The order comes in the wake of similar demands from a number of other countries, including French regulatory agency Commission Nationale de l’informatique et des Libertes, as well as its counterpart in Spain.
It is a response (albeit a late one) to Google’s complete overhaul of its privacy policies, which saw Google consolidate more than 70 separate privacy policies into a single, unified document. It was Google’s first sign of tightening the connections among all of its services. Search Engine Land founder Danny Sullivan put it best at the time: “Rather than people signing up for individual products — Gmail, YouTube and so on — they’re now signing up for Google.”
While integrating the myriad policies could be seen as helpful for users who didn’t want to have to re-scrutinize a different policy across every Google service, the handful of European Union countries believe that Google’s latest unified version is still too confusing for consumers.
Google responded to AllThingsD with the following statement:
However “engaged” Google is with the agencies requesting the changes of the company, it doesn’t have much time to comply (or not comply).
“Failure to take the necessary action to improve the policies compliance with the Data Protection Act by 20 September will leave the company open to the possibility of formal enforcement action,” the ICO said. That could include legal action and potential fines.