• Jump to Content [Accesskey 'c']
  • Jump to Navigation [Accesskey 'n']
  • Jump to Homepage [Accesskey '0']
TLT Solicitors
  • Resources
  • Events and Seminars
  • Seminars - Special Requirements
  • Publications
  • Links
  • Accessibility
  • Need to Know
  • Contact
  • Sitemap
  • Send to a colleague/friend
  • Print this page
  • Home
  • Expertise
  • Sectors
  • People
  • Careers
  • Resources
  • About TLT
  • Contact

Page Content

Google to improve privacy policies after ICO audit

Updated September 2011

The Information Commissioner's Office (ICO) has announced that it is satisfied with moves taken by Google to improve its privacy policies, but has also identified certain areas in which further improvements can be made. The ICO's recommendations follow a recent audit by the ICO at Google's London offices on 19 and 20 July 2011.

The ICO's audit found that Google, on the whole, had made good progress in developing its privacy procedures. The audit drew particular attention to Google's practice of ensuring that all new projects undertake a 'privacy design document' (in depth privacy assessment) before they start, the internal privacy structure developed across all functions of Google's business and the privacy training provided to Google's engineers and other staff.

The recommended areas of improvement for Google (as listed in the audit) were as follows:

  • Google was advised to incorporate a 'privacy story' in all existing products, providing users with information about the privacy features of those products.
  • Google was urged to ensure that all of its existing projects should also have a privacy design document.
  • The training provided by Google to its engineers should be developed to ensure that it reflects any issues identified in a relevant privacy design document.

Google agreed to this audit as part of an undertaking which it signed in November 2010, following an incident in which it was reported that Google's Street View cars had collected wi-fi payload data as well as the location mapping information which was the purpose of their trips.

If you require any assistance in relation to data protection matters, please contact Alison Deighton.

This publication is intended for general guidance and represents our understanding of the relevant law and practice as at September 2011. Specific advice should be sought for specific cases; we cannot be held responsible for any action (or decision not to take action) made in reliance upon the content of this publication.

TLT LLP is a limited liability partnership registered in England & Wales number OC 308658 whose registered office is at One Redcliff Street, Bristol BS1 6TP England. A list of members (all of whom are solicitors or lawyers) can be inspected by visiting the People section of this website. TLT LLP is authorised and regulated by the Solicitors Regulation Authority under number 406297.


Back to publications

Related information

  • Data Protection & Privacy

Contact

  • Alison Deighton
    Partner
    Tel: +44 (0)117 917 8016

  • Email

Related publications

  • Data breach by Lush sends warning to retailers
  • School data breach caused by inadequate enforcement procedures
  • Poor physical security controls leads to data breach at London hospital
  • Subscribe to legal updates

© 2012 TLT LLP