Google to improve privacy policies after ICO audit
Updated September 2011
The Information Commissioner’s Office (ICO) has announced that it is satisfied with moves taken by Google to improve its privacy policies, but has also identified certain areas in which further improvements can be made. The ICO’s recommendations follow a recent audit by the ICO at Google’s London offices on 19 and 20 July 2011.
The ICO’s audit found that Google, on the whole, had made good progress in developing its privacy procedures. The audit drew particular attention to Google’s practice of ensuring that all new projects undertake a ‘privacy design document’ (in depth privacy assessment) before they start, the internal privacy structure developed across all functions of Google’s business and the privacy training provided to Google’s engineers and other staff.
The recommended areas of improvement for Google (as listed in the audit) were as follows:
Google was advised to incorporate a ‘privacy story’ in all existing products, providing users with information about the privacy features of those products.
Google was urged to ensure that all of its existing projects should also have a privacy design document.
The training provided by Google to its engineers should be developed to ensure that it reflects any issues identified in a relevant privacy design document.
Google agreed to this audit as part of an undertaking which it signed in November 2010, following an incident in which it was reported that Google’s Street View cars had collected wi-fi payload data as well as the location mapping information which was the purpose of their trips.
© TLT LLP 2011.