We reported in May last year that Google Street View had come under fire from watchdog group Privacy International over its capturing and use of street images in its Google Maps application.
In a new twist, Google came under fire once again when it announced in May that personal payroll data from unencrypted networks had been mistakenly collected when trying to identify public Wi-Fi spots as part of a new Wi-Fi mapping feature in Google Street View. To add more fuel to the fire, Google announced in October that it had collected more information than initially believed, including, in some instances, emails, complete URLs and passwords. The announcements have sparked reviews by data protection agencies in the UK, US, Canada, Italy, France, Spain, Germany, all concerned with whether Google’s unauthorised data collection flouted data protection and privacy laws. The UK’s data protection regulator, the Information Commissioner, has confirmed that Google’s actions were a “significant breach of the (UK) Data Protection Act”; other international agencies’ responses are to follow.
However Google is not the only company to be questioned this year over its handling of personal information, Facebook has also been investigated by the UK’s Information Commissioner for its management of users’ personal data and, under recent proposals by the European Union, these and other internet companies could face stringent regulations governing use of personal data in the coming years.
Last week the European Union put forward proposals for tougher privacy rights aimed specifically at protecting EU internet users that share personal data with internet sites such as Google and social networking sites such as Facebook (press release can be found here). The EU proposals recommend internet users are given rights to expressly “opt-in” before their data is used in any way by the website and to instruct the website to delete any data previously shared. Users would also have the right to sue companies for privacy breaches under current proposals.
The European Commission has said that it will submit the proposals as legislation next year, but, given the slow speed with which this project has moved to date, the effect of the proposals may not be felt for a while yet. However what is clear is that the EU is keen to consolidate and strengthen existing data protection laws, and therefore industry will need to keep a close eye on developments at European Union level if they are to stay ahead of the forthcoming proposed changes.
- Jake Marshall and Gemma Davies