Google has agreed to improve the information it provides to people about how it collects personal data in the U.K., after it was required to do so by country’s data protection authority.
Like other authorities, ICO found that Google was “too vague” when describing how it uses personal data gathered from its web services and products. It ruled that he new policy provided insufficient information for users as to how and why their personal data was being collected.
By June 30, Google will make changes to comply with ICO’s demands. While it will provide more and clearer information, it will also provide a user resource covering data processed by Google and the purposes of processing the data, according to the document signed by Google’s senior vice-president and general counsel, Kent Walker.
What’s more, Google will redesign its Account Settings pages, allowing users to find a variety of controls and information more easily, while it will also provide information to enable individuals to exercise their rights. More information will be added too about the entities that may collect anonymous identifiers on Google properties and the purposes to which they put that data, according to the document.
Google did not immediately respond to a request for comment.
While the investigation concluded that there was “no substantial damage and distress to consumers” due to the policy change, it is still important for organisations to properly understand the impact of their actions and the requirement to comply with data protection law, ICO said.
“It is vital that there is clear and effective information available to enable users to understand the implications of their data being combined,” it said, adding that Google had already made a significant number of changes.
Spain’s data protection authority fined Google €900,000 in December 2013 for not providing users enough information about the personal information it collects, and the purposes it uses it for.