News Release
Data protection authorities urge Google to address Google Glass concerns
Ottawa, June 18, 2013 — Privacy Commissioner of Canada Jennifer Stoddart and 36 of her provincial and international counterparts have issued a joint letter urging Google Inc. to respond to questions and concerns related to Google Glass, the company’s new Internet-connected glasses.“Google Glass raises significant privacy issues and it is disappointing that Google has not engaged more meaningfully with data protection authorities about this technology. We are urging Google to take part in a real dialogue with us about Google Glass,” says Commissioner Stoddart.
The letter is as follows:
Mr. Larry Page
Chief Executive Officer
Google Inc.
1600 Amphitheatre Parkway
Mountain View, California
USA 94043
Dear Mr. Page:
We are writing to you as data protection authorities to raise questions from a privacy perspective about the development of Google Glass, a type of wearable computing in the form of glasses1, which is currently in beta testing and not yet available to the general public.
As you have undoubtedly noticed, Google Glass has been the subject of many articles that have raised concerns about the obvious, and perhaps less obvious, privacy implications of a device that can be worn by an individual and used to film and record audio of other people. Fears of ubiquitous surveillance of individuals by other individuals, whether through such recordings or through other applications currently being developed, have been raised. Questions about Google’s collection of such data and what it means in terms of Google’s revamped privacy policy have also started to appear.
As you may recall, data protection authorities have long emphasized the need for organizations to build privacy into the development of products and services before they are launched. Many of us have also encouraged organizations to consult in a meaningful way with our respective offices.
To date, what information we have about Google Glass, how it operates, how it could be used, and how Google might make use of the data collected via Glass largely comes from media reports, which contain a great deal of speculation, as well as Google’s own publicizing of the device.
For example, our understanding is that during the beta testing of the product, Google has put in place extensive guidelines for software developers to follow in building applications for Glass2. These limits appear to be largely related to advertising within Glass. If this is indeed the case, we think this is a positive first step in identifying privacy issues, but it is only a first step and the only one we are aware of.
We understand that other companies are developing similar products, but you are a leader in this area, the first to test your product “in the wild” so to speak, and the first to confront the ethical issues that such a product entails. To date, however, most of the data protection authorities listed below have not been approached by your company to discuss any of these issues in detail.
For our part, we would strongly urge Google to engage in a real dialogue with data protection authorities about Glass.
The questions we would like to raise include:
- How does Google Glass comply with data protection laws?
- What are the privacy safeguards Google and application developers are putting in place?
- What information does Google collect via Glass and what information is shared with third parties, including application developers?
- How does Google intend to use this information?
- While we understand that Google has decided not to include facial recognition in Glass, how does Google intend to address the specific issues around facial recognition in the future?
- Is Google doing anything about the broader social and ethical issues raised by such a product, for example, the surreptitious collection of information about other individuals?
- Has Google undertaken any privacy risk assessment the outcomes of which it would be willing to share?
- Would Google be willing to demonstrate the device to our offices and allow any interested data protection authorities to test it?
Sincerely,
Original signed by
Jennifer Stoddart
Privacy Commissioner of Canada
Original signed by
Jacob Kohnstamm
Chairman of the Article 29 Working Party, on behalf of the members of the Article 29 Working Party
Original signed by
Timothy Pilgrim
Privacy Commissioner of Australia
Original signed by
Marie Shroff
Privacy Commissioner, New Zealand
Original signed by
Alfonso Oñate Laborde
Secretary for Data Protection, Federal Institute for Access to Information and Data Protection, Mexico
Original signed by
Rivki Dvash
Head of the Israeli Law, Information and Technology Authority
Original signed by
Hanspeter Thür
Swiss Federal Data Protection and Information Commissioner
Original signed by
Jill Clayton
Information and Privacy Commissioner of Alberta
Original signed by
Jean Chartier
President, Commission d’accès à l’information du Québec
Original signed by
Elizabeth Denham
Information and Privacy Commissioner of British Columbia
[1] Google Glass includes an embedded camera, microphone and GPS, with access to the Internet. The Android Operating System powers Google Glass, and third-party applications are currently being built for Glass. To access Glass, a user needs a Google account.