back to article Hey, Brits. Your Google data is leaving the EU before you are: Hoard to be shipped from Ireland to US next month

Google's UK users will see their data shifted to a US-based data controller from the end of next month with the ad giant blaming Brexit for the move. In a statement, Google said that UK users will now have Google LLC – the US-based operation – as the legal controller of their data instead of Google Ireland Limited. Google …

  1. Anonymous Coward
    Anonymous Coward

    Not so much DuckDuckGo...

    ...more F***F***You Google.

    1. Anonymous Coward
      Anonymous Coward

      What's the problem?

      Surely British politicians would have done something to protect Brits data if it were in British citizens interest. After all, they know what's good for you better than you do.

      1. Ian 55
        Flame

        Re: What's the problem?

        Ha ha ha. You seen who we've got?

        Fuck business, fuck privacy.

    2. Anonymous Coward
      Anonymous Coward

      Re: Not so much DuckDuckGo...

      >...more F***F***You Google.

      Sent from my Android phone ?

  2. Charlie Clark Silver badge

    So that is what they meant by taking back control!

    In this case Google is taking back control of your privacy. Thanks, guys!

    1. SundogUK Silver badge

      Re: So that is what they meant by taking back control!

      Meh. Google does not and never has had any control of my privacy.

      1. DontFeedTheTrolls Silver badge
        Mushroom

        Re: So that is what they meant by taking back control!

        Or so you think...

      2. LucreLout Silver badge

        Re: So that is what they meant by taking back control!

        Meh. Google does not and never has had any control of my privacy.

        I'm not sure that's true. I've never had a facebook account, but I bet Zuckerberg knows all about me - friends have accounts so data about me leaks, and it'll be the same with google. Got a mate with GMail?

  3. Marketing Hack Silver badge
    Stop

    Convenient BS from Google...

    No, the UK doesn't have a data rights or protections agreement with the EU. However, the UK doesn't have one with the U.S. either, as that was agreed between the EU and the U.S.

    So Google moved their data on UK residents to the jurisdiction where they could get the biggest return from selling it, because there was some convenient ambiguity. Then they blamed Brexit for their actions.

    1. Glen 1 Silver badge

      Re: Convenient BS from Google...

      Brexit is the cause of the "convenient ambiguity", so that checks out.

      1. Marketing Hack Silver badge

        Re: Convenient BS from Google...

        Google could have kept the data in Ireland, and told Britain they would continue to treat them as an EU nation until things were worked out with the EU, U.S. or whomever else. Instead, they grabbed the cash and ran off to the U.S.

        1. Robert Grant Silver badge

          Re: Convenient BS from Google...

          Correct, they could have decided to not take advantage of the convenient ambiguity that is Brexit. However, we could hardly expect them to do that, when Brexit's richest proponents are making bank over the same ambiguity.

        2. Anonymous Coward
          Anonymous Coward

          Re: Google could have kept the data in Ireland,

          Surely the "sensible" thing for them to do would be to have moved it into the UK, since that is probably where it belongs.

    2. John Brown (no body) Silver badge

      Re: Convenient BS from Google...

      I thought that during the "transition period", all the EU legislation still applied. So how come Google think they can jump the gun? Will the ICO be getting involved here? If the ICO move fast enough, this move could incur a multi-billion fine!

      1. Ken 16 Silver badge

        Re: Convenient BS from Google...

        During the transition period, the EU has agreed to treat the UK as it had before Brexit (and vice versa) but that doesn't apply to Third Countries and Google US are taking advantage of their 3rd Count. status.

        1. hplasm Silver badge
          Devil

          Re: Convenient BS from Google...

          "Google US are taking advantage of their 3rd World Count. status."

          FTFY

          1. Falmor

            Re: Convenient BS from Google...

            I have a German friend who lived in the UK 20 years ago. Even back then he said, "The problem with the English is they are living in a 3rd world country and don't realise it." Things definitely haven't improved since then.

            1. LucreLout Silver badge

              Re: Convenient BS from Google...

              I have a German friend who lived in the UK 20 years ago.... problem with the English is they are living in a 3rd world country...

