PogoWasRight.org

Menu
  • About
  • Privacy
Menu

Google signs commitment to improve data handling – ICO

Posted on November 19, 2010July 3, 2025 by Dissent

The Information Commissioner’s Office issued the following statement:

Google Inc. has signed a commitment to improve data handling to ensure breaches like the collection of WiFi payload data by Google Street View vehicles do not occur again, the Information Commissioner said today.

Senior Vice President of Google, Alan Eustace, has signed an undertaking on behalf of Google Inc. which commits the company to putting into place improved training measures on security awareness and data protection issues for all employees. The company has also said it will require its engineers to maintain a privacy design document for every new project before it is launched. The payload data that Google inadvertently collected in the UK will also be deleted.

The Information Commissioner’s Office (ICO) will conduct a full audit of Google’s internal privacy structure, privacy training programs and its system of privacy reviews for new products. The audit will take place within nine months of the undertaking being signed.

Information Commissioner, Christopher Graham, said:

“I am very pleased to have a firm commitment from Google to work with my office to improve its handling of personal information. We don’t want another breach like the collection of payload data by Google Street View vehicles to occur again.

“It is a significant achievement to have an undertaking from a major multinational corporation like Google Inc. that extends to its global policies and not just its UK activities.

“We will be keeping a close watch on the progress Google makes and will follow up with an extensive audit. Meanwhile, I welcome the fact that the WiFi payload data that should never have been collected in the first place can, at last, be deleted.”

Most of the undertaking seems to just be Google agreeing to do what it should be doing anyway. There is a a provision for an audit, but the terms of the audit seem to be just a paper review:

Framework: Google will conduct an internal assessment and provide a confidential written report (“Privacy Report”) to the Commissioner. This Privacy Report will analyze Google’s implementation of the privacy process changes it outlined on October 22, 2010 as it applies to Google’s UK operations. The Information Commissioner’s Office may then validate the Privacy Report’s accuracy and findings via an in-person review of the Privacy Report at Google’s U.S. headquarters and at the offices of Google’s UK subsidiary. Google shall provide the Privacy Report to the Commissioner before such meeting.

No related posts.

Category: BusinessNon-U.S.

Post navigation

← Editorial: Body scans, pat-downs reasonable price for air safety
Another TSA Outrage →

Now more than ever

Search

Contact Me

Email: info@pogowasright.org

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

Categories

Recent Posts

  • White House ordered to restore Medicaid funding to Planned Parenthood clinics
  • California Attorney General Announces $1.55M CCPA Settlement with Healthline.com
  • Canada’s Bill C-2 Opens the Floodgates to U.S. Surveillance
  • Wiretap Suits Pit Old Privacy Laws Against New AI Technology
  • Action against tiny Scottish charity sparks huge ICO row
  • Congress tries to outlaw AI that jacks up prices based on what it knows about you
  • Microsoft’s controversial Recall feature is now blocked by Brave and AdGuard

RSS Recent Posts on DataBreaches.net

  • Scattered Spider Hijacks VMware ESXi to Deploy Ransomware on Critical U.S. Infrastructure
  • Hacker group “Silent Crow” claims responsibility for cyberattack on Russia’s Aeroflot
  • AIIMS ORBO Portal Vulnerability Exposing Sensitive Organ Donor Data Discovered by Researcher
  • Two Data Breaches in Three Years: McKenzie Health
  • Scattered Spider is running a VMware ESXi hacking spree
©2025 PogoWasRight.org. All rights reserved.
Menu
  • About
  • Privacy