What has Google done ahead of GDPR?

Effective on May 25th 2018, the EU is implementing an extensive data protection regulation (GDPR) that provides EU residents greater freedom over their personal data and how it is collected and used.


Over the weekend Google announced the altercations they’re making to their privacy policy to comply with these regulations. This change affects all Google products and devices. However, before we discuss what Google has done, it’s important to understand what data Google collects, how they collect it and what they use this data for.

Below are two videos explaining:

Overall, Google has made it much clearer and easier for users to access their data and to personalize what data is being stored. For example, if you go to ‘Ad Settings’ you are provided with a list of topics Google thinks you may like and topics you may not like. From there, you can alter their generated ideas to ones that suit you better. Furthermore, within ’My Activity’ it is now much easier to delete data during specific periods of activity. Also, with the recent launch of The Data Transfer Project on Github – a leading software development platform- Google will soon offer a better way to transfer data from Google services to other platforms. Thus, helping developers offer seamless data transfers, encouraging the ‘portability of data’ clause found within GDPR. In conclusion, Google has made no additions to its privacy policy. However, it has made it easier for individuals to understand their data policies.

To provide state of the art data processing Google must employ a complex multi-layered security network. Firstly, Google’s data centers are geographically dispersed. Therefore, ensuring that no regional conflicts affect Google’s ability to process data. Secondly, Google applies the principle of least-privilege and need-to-know to ensure that internal leaks are protected against. Also, Google uses HTTPS encryption to protect data at all points in the data chain. Finally, Google scans for software vulnerabilities using a combination of internal tools and the greater security community through a bug bounty program.

The GDPR is a complex document and to ensure that your company complies with new legislation, reach out to see how we can solve your cybersecurity needs.

Secure Sense is the security provider that cares. We are a team of experts with a passion for IT and protecting your organization is what motivates us daily. If you have questions or want to learn more about how Symantec can improve your organization’s security, our services or just want to chat security please give us a shout. If you’re looking to guest blog, please send an email here.

You can also find us on TwitterFacebook,  LinkedIn.

Don’t forget to register for our 4th annual Camp Secure Sense here. Camp Secure Sense is geared towards helping Canadian IT Security professionals improve their security practices, and better protect their organization.