In a statement run in the Guardian, Google said:
“Nothing about our services or our approach to privacy will change, including how we collect or process data, and how we respond to law enforcement demands for users’ information. The protections of the UK GDPR will still apply to these users.”
Google feels moving the data to the US will allow the company to have better control over its fair use, according to Reuters’ sources.
“Wherever the data is held, it is subject to the data laws of that jurisdiction. US privacy protections are far weaker than those afforded to the EU, meaning Google are likely just the first of the big tech giants to move UK consumer data Stateside,” said Tom Chivers, Digital Privacy Advocate at ProPrivacy.
“Once based in the US it is out from under the close watch of GDPR legislation. This means we could well be about to see UK GDPR protections used as a bargaining chip when it comes to negotiating a trade deal with the US.”
Google could have had UK accounts answer to a British subsidiary, but has chosen this course of action instead, according to sources.
The news is indicative of the growing influence Google has when it comes to personal data. GDPR was seen as a landmark, largely positive ruling for the customer in the EU. With Google legally opting to move UK users’ data out of its protection, it could leave the UK and US open to negotiate ways for the UK authorities to easier access civilian data.
Even though authorities’ reasons for this could be legitimate, the move still raises ethical questions about the storing of personal data by large corporations and where the law should intervene to protect individual privacy rights.