Google will introduce a number of measures to improve the way it handles private data, the UK Information Commissioner’s Office revealed today.
The web giant reached an agreement with the ICO after admitting that it had collected UK citizens’ private data when compiling its StreetView online mapping service.
The new measures include improved staff training and the requirement for a “privacy design document” to be written in advance of any new project. Google will allow the ICO to conduct a full audit of its ‘internal privacy structure’.
It has also agreed to delete the data that was collected by the StreetView camera cars, which included WiFi passwords and full emails.
When the breach first came to light, Google said the data was “fragmentary” and the ICO agreed that no meaningful personal data had been collected. Since then, however, Google has been investigated for similar incidents in Germany, Italy, Canada and South Korea. A subsequent ICO investigation found that it was in fact "a significant breach of the first principle of the Data Protection Act".
“I am very pleased to have a firm commitment from Google to work with my office to improve its handling of personal information,” said the information commissioner Christopher Graham in a statement today. “We don’t want another breach like the collection of payload data by Google StreetView vehicles to occur again.”