ICO finds Google in breach of the Data Protection Act over Street View, but has no intention to issue a fine

The Information Commissioner's Office (ICO) has said that Google will be subject to an audit and must sign an undertaking to ensure data protection breaches do not occur again.

In an announcement of the outcome of the Google Street View investigation, information commissioner Christopher Graham has said that Google UK significantly breached the Data Protection Act when its Street View cars collected payload data as part of their WiFi mapping exercise in the UK.

Graham said: “It is my view that the collection of this information was not fair or lawful and constitutes a significant breach of the first principle of the Data Protection Act.

“The most appropriate and proportionate regulatory action in these circumstances is to get written legal assurance from Google that this will not happen again – and to follow this up with an ICO audit.”

Google UK has signed an undertaking in which the company commits to take action to ensure that breaches of this kind cannot happen again, while an audit of its data protection practices will also be undertaken.

The ICO is also requiring Google to delete the payload data collected in the UK as soon as it is legally cleared to do so.

The Metropolitan Police has indicated that they are not pursuing an investigation. However Graham rejected calls for a monetary penalty to be imposed, but said he is well placed to take further regulatory action if the undertaking is not fully complied with.

Sign up to our newsletters