Google’s privacy policies still need to improve, the Information Commissioner’s Office said today, following an audit last month at Google’s London office.
Google agreed to the audit last November after owning up to collecting private Wi-Fi data as its Street View cars mapped the UK.
It pledged at the time to train staff better in data security and protection and ensure engineers maintain “privacy documents” during product development.
The audit found Google had taken action in all agreed areas but there was still room for improvement.
“The ICO’s Google audit is not a rubber stamp for the company’s data protection policies,” he said. “Google will not be filed and forgotten by the ICO.”
The ICO said it would like to see Google proactively provide users with more information about the privacy features of its products, alongside explanations of how data is managed and used in new products.
It also recommended the privacy design documents which ensure privacy is built into products from the start be rigorously applied and checked more often for accuracy.
The ICO highlighted areas of good practice from Google such as more resources dedicated to privacy issues and advanced data protection training for all engineers. It also noted improved training for all staff, covering privacy and the protection of user data.
Alma Whitten, Google’s director of privacy, product and engineering said Google has worked hard on its new privacy controls while ensuring they do not stifle innovation at the company.
“The report verifies the improvements we’ve made to our internal privacy structures, training programmes and internal reviews, and identifies some scope for continued work,” she said.
“We know that there is no perfect solution, so we will continue to improve our current processes and develop new ones so that privacy awareness grows and evolves alongside Google.”
The ‘WiSpy’ situation first came to light when German authorities asked the company what information its Street View cars were collecting.
As well taking pictures, its Street View cars also logged Wi-Fi networks to help with its location services.
On unsecured networks this meant user names, passwords and other personal details were also logged. Google says this was a mistake attributable to a coding error and has since stopped its cars logging Wi-Fi networks.
A group of affected citizens in the US are pursuing a class action lawsuit against Google for this breach and in July a US judge allowed the case to progress, ruling the complainants had sufficiently demonstrated the federal Wiretap Act had been violated.
Google also found itself in hot water with privacy regulators when it emerged that the failed social network Buzz exposed users Gmail contacts against their wishes. It settled a class action lawsuit on the issue in September 2010 for $8.5million.
Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…
Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…
Elon Musk continues to provoke the ire of various leaders around the world with his…
Volkswagen and Rivian officially launch their joint venture, as German car giant ups investment to…
Merry Christmas staff. AMD hands marching orders to 1,000 employees in the led up to…
Recall number six in 2024 for Tesla Cybertruck, and this time the fault cannot be…