              And yet your German friend would prefer to live here rather than the Fatherland? It seems most likely that he's never been to a third world country and was merely tweaking his prejudices to better fit with what he perceives is your world view. He thinks you hate England so he pretends he does too. Nobody leaves a first world country to live in "a third world country" because they like British beer.

      2. big_D Silver badge

        Re: Convenient BS from Google...

        It does and the DPA 2018 still covers the UK, so if Google classes the data as no longer European, they would have to store it in the UK, until the UK has a treaty with the USA, otherwise they are breaking the DPA 2018 (the UK implementation of GDPR, which will remain in effect until it is changed by Parliament).

        1. Mike 137 Silver badge

          "they would have to store it in the UK"

          No they wouldn't. There's no requirement in the GDPR or DPA 2018 restricting location of storage, only a requirement that adequate protection (and that means rights protection, not just "security") is in place where the data is processed (and that includes storage) if that place is outside the EEA and does not have an adequacy decision. The US has Privacy Shield (for what it's worth) so any such data transfers as this are lawful.

          1. big_D Silver badge

            Re: "they would have to store it in the UK"

            GDPR states protection equivalent or better than the EU/UK. The US is a looooooong way off from providing that!

            https://gdpr-info.eu/issues/third-countries/

            one must check in a second step whether transfer to the third country is permitted. One must differentiate between secure and unsecure third countries. Secure third countries are those for which the European Commission has confirmed a suitable level of data protection on the basis of an adequacy decision. In those countries, national laws provide a level of protection for personal data which is comparable to those of EU law.

            ...

            Andorra, Argentina, Canada (only commercial organisations), Faroe Islands, Guernsey, Israel, Isle of Man, Jersey, New Zealand, Switzerland, Uruguay, Japan and USA (if the recipient belongs to the Privacy Shield).

            But the UK is no longer part of the EU and therefore Privacy Shield does not apply to UK data, so a new treaty between the USA and the UK will be needed, before UK data can legally be transferred to the USA. And the USA is still dragging its heels on Privacy Shield, they still aren't compliant with the treaty after nearly 4 years - for example they still haven't assigned a permanent ombudsman for privacy matters, as required under Privacy Shield.

          2. Optimal

            Re: "they would have to store it in the UK"

            "The US has Privacy Shield (for what it's worth) so any such data transfers as this are lawful." are you mad!!! they are the worst in term of privacy or data protection. have you even heard of the patriot act.

            1. Nick Ryan Silver badge

              Re: "they would have to store it in the UK"

              The US's Privacy Shield is as worthless as the previous US data protection nonsense. In essence there is no worthwhile data protection in the US regime for natives or non-natives. "Privacy Shield" is a worthless voluntary piece of fluff with no backing in US law, non-US natives cannot prosecute a US organisation for a voluntary agreement, and you can imagine just how well an "alien" would be received trying to presecute a glorious US organisation in a US court.

            2. SImon Hobson Silver badge

              Re: "they would have to store it in the UK"

              Yes, you know it's a load of b***ocks, I know it's a load of b***ocks, I think all of us here know it's a laod of b***ocks. But for the moment, authorities in the EU have declared that Privacy ShieldFigleaf is valid - and therefore the transfer would be legal.

              When Privacy ShieldFigleaf gets blown out of the water, which will happen in due course, then things will be different. Until then, it's legal. As Max Screms has shown, the wheels of the legal system turn slowly.

      3. John Jennings Bronze badge

        Re: Convenient BS from Google...

        The ICO should be involved.

        The difficulty will also be with EU citizens personal data using google services. I am Irish, living currently in Northern Ireland, but I have a gmail.com email addy -

        Under GDPR, my (Republic of Ireland) rights under GDPR remain - how in the name of sweet bejesus would Google work out if I am EU or UK?

        Further, I might recieve other peoples personal data to my google drive - and how do I respect eu citizens rights ?

        Finally - the latency to Ireland from London is around 20-30 ms. Its 90 to New York. Is this an opportunity for Microsoft?

        1. ibmalone Silver badge

          Re: Convenient BS from Google...

