users to understand the implications of their data being combined. The detailed agreement Google has signed setting out its commitments will ensure that,” Eckersley concluded.
The case doesn’t represent the first time Google has fallen foul of the ICO, with the firm previously being warned about the data it collects on Google Street View. However, Google – which generated over $55bn in revenue during 2013 – hasn’t been fined in the UK.
Other privacy bodies have been less lenient with Google. French data protection watchdog CNIL fined the firm in January last year, citing failure to alter its data tracking and storage policies to comply with France’s data protection act. And US regulator the Federal Trade Commission fined Google $22.5m in 2012 after it was found to have infringed Safari users’ privacy rights.

Leave a Reply