Main content

Google Glass vision is impaired by threat of non-US data protection laws

Stuart Lauchlan Profile picture for user slauchlan June 30, 2014
Summary:
Could using Google Glass in non-US data protection regimes lead to organizations breaking the law? Possibly, if they're not alert to the organisational requirements of staying compliant with existing privacy laws.

google-glass-macro
The Google Glass has already stirred up a significant personal privacy debate in the US, but now that it’s available in Europe, it looks as though a rather tougher challenge might be presenting itself, one of a more legal nature.

While in the US, there have been moves to ban the use of Google Glass in certain places, such as movie theaters, bars and when driving, there’s been no overt legislative or legal challenge yet made, although eight members of Congress did write to Google CEO Larry Page, asking him to explain Google’s stance on personal privacy, including data collection and storage on Glass.

Google itself has been aware of these concerns of course and has produced its own Google Glass Etiquette guide of dos and don’ts.

Included in the Dos:

  • Explore the world around you.
  • Take advantage of the Glass voice commands.
  • Ask for permission.
  • Use screen lock.
  • Be an active and vocal member of the Glass Explorer Community.

Among the don’ts:

  • Don’t use for too long - AKA Glass-out.
  • Don’t “rock” Glass while doing high-impact sports.
  • Don’t wear it and expect to be ignored.
  • Don’t be creepy or rude (aka, a “Glasshole”).

Don’t do evil is missing, but you get the general point.

Of course, the Etiquette guide is fundamentally frivolous and a piece of PR aimed at showing Google to be responsible in encouraging use of the new tech.

That’s not going to be enough for critics. With the arrival of Google Glass into Europe, the UK’s right wing newspaper and all-round Google-hater in chief The Daily Mail is already on the case with the subtle and not-at-all-scaremongering headline:

Screen Shot 2014-07-01 at 09.33.47

In the article beneath - and no, I'm not giving them the publicity of a link! - , the intrepid Mail reporter breathlessly warns us that:

The long-awaited but controversial Google Glass has arrived in Britain, and I am testing what it can do – and not just in terms of making calls or capturing high-quality snaps to show my friends. I am also seeing how it stretches long-cherished ideas of privacy to breaking point.

And beyond.

Ooooh, scary! Run away, away, Google's coming to get us!!!

Not just the paranoid

Privacy concerns are not unique to the paranoid right wing of course. In the US, one poll recently found that 72% of Americans cited privacy concerns as the biggest reason for not wanting to wear Glass, with particular concern around the possibility of hackers accessing personal data and revealing personal information, including location information.

In Europe, those concerns are likely to bite harder - and be backed up by existing data protection regulations that could give Google more of a headache than using the Google Glass to read War and Peace!

No more than 48 hours after the Google tech was made available in the UK, than the Information Commissioner’s Office (ICO), the official government data privacy watchdog, warned that Google Glass - and by extension other types of wearable tech - may break the laws in place to protect personal information.

Writing on his blog, the ICO’s Senior Technology Officer Andrew Paterson warns:

As this technology develops, people will understandably have reservations about the increasing amounts of personal information that these products are capable of collecting and transmitting. The main issue in the media so far has been whether people have been given adequate notice that they might be filmed.

There is an important debate to be had around the privacy implications of wearable technology and it will ultimately be for society to decide how comfortable they are with wearables. However like any new technology, wearables must operate in compliance with the law. In the UK, this means making sure that these devices operate in line with the requirements of the UK Data Protection Act.

Now, if you’re using wearable tech for your own use then you’re in the clear, as UK law includes exemptions for collecting personal data for domestic purposes. But if there’s any hint or possibility that you might end up using it for commercial gain, then you’re in trouble.

On the other hand, if you’re a corporate and the Google Glass belongs to the organization, then things are very different and fall under the Data Protection Act requirements. That essentially means:

  • Making sure that people are being informed about how their details are being collected and used.
  • Only collecting information that is relevant, adequate and not excessive.
  • Ensuring that any information that needs to be collected is kept securely and gets deleted once it is no longer required.

Furthermore, as Paterson notes, Google Glass’s ability to capture video and pictures means it falls under the remit of the ICO’s Code of Practice for CCTV!

He concludes:

The rise of wearable technology brings exciting new possibilities and is set to become widespread in the years ahead. But organisations must not lose sight of the fact that wearables must still operate in compliance with the law and consumers’ personal information must be looked after.

Vision impaired

Now clearly there are going to be some test cases that need to be fought here to establish exactly what’s going to become accepted as more and more wearables enter the corporate mainstream.

xl_Google-Glass-Virgin-Atlantic-624
Virgin Atlantic

Organizations already have a tendency to record as much as possible. From a personal gripe point of view, the tendency at corporate events for there to be a camera person taking photographs of the assembled media and analysts without asking if they mind drives me crazy. If I turn up at an event and all the organizers are wearing Google Glasses I may freak out completely!

On a more serious note, if this is the stern advice laid down by the UK ICO on data protection, what will the reaction be of other European countries where data protection rules are enforced even more rigorously, such as Germany?

And what will those demanding a draconian overhaul of data protection regulations across Europe make of the implications of wearables?

Is this another opportunity to pursue a political policy through FUD for the shriller voices within the European Commission?

Could a data protection-ist agenda become the barrier to entry to the European market that so many US cloud services providers believe is being built up to keep them at a distance?

My take

You don’t need wearable access to the internet to realise that it’s a good thing that these points are being aired now.

There’s no way in the world that I’d support the technophobic nonsense of The Daily Mail, whose readers would happily switch off the internet if they could. But there are some very real privacy concerns on a global scale that need to be more openly addressed if the genuine potential of wearable tech is to be realised.

When you look at firms such as Virgin Atlantic and its currently-running trial of Google Glass use for staff serving Upper Class passengers, you can see the value such tech can bring and the bleeding edge modernity it lends to the Virgin brand.

But then there are the problems it can cause at a more mundane level. For example, organizations will need to update HR policies to avoid a scenario where a person wearing Google Glass videos a meeting with other employees who then complain about being intimidated or bullied as a result.

And that’s before we get into the compliance and governance nightmares…

That said, at £1000 a pair and with the prospect of looking ridiculous in public, the data protection implications of the Google Glass are not likely to impact upon me any time soon.

 

 

 

 

Loading
A grey colored placeholder image