Information Commissioner calls for more privacy improvements at Google

The Information Commissioner's Office says an audit at Google's London office shows the company has taken reasonable steps to improve its privacy policies, but could do more.

The Information Commissioner's Office (ICO) says an audit at Google's London office shows the company has taken reasonable steps to improve its privacy policies, but could do more.

In August 2010, the ICO cleared Google of a UK Wi-Fi privacy breach, as initial investigation showed only fragments of information had been collected by the firm's Street View camera cars.

But the Information Commissioner ordered a new inquiry into Google's collection of Wi-Fi data in October after the search firm admitted more detailed information had been captured.

In November 2010, Google signed an undertaking to improve data handling to ensure breaches like the collection of private Wi-Fi data by its Street View vehicles did not happen again.

Although the July audit found that Google has taken action in all of the agreed improvement areas, the ICO has now asked the company to go further to enhance privacy, including ensuring that users are given more information about the privacy aspects of Google products.

Information Commissioner Christopher Graham said the audit is not a rubber stamp for Google's data protection policies.

"The company needs to ensure its work in this area continues to evolve alongside new products and technologies. Google will not be filed and forgotten by the ICO," he said.

The audit highlighted specific areas of good practice that Google has developed, including plans to carry out an in-depth assessment of new products to ensure that privacy is built in from the start.

The audit also found that Google has introduced an internal privacy structure across all functions of the business, advanced data protection training for all engineers, and enhanced training for all staff covering privacy and the protection of user data.

Some of the recommended improvements include providing users with information about the privacy feature of new products, checking that all new products meet privacy requirements, and developing training for engineers to include specific engineering disciplines that take privacy into account.

Read more on IT legislation and regulation

CIO
Security
Networking
Data Center
Data Management
Close