ICO makes comments following Street View Wi-Fi audit
The ICO's comments come following an audit of the search engine, which took place in July. The audit was one of a number of requirements Google agreed to after an investigation by the ICO following the revelation the search engine had accidentally been collecting Wi-Fi payload data alongside real-time photographs of cities across the world as part of its StreetView for Google Maps project.
The data collection, which Google claims was a mistake and not intentional, was discovered in May 2010 after the German data protection authority audited the Wi-Fi data collected by the Street View cars. The authority revealed that as well as collecting SSID information (the network's name) and MAC addresses (the number given to Wi-Fi devices such as a router), Google had also been collecting payload data such as emails or web page content being viewed.
"I'm satisfied that Google has made good progress in improving its privacy procedures following the undertaking they signed with me last year. All of the commitments they gave us have been progressed and the company have also accepted the findings of our audit report where we've asked them to go even further," said Information Commissioner Christopher Graham.
The ICO recommends that Google creates a 'Privacy Story' or an explanation of how data will be managed for every new product it develops in a bid to proactively provide users with information about the privacy features of the services, as well as ensuring all products have a Privacy Design Document that is checked for accuracy on a regular basis and training for engineers that covers privacy issues.
"The ICO's Google audit is not a rubber stamp for the company's data protection policies. The company needs to ensure its work in this area continues to evolve alongside new products and technologies. Google will not be filed and forgotten by the ICO."
Google said in a blog it welcomes the feedback on its progress and it looks forward to working with the ICO to ensure it continues to develop products that reflect strong privacy standards and practices.
"We have worked hard on these new privacy controls, which are designed to improve our internal practices without getting in the way of the innovation that has powered Google since its inception," said Alma Whitten, director of Privacy, Product and Engineering at Google.
"We know that there is no perfect solution, so we will continue to improve our current processes and develop new ones so that privacy awareness grows and evolves alongside Google."