Management of Google’s EU Data to Move from U.S. to Ireland

Google has publicly stated that it will be making some amendments to its terms of service and privacy policy, amendments which will now state that Ireland is the location of its data services for Europe.

The announcement was released in a company blog post by Anne Rooney, Public Policy Manager for Google Ireland which read: “We’re making the data controller change to facilitate engagement with EU data protection authorities via the GDPR’s ‘One Stop Shop’ mechanism, which was created to ensure consistency of regulatory decisions for companies and EU citizens. It’s important to note these changes do not in any way alter how our products work or how we collect or process user data within our services.”

The blog post said: “We’re also making a number of updates to Google’s Privacy Policy. The most important of these is that Google Ireland Limited will become the ‘data controller’ legally responsible for EEA and Swiss users’ information. This means that Google Ireland Limited becomes responsible for responding to requests for its user data, including from EU law enforcement, consistent with Irish law. It is also responsible for compliance with applicable privacy laws, including Europe’s new General Data Protection Regulation (GDPR).”

The update will be implemented on January 22, 2019. Google does not think that there will be an impact any features or operation of its services in Europe. The amendments mean requests for user data from consumers or law enforcement officials will be completed by the Dublin Google office from here on in. Currently the official service provider for Google Services including Drive, Play, Gmail, Maps and YouTube is located in Dublin at Google’s European headquarters. Along with this, all work to ensure compliance with the GDPR will be completed in Dublin.

However, Rooney ended her blog post with a proviso that stated: “It’s important to note these changes do not in any way alter how our products work or how we collect or process user data within our services. Nothing changes about your current settings, and you will continue to have granular control over the data you share with us when you use our services. And of course, we remain fully committed to compliance with the GDPR across all of the services we provide in the European Union.”

Google has now started contacting users to advise them of this change in how it is carrying out data management in the EU. The email read: “Nothing about your experience in Google services will change. And nothing is changing in terms of your privacy settings, the way your data is processed, nor the purposes of its processing as described in the Google Privacy Policy. However, if you don’t want to accept these changes in our terms and Privacy Policy, you can choose to stop using the applicable services.If you use Family Link to manage a Google account for users below the age of consent, then please take some time to talk to them about these changes.”

The amendments to the Google Privacy Policy are available here.

HIPAA Violation Penalties

Most Common HIPAA Violations Causes