Google pushed ahead with a number of major policy changes last year, causing uproar at the time, and the Information Commissioner’s Office (ICO) vowed to investigate.
Now, in an update on its work, the data watchdog said it believes Google’s policies are not in line with UK law and should be updated.
The spokesperson said that the main issues the ICO has related to the clarity of the policies in place.
“In particular, we believe that the updated policy does not provide sufficient information to enable UK users of Google’s services to understand how their data will be used across all of the company’s products,” they said.
As a result, it must update the policies or face a potential fine from the watchdog.
“Failure to take the necessary action to improve the policies compliance with the Data Protection Act by 20 September will leave the company open to the possibility of formal enforcement action.”
In response, Google issued a vague statement claiming it does adhere to UK laws, but it made no direct comment on the ICO's letter or its contents.
While the ICO's stance is likely to be welcome by privacy campaigners and shows the regulator baring its teeth, the threat of a fine of £500,000 is unlikely to have executives at the firm worried, although the reputational damage from such an outcome could be more of an issue.
The move is the second time in recent weeks that the ICO has taken action against Google. It has already told the organisation it must delete Street View WiFi data by the 25 of July.