Feeds

Google's Street View could be unlawful in Europe

Private, in these parts

Choosing a cloud hosting partner with confidence

Analysis Like a trigger-happy tourist, Google has shot almost every street in five US cities and added its pics to what might be the world's biggest holiday album. But if Google ever starts shooting the streets of Europe, courts here could fight back.

Google Maps Street View is the latest service from the search giant. Vehicles with multi-lens cameras travelled the streets of San Francisco, New York, Las Vegas, Denver and Miami and snapped everything in their paths. The images were uploaded to Google Maps and now, when you're looking at a location in Google Maps that has been photographed, you can see the pics. If you live in a featured city and you've been passed by a Google van or a car from its partner, Immersive Media, the cameras probably saw you too.

Privacy fears were first raised by New Yorker Mary Kalin-Casey. She told the Boing Boing blog that, when trying out Street View, she recognised her cat, Monty, through the window of her own home. She said that the experience made her shake (though she'd have more cause for alarm if the camera captured her Georgian silverware).

I haven't seen anything that has made me shake, at least not yet, though I'm still looking and hoping. I love Google Maps and Street View just makes it better. But if it comes to Europe, there could be complaints that have grounds for litigation.

Complaints could be triggered by the images that spread across the internet like wildfire – the celebrity entering rehab or the nude at the window. And complaints could be triggered by the images that have a more personal impact on lives – the malingerer in the park or the husband on his paramour's porch. It does not matter that the pictures were taken in a public place.

If you are caught on camera and complain to Google, Google will remove the pics. But that may not be enough for Europe's courts.

Our data protection regime lets us take holiday snaps, even of strangers, provided we're doing so for private purposes. But if we're taking snaps for commercial use, where individuals are identifiable, there is no such exemption. We need to notify the subjects, and that's hard for Google to do. Even a loudspeaker on top of the camera cars ("Hi, it's Google here, say 'cheese' everybody!") might not suffice.

The law sets extra requirements for so-called sensitive personal data: it demands explicit consent, not just notification. That means when taking pictures of someone leaving a church or sexual health clinic – which could reveal a religious belief or an illness – camera cars might need to pull over and start picking up signatures.

The need for individuals to be identifiable is an important one: Monty the cat looked like a blob to me. Cats can't sue, even in Europe, but humans are just as hard to identify in Street View from what I've seen because the resolution is too low.

It's not just those who are identifiable and caught in the act that can give Google a tough time. We Europeans could ask Google to ensure that no picture of us appears in Google Maps in the first place.

The nature of this rule varies across Europe, but in the UK we have a right to prevent the display of an image that would cause substantial distress. All we have to do is send an email to Google asking that it does not display a picture of us: "Dear Google, I think your camera caught me in Hyde Park this lunch time canoodling with my wife's best friend. Please make sure I can't be seen in Google Maps because this may cause me substantial distress. I've attached a pic of what I look like." If Google refuses or ignores you, you can go to the Information Commissioner and ask him to enforce the right. If there's damage and distress, you can sue.

Street View is rather like CCTV and the Information Commissioner has published a CCTV Code of Practice (35-page / 434KB PDF). The guidance is surely impossible for Google to follow: "Signs should be placed so that the public are aware that they are entering a zone which is covered by surveillance equipment … [These signs] should be clearly visible and legible to members of the public". The guidance adds that "individuals sunbathing in their back gardens may have a greater expectation of privacy than individuals mowing the lawn of their front garden". Perhaps the Information Commissioner will take a pragmatic view and say that footage of someone walking down a street is acceptable, but footage of someone entering rehab is not. Maybe a mashup of Google Search and Google Maps could locate abortion clinics etc. and delete the footage.

Then there are our human rights.

On an evening in August 1995, a 42-year-old called Geoffrey Peck attempted suicide by cutting his wrists with a kitchen knife while on Brentwood High Street in Essex, England. CCTV cameras caught the action, the council's CCTV operator alerted the police and the police intervened. Peck lived. But still images from the CCTV footage were sold by the local council to the media. Peck took his complaint as far as the European Court of Human Rights and won.

The court said that the disclosure of the footage was a "disproportionate and unjustified interference" with Peck's private life, in violation of Article 8 of the European Convention on Human Rights. The court considered it significant that "[Peck's] actions were seen to an extent which far exceeded any exposure to a passer-by or to security observation and to a degree surpassing that which [Peck] could possibly have foreseen." Peck won damages of £7,000.

There's a qualification here: the Human Rights Act generally applies only to public authorities – and Google is not a public authority. But it does not escape completely. Courts are public authorities, and if someone sues Google for breaching the Data Protection Act in similar circumstances, courts will seek to protect a person's human rights in deciding the case. So human rights enter the case by a back door.

You can see Brentwood High Street in Google Maps, but not with Street View. Perhaps you never will.

Struan Robertson is Editor of OUT-LAW. These are the personal views of the author and do not necessarily represent the views of Pinsent Masons.

Copyright © 2007, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Business security measures using SSL

More from The Register

next story
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
Show us your Five-Eyes SECRETS says Privacy International
Refusal to disclose GCHQ canteen menus and prices triggers Euro Human Rights Court action
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.