"In particular, we believe that the updated policy does not provide sufficient information to enable U.K. users of Google's services to understand how their data will be used across all of the company's products," the ICO wrote in a statement.
Google's response to the ICO's order has been the same-old response they have always given: they are working with various government entities to comply with local laws and regulations. And they've had plenty of opportunity to trot out this line: last month, authorities in France and Spain issued similar warnings to Google.
This is not the first time Google has been pilloried for this issue—the company faced quite a bit of criticism in the press and even from U.S. lawmakers when the unified policy was implemented back on March 1, 2012.
How Google will ultimately react to these orders is another question yet to be answered. The fine amounts aren't really anything for Google to be worried about, so there's not much incentive for them to pay anything more than lip service to the various national entities' entreaties. But if Google ignores these privacy concerns too much, they could run the risk of civil action in the courtroom, something that will cost them much more in terms of time, money and ever-precious public relations.
Given the half the planet is looking askance at Google and other Internet companies for their alleged participation in the U.S. intelligence project known as PRISM, reputation is not a currency Google has a lot to spend.
Public privacy and data commissions might be nickel and diming companies like Google, but a major court battle—or worse, unfriendly legislation—is something that can get even Google's attention.