Google-eyed over privacy

Opinion by Frank Jennings

Google's Street View service is on course to test the UK's data protection laws, says Frank Jennings

Google's Street View service is on course to test the UK's data protection laws, says Frank Jennings

Google, no stranger to a courtroom at the best of times, has found itself back in court in the US, this time for alleged invasion of data privacy through Street View. Data protection champions have warned of similar actions in the UK.

Google Street View uses car-mounted cameras to film street-level images, allowing users to zoom in to panoramic views of each environment. The service was launched in the US in May 2007 and now offers views of cities such as New York and LA among many others. The service began its expansion in July 2008 to Australia, France, Italy, Japan and soon the UK.

Expansion into Europe has sparked data protection and privacy concerns. In June 2008, EU data protection supervisor Peter Hustinx discussed the need for a balance between a person's right to privacy and any public policy considerations. Under the EU Data Protection Directive, the “data controller” – in this case the photographer – is obliged to inform any individual who is identifiable in photos taken for commercial purposes. Furthermore, where the personal data is sensitive, the controller must obtain consent from the individual before the data can be used.

The proposed expansion of the service to the UK saw campaigners claim that the service is incompatible with the Data Protection Act – which generally allows an individual the right to withhold consent to the processing of his personal data – and Article 8 of the European Convention on Human Rights – which sets out the right to respect for private and family life.

Street View has already caused controversy since its launch in the US, where Google has reportedly published pictures of people in “compromising” positions, including men picking up prostitutes. Meanwhile, a Pennsylvanian couple, the aptly-named Mr and Mrs Boring, are seeking $25,000 in compensation for “mental suffering” caused as a result of the publication of pictures of their home. They claim that these pictures were taken as a result of Google's trespass on private property and they argue that this has devalued their home, but the Federal Court has yet to rule on this. Additionally, Google has come under fire in a copyright infringement claim by the Belgian newspaper publishers Copiepresse and from Louis Vuitton in an alleged trademark breach relating to its keyword advertising.

As a result, Google added blurring technology into Street View, which uses an algorithm to scour Google's image database for faces. Google has also enabled users to flag images they find inappropriate or sensitive, which it will then review and remove if required. It is these developments that persuaded the UK Information Commissioner that Google's posting of images in the UK Street View would be acceptable. The UK privacy watchdog announced in July that it was “satisfied” that Google had put in place “adequate safeguards to avoid any risk to the privacy or safety of individuals”. It said that, although there could be circumstances in which a person could be identifiable, it is clear that Google is trying to “capture images of streets not individuals”.

These security safeguards put in place should have the effect of reducing the scope of any legal action in the UK, especially given that the images are not automatically uploaded onto the Street View system. Although Google's problems are particular to the Street View service, it is important that all businesses:

  • Empower a staff member with responsibility for data security
  • Collect only the personal data that is relevant
  • Implement a data protection policy within the organisation, not just the privacy policy on the corporate website
  • Ensure all employees and contractors abide by the policy
  • Regularly review and update data protection and privacy policies and ensure continued compliance with the law
  • Ensure the staff member responsible for data security remains aware of any privacy or data protection laws, especially with business outside the EU.

Frank Jennings is a partner in DMH Stallard's technology group and head of the commercial team.


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming Events