The Information Commissioner’s Office (ICO) has once again come under scrutiny after it was found it sent two ‘non-technical’ members of staff to investigate Google’s illegal collection of data from WiFi connections in July.
The findings have been slammed by Big Brother Watch, which described them as a “blunder”.
According to a Freedom of Information request, the ICO sent out two members of staff, Phil Jones, Assistant Commissioner (who no longer works at the ICO) and David J Evans Strategic Liaison Group Manager – Business and Industry to examine the case.
However, it was unable to pinpoint the pair’s qualifications in the FOI, citing that “the qualifications of investigation Mr Jones and Mr Evans were their ‘personal data’”. Instead it directed readers to a public folder with Mr Jone’s qualifications, which stated: “[Phil Jones] and his team are charged with providing advice and guidance to organisations in both the Private and Public Sector on the application of the Data Protection Act 1998 and the Privacy and Electronic Communications Regulation 2003.”
It added that the pair had “considerable experience” of data protection law meaning at the time they were able to clear Google after examining a sample of so-called “payload” data at Google’s London headquarters.
When we contacted the watchdog today, a spokesman also told us: “Two staff from the Information Commissioner’s Office (ICO) participated in the visit to Google’s headquarters in July 2010. As an Assistant Commissioner and a Strategic Liaison Group Manager, they were both senior staff with considerable experience in data protection law.”
However, according to Alex Deane, director at Big Brother Watch, the ICO’s failure to release information about the pair showed that it knew it hadn’t sent the right people.
He told TechEye: “The Information Commissioner blundered badly when he sent two non-technical personnel to investigate the HQ of one of the world’s most high-tech companies.
“He clearly knows this, as his office refused to release the information about their lack of proper qualifications to Big Brother Watch when we submitted a Freedom of Information request about it.
“We’re now in an absurd situation. The Commissioner fails to police the worst offender in his patch, and then dodges requests for information about his “investigation” until Parliament itself obliges him to ‘fess up about incompetence – and this is the Commissioner supposed to bring transparency to public life.”
MPs have also waded into the debate with Conservative MP Rob Halfon telling The Guardian that it was “astonishing” that the ICO “did not send technical people” to investigate the breach, which the ICO later ruled was a “significant breach” of the Data Protection Act.
However, in the the FOI request the ICO was shady about details of the meeting, claiming only that: “The only record we hold which relates to the meeting between the ICO and Google is a meeting note taken by Google’s legal advisors. This summarised the meeting and the inspection of the disc containing some of the data collected by the software used in the StreetView exercise.”
It said that while Google’s advisors had no objections to the content of that meeting note being provided in response to a request for information, given that the controversy surrounding the collection of data by Google Street View is very much ongoing, not only within the UK but also at an international level, the ICO takes the view that “it would not be appropriate to disclose this meeting note at this time.”
Last week the ICO ruled that, in light of subsequent investigations by international privacy commissioners, Google had broken data protection laws contrary to its initial impression in July.
It also said that Google will now be subject to an official audit of all of its data protection practices in the UK.