Google was urged by European Union regulators to fix flaws in its privacy policy or face possible fines after the company's response to an inquiry was deemed to be "incomplete" and "unsatisfactory".
Data protection watchdogs today called on Google "to upgrade its privacy policy practices".
The findings were presented by France's National Commission for Computing and Civil Liberties, or CNIL, which led the inquiry on behalf of European authorities.
If Google fails to implement changes sought by the privacy regulators within "three to four months", said Isabelle Falque-Pierrotin, CNIL's chairwoman, the matter will "move on to another phase, which is a sanctions phase".
She said the French regulator could impose fines itself, and that it was "probable" that "several competent authorities" in other states could also pursue Google if the policy was not altered.
Google, operator of the world's largest search engine, is facing privacy investigations by authorities around the world as it debuts new services and steps up competition with Facebook for users and advertisers.
Google changed its system this year to create a uniform set of policies for more than 60 products, unleashing criticism from regulators and consumer advocates concerned it is not protecting data it collects.
"It is not possible to ascertain from the analysis that Google respects the key data protection principles of purpose limitation, data quality, data minimisation, proportionality and right to object," CNIL said in a statement today.
"The privacy policy suggests the absence of any limit concerning the scope of the collection and the potential uses of the personal data."
Google is "confident that our privacy notices respect European law", Peter Fleischer, global privacy counsel, said in an e-mailed statement.
Bloomberg