On 17 September, Bitkom will host the 5th Privacy Conference. In advance of the conference we are talking with some speakers about current privacy issues, the impact of the GDPR and their expectations to the #pco19. Today in the interview: Peter Fleischer (Global Privacy Counsel, Google)
The GDPR is in force for more than a year now. How has public perception of data protection changed from your point of view?
The public, worldwide, continues to place a high value on privacy, and the GDPR increased awareness of individuals’ rights to privacy and of data controllers’ obligations. At Google, we know we need to maintain our users’ trust and comply with the GDPR. We are committed to meeting the public’s expectations, e.g. that we respect our users’ interests, that we clearly explain how Google makes money and how our products use their personal information. We also work hard to put users in control over their own data with powerful controls to manage privacy.
Did the General Data Protection Regulation change your daily work?
Google invested some 400 person-years of work in the run-up to the law taking effect. Much of this work was technical, building the tools to ensure individuals can make use of their GDPR rights, such as their right to data portability. We also invested heavily in building an Accountability framework, incorporating the requirements of the GDPR relating to the DPO, DPIAs, etc.
Taking only one example, the European “Right to be Forgotten”, or more precisely, the right to have certain search results delisted pursuant to a Google search on a person’s name, we have assessed requests to delist over 3.3 million URLs. In every case we carefully balanced a person’s right to privacy against the public’s right to access lawful information.
The GDPR is still in the early stages, and will grow deeper roots over the years. Privacy is a journey, not a destination. We are engaging with regulators and other privacy stakeholders to ensure that the GDPR is interpreted and enforced in ways that reinforce strong privacy protections for users and promote continued innovation.
Which additional data protection activities did you implement since then?
The GDPR and other global privacy laws set a high bar, and they grant individuals the right to make privacy choices. It’s up to companies like Google to build tools that enable people to make the privacy choices that are right for them. For years, we have developed privacy and security tools to live up to the vision of these privacy laws:
How can the new data protection regulations stimulate the technological evolution?
We invest heavily in research and development of novel privacy and security engineering techniques, and share what we learn to benefit the broader ecosystem. For example, we have teams of engineers working in areas including federated machine learning, differential privacy, anonymization, and visualization of neural network processing.
Which insights do you hope to gain at this year's Bitkom Privacy Conference?
I’ve made the Bitkom Privacy Conference an annual part of my calendar. It’s a terrific gathering of many of the world’s leading experts in the field of privacy. It’s a forum where we can share information and best practices, and learn how other professionals are thinking about similar challenges. Every year, I come away just a little bit smarter. And on a personal front, I’m happy to have met new colleagues, and renewed old friendships, in one of the world’s most vibrant cities, Berlin.
Thank you, Peter Fleischer!
Find out more about the #pco19