          The difficulty will also be with EU citizens personal data using google services. I am Irish, living currently in Northern Ireland, but I have a gmail.com email addy -

          The Good Friday Agreement strikes again!

          Actually, they should have to deal with that anyway, EU citizens are covered worldwide by GDPR (of course companies only have to worry about that if they do business in the EU, but Google clearly do), so a Frenchman living in London would still be covered. This also somewhat illustrates the practicality of having such legislation at a continent rather than country level.

          As others have said, there should be no problem with them continuing to hold UK citizen's data in ROI. In fact the UK is supposedly retaining GDPR-based legislation, so even if we're no longer recognised as a place where EU data can be held it should be possible to hold it in the EU (a situation that comes about because we want to be recognised as adequate for GDPR). If not in the EU then the UK is the only place it could be held. Google are very much trying it on.

        2. 2+2=5 Silver badge

          Re: Convenient BS from Google...

          > how in the name of sweet bejesus would Google work out if I am EU or UK?

          Google knows your inside leg measurement. Pretending that you're UK is purely that - a pretence.

        3. Wandering Reader

          Re: Convenient BS from Google...

          "Under GDPR, my (Republic of Ireland) rights under GDPR remain"

          Why? Would your GDPR rights still exist if you lived in Mexico, which is also not in the EU? I.e. - are your rights connected to citizenship rather than country of residence?

          1. John Brown (no body) Silver badge

            Re: Convenient BS from Google...

            "Why? Would your GDPR rights still exist if you lived in Mexico, which is also not in the EU? I.e. - are your rights connected to citizenship rather than country of residence?"

            Of course the rights exist. Enforcing them might be a different kettle of fish though. The USA have been attempting to apply their laws worldwide for quite some time now. Why should other jurisdiction not try the same thing?

      4. Aussie Doc Bronze badge
        Coat

        Re: Convenient BS from Google...

        "If the ICO move fast enough..."

        Ah, I think I see the problem.

        I'll hang my coat here whilst I wait patiently ------->

    3. big_D Silver badge

      Re: Convenient BS from Google...

      Interestingly, nothing changes, legally, because of Brexit. The UK DPA 2018 is the implementation of the GDPR in UK law, so it still stands, until repealed. Therefore, moving the data to the US would be illegal, but I'm guessing that Google reckons that they can hoodwink the UK public and Government, before they realise what is going on.

      1. Bronek Kozicki Silver badge

        Re: Convenient BS from Google...

        I do hope OpenRightsGroup will take care to notify ICO and ask their advice.

  4. Craig100

    Do No Evil ?

    Google, being nasty (evil) every chance they can. Hard to think which of the US tech giants is the creepiest. Google, Amazon, Microsoft, Facebook? They're all pretty bad.

    1. IceC0ld Silver badge

      Re: Do No Evil ?

      strange days indeed, when a list of the evil four, and we all would put MS at the bottom of the heap ffs :o)

      1. Anonymous Coward
        Anonymous Coward

        Re: Do No Evil ?

        And IBM fell off the list a LONG time before.

        1. Anonymous Coward
          Anonymous Coward

          Re: Do No Evil ?

          Mainly because they don't really do anything that affects consumers anymore. They're just an oversized consultant shop now.

    2. Dan 55 Silver badge

      Re: Do No Evil ?

      I'm sure Google will be the first in the Silly Valley stampede to take back control of your data, the rest will be following on behind shortly.

    3. Steve Davies 3 Silver badge

      Re: Do No Evil ?

      You seem to have forgotten that seller of tat... Apple from your scumbag list.

      1. Kabukiwookie Silver badge

        Re: Do No Evil ?

        Forgot Twatter from that list as well.

    4. Anonymous Coward
      Anonymous Coward

      Re: Do No Evil ?

      "Do no evil" is pure arrogance; it's a claim of perfection. Which is why Google's motto was not "Do no evil", it was "Don't be evil". Which, at the time it was written, meant "Don't be like Microsoft".

      1. JohnFen Silver badge

        Re: Do No Evil ?

        Which provides another example of the old adage that "you become what you hate".

