In a letter from Australian Information Commissioner Timothy Pilgrim, representing the APPA’s regional data protection agencies, the Asia Pacific group supported the Working Party’s reforms including that Google should provide more comprehensive information about data retention periods, including clear and specific time frames for the deletion of user data.
It also calls for Google to provide active and passive users with simple and centralised opt-out mechanisms, and allow authenticated users to control which services they are logged in to at any one time and, as a result, what parts of their user data will be combined.
Biometric data is also highlighted as a key issue suggesting that Google must clearly state that the use of certain services will result in the collection of biometric data, and detail how that data will be stored and used.
Pilgrim's letter states “Google has a responsibility to engage regulators and users on privacy matters. Google sets a high benchmark for service that is emulated by others. It is important that Google aspires to similarly high levels in protecting the privacy of its users.”
The Commission Nationale de l'Informatique, working on behalf of the EU's 27 national data regulators, announced on Tuesday it had found legal flaws with a new approach to user data that Google adopted in March.
"Since internet companies know no borders, it is indispensable that data protection work together," said EU Working Group head Jacob Kohnstamm who is also the Dutch data protection boss. ®