UK data watchdog faults Google on breach of data laws

05 Jul 2013

The UK data watchdog, Information Commissioner's Office, has told Google that its privacy policies broke the country's data laws.

The Information Commissioner's Office (ICO) ordered the search giant to provide better information to people its use of their data.

With the development, ICO has become one among at least six EU data watchdogs to fault the search giant's policies. Last year the company integrated over 60 policies across its services into one, which allowed it to target advertising on YouTube using someone's Gmail data.

A refusal to change its policies would invite a fine. However, Google said it respected the law and will continue to engage with the ICO.

Meanwhile, a German data protection authority launched formal action against Google over the privacy policy changes it effected last year. This comes after of a French privacy regulator announced similar action last month.

The Hamburg Commissioner for Data Protection and Freedom of Information announced yesterday that it would join other European privacy regulators in taking action against the company.

According to the French National Commission on Computing and Liberty's (CNIL) announcement last month, it had given Google three months to respond to its complaints or face court action, after the company repeatedly rejected requests to reverse the changes it made to its privacy policy in March 2012.

The Spanish privacy regulator, had also notified Google of its intention to impose sanctions if Google failed to comply with Spanish law.

The US company has been given until mid-August to make its case at a hearing with the German commissioner, Johannes Caspar.

Caspar said in a statement yesterday that users needed to be clearly informed about the purposes for which Google was processing their data.

He added, that the company's new privacy policy was too vague about the nature, scope and purpose of its data processing, allowing the company to do what it wished, he said.

The company would need to set clear limits on what it would do with users' data, and allow users to decide how the company merged and analysed data concerning them obtained from different Google services.