UK regulator finds Google's privacy policy is breaking the rules

The Information Commissioner's Office (ICO) has written to Google to confirm its findings regarding the company's privacy policy (release).

We believe that the updated policy does not provide sufficient information to enable UK users of Google’s services to understand how their data will be used across all of the company’s products.

Google must now amend their privacy policy to make it more informative for individual service users. Failure to take the necessary action to improve the policies compliance with the Data Protection Act by 20 September will leave the company open to the possibility of formal enforcement action.

Google has been investigated by a number of authorities, led by the French privacy watchdog CNIL, since it merged 60 data policies into one last year.

A Google spokesperson has previously said that the change complies with privacy law:

Our privacy policy respects European law and allows us to create simpler, more effective services. We have engaged fully with the authorities involved throughout this process, and we’ll continue to do so going forward.