Marc Bradshaw, one of the three British claimants taking legal action against Google for the Safari breach, has written a letter in response to the action forced on Google France by French regulator, CNIL. At the weekend Google tried to sneak out the notice of enforcement that CNIL obliged it to put on its homepage for 48 hours. Google waited until Saturday to put this online, hoping that by publicising the enforcement over the weekend most French consumers would miss it. Nevertheless, at least one regulator is prepared to try to embarrass Google into good behaviour. But what about here in the UK? Our regulator, the Information Commissioner’s Office, has done nothing. Here’s what Marc, a founder member of this Group thinks:
I, and other supporters of the UK’s Google Governance group, read with great optimism reports over the weekend that the French privacy regulator, the CNIL, is protecting French consumers by ordering Google to bear a sign about its violations on the google.fr website.
Back in May 2013, my lawyers wrote to the CNIL’s counterpart in the UK, the ICO. We alerted the ICO and the CNIL to the very sanction now adopted in France. The ICO told my lawyers at the time that “it is important to be aware that the options available do not enable the Commissioner to require a public apology”. In response, my lawyers obtained the cast-iron support of a legal Opinion from Thomas de la Mare QC that, on the contrary, the ICO would be perfectly within its powers to require Google to publish a warning notice on the google.co.uk website; that it is “common sense” that fines “are likely to be a commercial irrelevance to Google”, and that I and other UK consumers are entitled to expect the ICO to apply “effective remedies” to safeguard our legal rights. That was 7 months ago.
Perhaps now, at long last, the ICO will stop mimicking the French concept of laissez-faire and will instead have the French regulator’s courage to brand Google with the visible scar of a privacy violator.
10th February 2014