      2. Ken 16 Silver badge

        Re: Do No Evil ?

        I used to be anti-Microsoft but I've mellowed and I prefer their cloud services as a consumer. I'm reasonably confident that all they want is my money.

        1. whitepines Silver badge
          Facepalm

          Re: Do No Evil ?

          I'm reasonably confident that all they want is my money.

          Not defending Google here (I hate their methods as much as the next IT person) but have you read the Microsoft EULA?

          Yes, they want a lot more than your money. Why else do they give themselves the right to go through your data, and just for an added insult delete anything they don't like?

        2. kain preacher

          Re: Do No Evil ?

          Apple with their anti right to repair has knocke MS out of that list

    5. kat_bg

      Re: Do No Evil ?

      I guess all all them to a certain extent. Don't know about Facebook, but Microsoft still operates via the Ireland based subsidiary in relation to EU countries...

  5. Len Silver badge
    Holmes

    What makes a user a Brit?

    I wonder what criteria Google will use to decide whether someone is British or not?

    They won't know the nationality of many of their users. They may know residency but even that could be uncertain (or deliberately faked). If you are an EU Citizen living in Manchester, will you now be considered a Brit for Google purposes? If you are a Brit living in Dublin, are you still a Brit for Google? If you're a Brit living in the UK but made your account when you were still living in Berlin, does Google think you are German?

    And, of course, most importantly. What can a poor sod with UK nationality, living in the UK, do to let Google think you are not British?

    1. Dan 55 Silver badge

      Re: What makes a user a Brit?

      Set your account address to somewhere in Ireland. Your wallet will switch to euros though (your pounds will still be there, just inaccessible until you set the address back to the UK).

      1. Flocke Kroes Silver badge

        Re: Set you account address ...

        I do not have an account. How do I get Google to delete the data they have on me?

        1. WolfFan Silver badge

          Re: Set you account address ...

          Google? Delete data? That’s very funny... oh. Wait. You were serious. Here’s how to get Google to delete all data they have on you: you can’t. They will always ‘forget’ some data, and from that will quickly (days at most) rebuild what was deleted.

      2. Len Silver badge
        Unhappy

        Re: What makes a user a Brit?

        I have gone out of my way to give Google as limited information as possible (never stay logged into Google, always destroy their cookies, disable as much activity tracking as they allow me to).

        I have just set my language to English (Ireland) but couldn't find any place they set my location. Until I found Google Wallet that I have never used and found it populated with an old address and other stuff. How did that get there and can I just remove my Wallet profile altogether?

        1. Dan 55 Silver badge

          Re: What makes a user a Brit?

          I think the quickest way there is pay.google.com > Settings and there's an option to delete the account on the phone (Settings > Google > Manage > Data and Personalisation).

    2. Steve Davies 3 Silver badge

      Re: What makes a user a Brit?

      Google along with Amazon knows everything possible about you already.

      They even know things that you have forgotten.

      It will already have been packaged up and sold on.

      Just get used to you being called by scam artists from the USA alongside the ones from India.

      A fact of life in Doris's post BREXIT Blighty. This is the new norm. Get used to it.

    3. Fungus Bob Silver badge

      Re: What makes a user a Brit?

      " If you are an EU Citizen living in Manchester, will you now be considered a Brit for Google purposes?"

      If you are in Manchester for any reason, UK law applies to you, so Google wins.

      1. Cederic Silver badge

        Re: What makes a user a Brit?

        UK law is the Data Protection Act 2018.

        I'm not convinced that Google's actions are legal under that Act and will be inviting the ICO to take a look.

        (Which is obviously a waste of my time because the ICO are even less effective and less interested in actually doing their job than the Electoral Commission.)

      2. ibmalone Silver badge

        Re: What makes a user a Brit?

        Yes, but GDPR applies to companies processing the data of an EU citizen, location doesn't matter for that purpose.

        (As mentioned it also seems incompatible with UK law, quite possibly it's a move from Google simply because they don't believe we can enforce it now.)

    4. Allan George Dyer Silver badge
      Joke

      Re: What makes a user a Brit?

