Google was today encouraged by the UK's privacy watchdog to implement privacy rules at the start of every project in undertakes.
The Information Commissioner's Office (ICO) carried out an audit into Google's practices following the Street View scandal of 2010, which saw payload data taken from users' unprotected Wi-Fi networks.
The ICO said Google had taken action in all areas agreed in an undertaking signed in November last year, yet more should be done to improve privacy.
Google was called on to ensure existing products have a "Privacy Story" an explanation of how data would be used by a service.
Google must enshrine the concept of 'privacy by design' into each of its services.
It was also recommended the internet giant's projects include a Privacy Design Document, to ensure privacy is respected at the earliest stage of development and beyond. The search giant has created such a document, but the ICO urged it to be used on all Google initiatives from now on.
According to information commissioner Christopher Graham, Google has accepted the findings of the audit.
"The ICO's Google audit is not a rubber stamp for the company's data protection policies," Graham said.
"The company needs to ensure its work in this area continues to evolve alongside new products and technologies. Google will not be filed and forgotten by the ICO."
Amongst Google's positive privacy moves, according to the ICO, were "advanced data protection training" for engineers, as well as better privacy education for all staff. Google's excuse for the Street View mishap was that an engineer had written a piece of code in 2006 for an "experimental Wi-Fi project," which was then unwittingly employed in software collecting Wi-Fi network data.
The ICO came under fire last year for not being stern enough with Google over the Street View case, even though it said it could not issue a fine due to timing issues. The ICO claimed it could not serve Google with a monetary penalty as the data was taken before the watchdog was handed fining powers.
Today's announcement was nevertheless praised by prominent privacy group the Big Brother Watch.
"Following last year's debacle, it's encouraging to see the company has take steps to improve its privacy policies," Big Brother Watch director Daniel Hamilton told IT Pro.
"Google is the undisputed leader in its market. With such a position of dominance, comes a special kind of responsibility towards its users to respect their privacy and safeguard their personal information. Going forward, Google must enshrine the concept of 'privacy by design' into each of its services to avoid the need for intervention by the ICO in the future."
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
AI recruitment tools are still a privacy nightmare – here's how the ICO plans to crack down on misuseNews The ICO has issued guidance for recruiters and AI developers after finding that many are mishandling data
-
“You must do better”: Information Commissioner John Edwards calls on firms to beef up support for data breach victimsNews Companies need to treat victims with swift, practical action, according to the ICO
-
LinkedIn backtracks on AI training rules after user backlashNews UK-based LinkedIn users will now get the same protections as those elsewhere in Europe
-
UK's data protection watchdog deepens cooperation with National Crime AgencyNews The two bodies want to improve the support given to organizations experiencing cyber attacks and ransomware recovery
-
ICO slams Electoral Commission over security failuresNews The Electoral Commission has been reprimanded for poor security practices, including a failure to install security updates and weak password policies
-
Disgruntled ex-employees are using ‘weaponized’ data subject access requests to pester firmsNews Some disgruntled staff are using DSARs as a means to pressure former employers into a financial settlement
-
ICO reprimands Coventry school over repeated data protection failuresNews The ICO said the academy trust failed to follow previous guidance, which caused a serious data breach
-
ICO dishes out fine to HelloFresh for marketing spam campaignNews HelloFresh failed to offer proper opt-outs, the ICO said, and customers weren’t warned their data would be used for months after they cancelled
