Google and data watchdog in stand-off over W-Fi data
Google and the UK Information Commissioner’s Office are locked in a Mexican stand-off over data that the search giant collected from Wi-Fi networks.
According to the ICO, Google had been collecting data that carried some personal ‘payload’ for three years, while using scanning equipment to capture details of local Wi-Fi networks in the company’s Street View photography cars.
The ICO says it has demanded that Google deletes all the data it gathered from unencrypted networks in Britain, as have other data protection authorities around Europe, but Google has so far refused to delete the material, citing legal proceedings taking place in other countries where the data might be needed as evidence.
There does not seem to be any reason to keep the data concerned for evidential purposes
“Following requests from the Irish, Danish and Austrian data protection authorities we can confirm that we have deleted payload data identified as coming from those countries,” Google said in a statement. “We can also confirm that, as requested, we are keeping data from Belgium, France, Italy, Spain, Germany, Switzerland and the Czech Republic.”
This despite the fact that German data protection officials have said they want the hard drive containing the data handed over to them, according to a report from the BBC.
In the UK, Google has opted to retain the data “in a secure location”, just in case it needs the files in the future to present a defence in court.
“Given that there is some uncertainty about deletion generally, we think it makes sense to keep the remaining countries’ data while we work through these issues,” the company said. “For example, at least one DPA changed its instruction from delete to retain in the last few days.”
This, however, flies in the face of the demands and opinions of the ICO, which appears to have made its position clear. “There does not seem to be any reason to keep the data concerned for evidential purposes,” the UK watchdog said. “Therefore, in line with the data protection requirement that personal data should be held for no longer than necessary, we have asked Google to ensure that these data are deleted as soon as reasonably possible.”
Instead of deleting the data Google says it has “segregated the data on our network, which we then disconnected to make it inaccessible. We want to delete this data as soon as possible, and are currently reaching out to regulators in the relevant countries about how to quickly dispose of it”.
Despite the clear difference of opinion the ICO says it plans to take no further action on the issue.