      @Len - "They won't know the nationality of many of their users."

      You underestimate them. They not only have copies of your passport, driving license and medical records, they have the sex-tape of your conception.

      1. Robert Grant Silver badge

        Re: What makes a user a Brit?

        Perhaps that's the real purpose of Alexa and Google Home.

        1. Ken 16 Silver badge
          Trollface

          Re: What makes a user a Brit?

          Why did you think Alexa started reading the Bible to you when it heard 'Oh God, Yes"?

      2. Simon Harris Silver badge
        Coat

        Re: What makes a user a Brit?

        "they have the sex-tape of your conception."

        Good luck to them scanning that grainy 8mm movie-reel!

        Mine's the one with all the 'what do you want to do with your pension' spam in the pocket --->

    5. Anonymous Coward
      Anonymous Coward

      Re: What makes a user a Brit?

      I wonder what criteria Google will use to decide whether someone is British or not?

      Nationality is irrelevant, as the article says this is about "UK users". GDPR, and it's UK implementation, refer only to 'data subjects', which are defined as people present (not even resident) in the specified area. If you're a US citizen on holiday in the EU any data collected about you while you're there is subject to GDPR.

  6. JohnFen Silver badge

    Not only that

    "There is nearly no privacy protection for non-US citizens."

    True, and there isn't that much greater privacy protections for US citizens.

  7. alain williams Silver badge

    I will feck off

    I do not have any agreement with Google, I do not use its services. However: I suspect that it has a lot of data about me.

    If they have no agreement then they do not have my permission to move what they have about me out of the UK/EU. How are they going to manage this ?

    I expect that they will just move my data to the USA and that there is feck all that I can do about it.

    1. Dan 55 Silver badge

      Re: I will feck off

      Of course you have an agreement, you have that wall of text you said yes to when you opened the account.

      1. Anonymous Coward
        Anonymous Coward

        Re: I will feck off

        And for the millions of us who have never opened a Google account? What then eh?

        They have data on each and everyone of us.

        One of these days someone will take Google to the cleaners big time.

        They, like Facebook need to be made to stop their slurping.

      2. Dan 55 Silver badge
        Facepalm

        Re: I will feck off

        That's learn me for not reading properly.

    2. Anonymous Coward
      Anonymous Coward

      Re: I will feck off

      '.. I expect that they will just move my data to the USA and that there is feck all that I can do about it.'

      I suspect the aggregate data that Google have gathered and tagged as 'you' was already on servers in the USA, just like all the rest of the data they hold on everyone, everywhere..irrespective of whatever laws have been passed to try stop this.

      I suspect that all this truly means is that rather than having the CIA/NSA trawl through the UK data held on their US servers tagged as legally 'foreign', now, as the tag has changed to legally 'USian', the FBI,DHS etc can also get to play silly fuckers with it..

      I'm now waiting for the post-Brexit legal fun to start with my remaining email accounts etc hosted in EU countries, mostly Germany..

  8. SVV Silver badge

    what they meant by "allowing us to have even higher standards of protection"

    And really just the very thin end of a very large wedge. This is nothing compared with the delights that are on their way.

  9. Anonymous Coward
    Anonymous Coward

    It's not really Brexit, rather it's Brafancoulo motherfuckers.

    Seems like Brexit year is like a year of 9/11s. You can do whatever you like and people wont notice.

    1. Richard 12 Silver badge

      Re: It's not really Brexit, rather it's Brafancoulo motherfuckers.

      9/11 times a thousand!

      That's right, 818.18 recurring

  10. Aarb

    Don't we still have to adhere to EU rules until the end of the transition period? In which case I'd have thought GDPR still applies regardless of what Google thinks. All bets are off after 31st December mind...

    1. tfewster Silver badge
      Facepalm

      Look on the bright side - post transition, Google will need a UK presence to sell ads. Which will pay GB taxes, and be accountable for GB-DPR breaches.

      In theory. Now that I've said it, it seems a bit unlikely!

