Google has been forced to change its controversial privacy policy by European Union regulators after it was criticised over its collection of internet users’ personal information.
In a letter to the firm’s chief executive Larry Page yesterday, an EU data protection commissioner said that Google “empowers itself to collect vast amounts of personal data about Internet users” without demonstrating that this “collection was proportionate”.
It stopped short of declaring Google’s data gathering practices illegal, but made clear 12 measures the company must put in place to satisfy the concerns.
The company was told that “combining personal data on such a large scale creates high risks to the privacy of users. Therefore, Google should modify its practices when combining data across services for these purposes.”
Twelve recommendations were outlined in a letter signed by 24 of the EU’s 27 data regulators.
Those recommendations are said to include a focus on personal information and browsing records, as well as the collection of location-based data and credit card details.
It follows a nine-month investigation into the company’s data collection practices.
Google faced investigation after it combined all of the privacy policies related to individual products – numbering 60 – into a single, uniform policy, allowing it to transfer users’ data between different areas of and products belonging to the company.
It was criticised when it emerged that people had no option but to accept the new terms.
The French regulator Commission Nationale de l’Informatique et des Libertés (CNIL) was appointed to lead the investigation on behalf of the EU. The CNIL demanded that Google clarify why and how it combines data, and report on how it processes users’ personal information.
There was speculation yesterday that the company would be forced to scrap its privacy policy altogether and start again. But the CNIL appears not to have gone so far in its demands.
The Internet giant rejected the accusations, saying: “Our new privacy policy shows our continued commitment to protecting our users’ data and creating quality products. We are confident that our privacy policies respect European law.”
It contends the move simplifies and unifies its policies across its various services such as Gmail, YouTube, Android mobile systems, social networks and Internet search.
The California-based firm said the changes are designed to improve the user experience across the various Google products, and give the firm a more integrated view of its users, an advantage enjoyed by Apple and Facebook.
