Google laid out its work to implement the GDPR’s requirements in a blog post today. The GDPR replaces the EU’s 1995 Data Protection Directive and sets out new requirements for companies that store and analyse personal information. It comes into effect in May 2018, giving tech firms a little under a year left to get their products compliant.
Google said it’s “keenly aware” that its customers and partners will be handed new obligations under the revised laws. It is completing a regular program of security audits and contractual protections to make its own products and those of its partners compliant.
READ NEXT: YouTube unveils built-in direct messaging feature
The company has also created a new site that explains to consumers and businesses the impact GDPR will have on them. It includes information on the controls individuals and firms have over the data they share with online service providers, as well training resources to help businesses utilise the resources available to them.
Google said it is working to make all its primary products, such as Search and Gmail, compliant with GDPR. It intends to be ready to meet the EU’s May 2018 implementation deadline. As well as its consumer offerings, the company’s also ensuring its use of data collection in services like AdWords, AdSense and Analytics meets the legal requirement.
Throughout the blog post, Google avoided discussion of its views on the GDPR itself. It said its aim “is always to keep data private and safe,” making the addition of GDPR compliance to its products a logical step. Since it’s legally obligated to meet the regulations, this in itself doesn’t reveal much of Google’s opinion on the legislation.
READ NEXT: Microsoft: Windows 10 users “positive” about privacy changes
Google’s previously said it’s “committed” to the GDPR and views it as the “most significant” piece of EU privacy legislation in two decades. However, the company’s also warned that maintaining compliance is a “shared responsibility” with other major tech firms.
“[GDPR] ushers in a new era, unifying data protection rules across Europe, strengthening the rights of EU citizens and placing new obligations on all organisations that offer goods and services online,” said Google today. “Google is committed to complying with the GDPR across all of the services that we provide in Europe. Our aim is always to keep data private and safe – and to put our users and partners in control.”
Google will also be forced to offer GDPR-compliant services to UK consumers under a new draft bill introduced this week. UK lawmakers want to retain the EU’s GDPR after Brexit, offering the population the same protections as the European original. The UK’s Data Protection Bill would also give UK web users a “right to be forgotten” online.