      1. Yet Another Anonymous coward Silver badge

        >Google will need a UK presence to sell ads

        Unless the UK has a free trade deal in services with The Isle of Man or the British Virgin islands or Rockall

        1. Ken 16 Silver badge
          Devil

          Rockall is Irish*

          * unless it's Danish**

          ** unless it's Icelandic***

          *** unless Scotland declares Independence

          But until then at least 50/50 chance it's EU territory

    2. steviebuk Silver badge

      That's what I'm thinking but GDPR will also be relevant after 31st as its part of our own law now as well.

    3. Anonymous Coward
      Anonymous Coward

      All bets are off after 31st December mind...

      Nope. GDPR is enshrined in UK law, and that law will apply until Parliament explicitly changes it. Brexit simply makes it possible for Parliament to do so if it wants to, and since UK consumer protection law is generally tougher than EU minimums there's no obvious reason why Parliament would want to do so.

      1. Anonymous Coward
        Anonymous Coward

        > Brexit simply makes it possible for Parliament to do so if it wants to, and since UK consumer protection law is generally tougher than EU minimums there's no obvious reason why Parliament would want to do so.

        Usually, money or the ability to spy/control the population are sufficient. In this case, it is both. Expect a new (watered down) DPA sometime in the next couple of years.

        1. Anonymous Coward
          Anonymous Coward

          Usually, money or the ability to spy/control the population are sufficient. In this case, it is both. Expect a new (watered down) DPA sometime in the next couple of years.

          The UK has consistently had stronger consumer protection laws than the EU for decades. The first Sale of Good act was passed in the 19th century, the current one gives 6 year warranties versus the EU default of 2, etc. The previous pre-GDPR UK DPA had stiffer penalties than, say, the German one. There is absolutely no reason to think that leaving the EU would change that, given that even when a member of the EU the UK did not take advantage of weaker EU laws to weaken its own.

  11. Tom Paine Silver badge

    Aaargh! Curse you, El Reg!

    After years of therapy and mindfulness I thought I was healed.... But no! Once again my head is infested with a My fucking Chemical fucking <Paul Calf> Rrrrrrowmance</Calf> song. You will be hearing from my solicitors!

    (Don't click this. Really: don't. Makes Flat Eric, Jonah Lewie and the Matey bubblebath jingle seem mildly annoying.)

    ...just realised I said that aloud, hastily toggled the anon flag. Whatever you so, please don't tell my wife..!

    https://youtu.be/Ol63bo1mv6s

  12. DrMaximan

    Thanks Google for all the fish!

    And not a single mention of this on the Beeb News website - well not yet and as expected FA from UK Gov!! This is truly worrying as the US data protection legislation is significantly inferior to EU legislation, and that's putting it mildly!

    I understand that Google are in a bit of a bind here legally, damned if they do, damned it they don't; but the timing seems very off to me.

    As far as Len's post goes the use of phrase European Union citizen is not helpful when dealing with GDPR because GDPR is not concerned with citizenship, instead it is concerned with where a person is located. The term EU resident is more useful, or a person located in the EU.

    (quote from https://www.hipaajournal.com/does-gdpr-apply-to-eu-citizens-living-in-the-us/)

    It goes on to state:

    "GDPR requires the personal data of an individual residing in an EU country to be subject to certain safeguards and their data rights and freedoms must be protected. When an individual leaves an EU country and travels to a non-EU country, they are no longer protected by GDPR.

    If an EU citizen travelled to the United States and interacted with an EU business, which required the collection of their personal data, their data rights and freedoms would be dictated by US federal and state laws. GDPR would not apply."

    Any comments Boris??

    Thanks Brexiteers, here's another fine mess you've got me in to!

    And now for the hate mail........

    1. Anonymous Coward
      Anonymous Coward

      Re: Thanks Google for all the fish!

      Here's another 3 messes that brexit has already caused.. Again, largely ignored by the media...: https://www.theguardian.com/commentisfree/2020/feb/12/these-three-post-brexit-bills-bulldoze-a-hole-through-environmental-protections

  13. Anonymous Coward
    Anonymous Coward

    Aahhhh Brexit

    There just isn't enough popcorn!

