Google ordered to overhaul privacy policy by ICO

Google has agreed to tweak its privacy policy after the Information Commissioner (ICO) ruled the firm's descriptions about how it uses people's personal data were too vague.

The search giant has signed a formal undertaking as a sign of its commitment to improve the way it informs users about how the data collected about them from its wide range of internet services is used.

The ICO confirmed Google has already made numerous changes to the policy, thanks to its intervention, but further changes are needed and must be introduced by 20 June 2015.

The privacy policy the ICO has taken issue with was introduced in 2012 through combining 70 of Google's existing service policies.

However, the ICO claims this document failed to provide users with sufficient detail about how or why their personal information was being collected, which put Google at odds with the UK Data Protection Act.

Steve Eckersley, head of enforcement at the ICO, said today's outcome was the result of a long investigation and extensive talks with Google.

"Whilst our investigation concluded that this case hasn't resulted in substantial damage and distress to consumers, it is still important for organisations to properly understand the impact of their actions and the requirement to comply with data protection law," he said.

Furthermore, he said the investigation's results should also act as a wakeup call for other internet service providers, particularly those who deal with user data generated from multiple services.

"It is vital that there is clear and effective information available to enable users to understand the implications of their data being combined. The detailed agreement Google has signed setting out its commitments will ensure that," he added.

In a statement to IT Pro, Google said: "We're pleased the ICO has decided to close its investigation. We have agreed improvements to our privacy policy and will continue to work constructively with the Commissioner and his team in the future."