When Google’s Street View cars took private data from people, European regulators failed to effectively take the company to task, because their approach was fragmented, the British Information Commissioner’s Office (ICO) has admitted. However, the ICO itself is soon to give its final decision on any UK penalty for Google.
David Smith (pictured), deputy commissioner at the ICO, said this morning at a Westminster eForum event in London that European nations did not “do a very good job” of being consistent in reprimanding Google.
Google indiscriminately gathered private data from the Wi-Fi networks that its Street View cars passed, after a Google employee placed code in the cars’ software to gather it. Although the same thing happened across Europe, the punishments meted out by regulators varied widely – and this was not right, Smith told TechWeekEurope.
Google has not yet been handed a severe fine in this country, despite other punishments across Europe, with the French imposing a €100,000 penalty. After its initial investigation, the ICO said it didn’t have the right regulatory powers to fine Google when it was doing the data slurping.
It did reopen the case after it emerged Google had gathered more citizen information than had at first been thought, including medical details. The US Federal Communications Commission (FCC), which fined the tech giant $25,000 over the incidents, claimed that more than one Google employee knew about the information-pilfering code.
But nothing further has come of the Google case. An ICO spokesperson told TechWeekEurope it is hoping to make a final decision in the next month. That could result in a fine as high as £500,000 – the maximum penalty the ICO can currently enforce.
Earlier this month, it was reported Google was to pay a $7 million settlement to end the US government’s probe into the Street View slurping.
The EU is due to publish data privacy rules which are proving controversial. One good thing about the rules will emphasis on consistency across European regulators, Smith believes.
Not that the ICO is entirely enamoured with the European Commission’s data protection directive and regulation. It disagrees with using the term “the right to be forgotten” as it may promise too much to users, although they should be allowed to have their data deleted, Smith said.
The ICO also believes parts of the proposals are over-prescriptive, especially the need to have a data protection officer in every organisation with over 250 employees. That could be damaging for small to medium-sized businesses, the deputy commissioner added.
Are you a pedant on privacy? Try our quiz!
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…
View Comments
All of these figures represent a mere wrap on the knuckle given googles revenues and hardly serve to deter future compliance. I can just imagine the smirk at google as the cheque is written!