Google Taking Big Privacy Steps
Also, Google is improving its training for employees with a particular focus on the responsible collection, use and handling of data. All 23,000-plus employees will be required to undertake a new information security awareness program. Finally, the company will bolster its compliance practices by requiring every engineering project leader to maintain a privacy design document for each project they develop for the company."We are mortified by what happened, but confident that these changes to our processes and structure will significantly improve our internal privacy and security practices for the benefit of all our users," Eustace concluded. The surprising revelation that Google collected whole e-mails, passwords and URLs is already getting a rise out of privacy advocates who have vilified the company over this WiSpy issue as well as privacy issues associated with its Google Buzz social service last winter. Consumer Watchdog advocate John Simpson said it is difficult to trust Google because it keeps changing its story. "First they said they didn't gather data; then they said they did, but it was only fragments; and today they finally admit entire e-mails and URLs were captured, as well as passwords," said Simpson. "Maybe some Google executives are beginning to get it: Privacy matters. The reality, though, is that the company's entire culture needs to change." The Street View story was rekindled earlier this week with Canada's privacy commissioner absolving Google for collecting data in that country. Meanwhile, Google said Oct. 21 that only 3 percent of German households opted to have their houses shielded from Street View when the service rolls out across that country this year.
This document will record how user data is handled and will be reviewed regularly by managers, as well as by an independent internal audit team.