EU concern over allegations of Google data breaches
by Claude Moraes
05 June 2012
The online search engine Google finds itself in the spotlight again over potential breaches of EU data protection rules concerning the street-view cars used for Google Maps - reveals MEP
It is not the first time that Google has faced criticism. In recent months, Google has come under fire for launching a new privacy policy; which allowed the search engine to collect customer data from one of the company's services and share it with other platforms such as YouTube and Gmail. This new policy raised concerns with national data protection authorities and with the French Data Protection Authority, which decided that the policy breached European Union law. European Justice Commissioner Viviane Reding also spoke out against Google's policy, indicating that the firm may not meet requirements laid out in her recent proposed revisions to the EU Data Protection Directive.
Recent allegations centre on the previous admission by Google, in 2010, that its street-view cars had secretly collected data including website details, user names and passwords from unsecured Wi-Fi networks in both the United States and in EU member states - including the United Kingdom, Germany and the Czech Republic. At the time, Google assured the public that this was entirely unintentional and promised to bulk up their privacy policy. Based on these assurances, the Information Commissioner's Office in the UK did not take any action on this breach of data protection rules; and Google was allowed to move on without facing penalties.
Now, two years later, it has come to light that perhaps Google was not as innocent as the company had previously claimed. Internal emails and documents released in a report by the US media regulator, the Federal Communication Commission, contradict Google's claims that this was just a mistake. The report alleges that a Google engineer had created special software that could "collect, store and review payload data for possible use in other Google projects". This software was then used to collect data from unsecured Wi-Fi networks as the street-view cars passed through some neighborhoods across Europe.
These allegations are extremely worrying and could point to a trend where private companies are purposefully intending to harvest private data without citizen's authorisation. Allegations that Google may have had knowledge of their actions are extremely serious. Given the extent of the data that was taken, I am calling for an inquiry in the UK so that lessons can be learned. At the very least, this case indicates that private companies are taking a cavalier approach towards privacy policy and data protection rules in Europe.
The EU is making efforts towards improving legislation in this area with the current Data Protection Regulation and Data Protection Directive that are going through the Civil Liberties, Justice and Home Affairs Committee in the European Parliament. These revised texts, when finally adopted, will hopefully send a strong message to businesses that there are serious repercussions for breaching a citizen's right to data protection. No one should have the right to take people's private data without their full knowledge and full consent.
Claude Moraes is a British MEP and deputy leader of the European Parliamentary Labour Party
It is not the first time that Google has faced criticism. In recent months, Google has come under fire for launching a new privacy policy; which allowed the search engine to collect customer data from one of the company's services and share it with other platforms such as YouTube and Gmail. This new policy raised concerns with national data protection authorities and with the French Data Protection Authority, which decided that the policy breached European Union law. European Justice Commissioner Viviane Reding also spoke out against Google's policy, indicating that the firm may not meet requirements laid out in her recent proposed revisions to the EU Data Protection Directive.
Recent allegations centre on the previous admission by Google, in 2010, that its street-view cars had secretly collected data including website details, user names and passwords from unsecured Wi-Fi networks in both the United States and in EU member states - including the United Kingdom, Germany and the Czech Republic. At the time, Google assured the public that this was entirely unintentional and promised to bulk up their privacy policy. Based on these assurances, the Information Commissioner's Office in the UK did not take any action on this breach of data protection rules; and Google was allowed to move on without facing penalties.
Now, two years later, it has come to light that perhaps Google was not as innocent as the company had previously claimed. Internal emails and documents released in a report by the US media regulator, the Federal Communication Commission, contradict Google's claims that this was just a mistake. The report alleges that a Google engineer had created special software that could "collect, store and review payload data for possible use in other Google projects". This software was then used to collect data from unsecured Wi-Fi networks as the street-view cars passed through some neighborhoods across Europe.
These allegations are extremely worrying and could point to a trend where private companies are purposefully intending to harvest private data without citizen's authorisation. Allegations that Google may have had knowledge of their actions are extremely serious. Given the extent of the data that was taken, I am calling for an inquiry in the UK so that lessons can be learned. At the very least, this case indicates that private companies are taking a cavalier approach towards privacy policy and data protection rules in Europe.
The EU is making efforts towards improving legislation in this area with the current Data Protection Regulation and Data Protection Directive that are going through the Civil Liberties, Justice and Home Affairs Committee in the European Parliament. These revised texts, when finally adopted, will hopefully send a strong message to businesses that there are serious repercussions for breaching a citizen's right to data protection. No one should have the right to take people's private data without their full knowledge and full consent.
Claude Moraes is a British MEP and deputy leader of the European Parliamentary Labour Party
RELATED CONTENT
Citizens want greater protection from Google
Google's business is dependent on collecting more data about us and our online identities but consumers do not trust that either the company or regulators take their privacy concerns seriously enough – writes Emma Carr
Google's business is dependent on collecting more data about us and our online identities but consumers do not trust that either the company or regulators take their privacy concerns seriously enough – writes Emma Carr
COMMENTS
