Privacy groups to Google: What took you so long?

Computerworld - Privacy groups are glad that Google Inc. has finally placed a link to its privacy policy on its home page, but they said it was something the search engine company was legally obligated to do anyway.

"We're pleased," said Marc Rotenberg, executive director of the Electronic Privacy Information Center (EPIC) in Washington. "We wrote to Google on June 3 and pointed out that this was required by California law, and Google is a California corporation. We're not asking them to comply with the laws of Singapore."

Rotenberg said posting a link to its privacy policy on its home page is basically what every commercial Web site does. He said EPIC couldn't understand why Google was so reluctant to do the same.

"But it was interesting that they did it on the 30th day after we sent the letter, which is just under the wire in terms of when they would have been in actual violation of the law and could have been subject to civil lawsuits," he said. "I think they understood that this was something they needed to do."

A Google spokeswoman said that the time was right for Google to add the privacy policy link to its home page. "We've built clear, consumer-friendly privacy materials, and felt that it could be useful to provide users with an easy link to our Privacy Center," a Google spokeswoman said in an e-mail.

"Some users, bloggers, and regulatory bodies have asked us why we didn't have a link, and, after evaluating their feedback, we decided it was the right time to add one," the spokeswoman said. "While many users were searching for our privacy policy before, or clicking through to it, this provides an easier path to learning about our privacy approach. We've also added the same link on the results page."

Under the California Online Privacy Protection Act of 2003, a company has 30 days to add the privacy policy once it receives notice of noncompliance.

Although the law doesn't call for specific penalties for noncompliance, jurisdiction would most likely fall to California's Unfair Competition Law, which says that the California attorney general, district attorneys, some city and county attorneys, and private plaintiffs can file lawsuits against businesses for acts of "unfair competition," which are considered to be any act involving a business that violates California law.

"We're pleased that they did that," said Pam Dixon, executive director of the World Privacy Forum in San Diego. "It's California law, and it's an important law. I know that privacy policies are not a perfect way to communicate privacy to consumers, but they're still important for consumers. I think the ability to find a privacy policy easily and quickly right from the home page is something that consumers have come to expect."