Top ICO Official Moved To Google After WiSpy Probe

Stephen McCartney, who worked for the Information Commissioner’s Office (ICO) during the so-called “WiSpy” probe, later joined Google and is now its privacy manager, it emerged yesterday.

McCartney was working for the watchdog as the head of data protection promotion, but joined the Google camp 18 months after the investigation, leading to a possible conflict of interest.

This information was obtained by a concerned citizen through a Freedom of Information request. MP Rob Halfon has promised to discuss the matter in parliament.

The ICO plot thickens

The Guardian has discovered that Stephen McCartney, who was in charge of the matters of data protection at ICO when WiSpy investigation took place, accepted a position at Google just 18 months after the watchdog cleared the company. However, the ICO says he wasn’t directly involved in the probe.

“Stephen McCartney played no part in the investigation into the Google Street View project while working at ICO. In any event, ICO employees continue to be legally bound by a confidentiality agreement after they leave the organisation, as part of the Data Protection Act,” said a spokesman for the watchdog.

Rob Halfon, the Tory MP for Harlow and a vocal critic of the ICO investigation, has promised to bring this matter before parliament. “This is a pretty shocking revelation. It raises more questions about the information commissioner than it does Google because clearly the ICO has been asleep on their watch on this issue,” he told The Guardian.

“Now it seems they have had a cosy relationship with the company they have been investigating,” he added.

McCartney was working for the ICO for seven years, before switching sides in November 2011. The watchdog has released the emails that he wrote to the information commissioner Christopher Graham while working at Google, which accuse the media of incorrectly reporting the findings of the FCC.

ICO has said that the correspondence “clearly shows that Stephen McCartney was treated like any other organisation’s representative”.

Meanwhile, the investigation into Street View data collection continues.

WiSpy with my little eye…

In May 2010, Google admitted its Street View cars were collecting data from open Wi-Fi networks for three years, including user e-mails, passwords and Web browsing activity. The search giant claimed this was a result of an “accident”, and the information was never used in any of the Google products.

In November 2010, the information commissioner had ruled that Google broke the UK’s Data Protection Act, but he decided not to fine the search giant, prompting widespread criticism and calls for tougher measures.

Although the company said data was anonymous and couldn’t have been linked to any individuals, privacy activists all around the world were up in arms. By December 2010, the media storm that followed WiSpy revelations caused Google to delete all of the collected information.

The ICO had reopened its investigation into Street View Wi-Fi data collection last month, after reviewing the findings of the US Federal Communications Commission (FCC) report that resulted in $25,000 fine for the company.

Google previously claimed that the data collection was “a mistake”, but it had later emerged that the engineer who created the Wi-Fi data-grabbing code in 2006 told his co-workers exactly what he was doing.

In addition, the FCC report showed that data collected by Street View cars included medical listings, information about online dating, records of visits to pornographic sites and data contained in video and audio files.

Do you know Google’s secrets? To find out, take our quiz!