  14. Robert Grant Silver badge

    @John Oates

    Is there anything we can do right now? Are there options on invoking the right to be forgotten?

    1. JohnOates

      I for two

      I'm not sure to be honest. You can ask Google to delete your account information and ask them to what extent you'll be 'forgotten'.

      I'd be very interested to hear their reply....

    2. NATTtrash Silver badge

      Re: @John Oates

      Well, I can see (EU based) VPNs doing good business. Then again, I've also noticed that "many", including "need to log in" Google services, adapt and/ or refuse service if a VPN is detected.

    3. Warm Braw Silver badge

      Re: @John Oates

      Is there anything we can do right now?

      I would have said a few months ago that the government would not be so stupid as to weaken data protection rules here in a way that put data exchange with the EU in jeopardy. Now I'm not nearly so sure. You presently have the right to ask for your data to be deleted (but no right to verify that), but the continued existence of that right is purely now a matter for the UK/British/English/London or whatever locus of independent government should emerge from the post-Brexit fragmentation.

      You still have until the end of the year to establish residence in another EU country...

    4. Len Silver badge
      Holmes

      Re: @John Oates

      I have found this set of instructions, updated yesterday so probably in response to this development: How to reduce your Google footprint

  15. AnoniMouse

    And all that Android phone data

    Presumably that transfer of control will include data relating to roughly half the mobile phones in the UK which run on the Android platform.

    1. sanwin

      Re: And all that Android phone data

      Roughly half on Android and the rest are on?

      Oooh another American OS!

  16. Donk

    The Data Protection Act 2018

    The Data Protection Act 2018 which is the UKs implementation of GDPR is a UK law. Brexit makes no difference to this.

  17. Timmy B Silver badge

    Is it about the money??

    I wonder if we'll see more and more big IT companies leave the UK or strip down the UK presence to a bare minimum since the government keeps going on about taxing them more?

  18. steviebuk Silver badge

    So

    You pay extra for Google Suite Business package to be able to decide where your data is at rest. This function is now being taken away so surely the package should become cheaper. Also, we are no longer members of the EU but still in the transition period so surely the data HAS to stay in the EU until the 31 December.

    Also, isn't the location of at rest data also part of GDPR or have I got that part wrong?

    Despite all this, having your data at rest in the EU as a business was semi pointless anyway. As despite having eu relays Google still sends all business EU email through their US servers first. I wonder if thats so the CIA can take a quick snoop. Funny how Microsoft has EU based servers and is still able to keep your data going through their EU servers in transit but Google can't.

    1. LDS Silver badge

      "but still in the transition period"

      The "transition period" covers the EU-UK relationship only, it's an agreement only between them.

      But I believe since EU membership terminated on January 31th, other entities are fully free to consider UK no longer a EU member and thereby are bound only to UK laws, and treaties with UK.

      GDPR applies to "EU residents" - I think it's hard to assert UK people are EU residents now. UK Data Protection laws still apply, of course, but that has to be enforced by UK alone, without any help from EU - Vestager has no power now to question Google about what happens in UK.

      ICO has regained full control - tell them to ask Google to bring the data back.

      1. steviebuk Silver badge

        Re: "but still in the transition period"

        But GDPR is part of UK law now and to trade with the EU, aren't we supposed to honour it? And data collected by several companies may hold data on EU nationals, especially local councils who use GSuite. So won't those local councils be breaking the GDPR law allowing EU nationals data to leave the UK?

  19. jaffa99

    OMFG

    What, so EVIL Google will be able to show me ads that are relevant rather than random? That's terrible.

    Get a grip snowflakes, unless you're a pervert, kiddy-fiddler, terrorist or criminal you have nothing to be afraid of.

    1. CCCP
      Trollface

      Re: OMFG

      Obvious troll is obvious.

    2. Jamie Jones Silver badge

      Re: OMFG

      Dear "jaffa99" (I presume that's your real legal name?),

      Please post your phone number so we can have a chat. Better still, your address - I will send you a postcard!

      Incidentally, what are your bank account details again?

    3. Anonymous Coward
      Anonymous Coward

      Re: OMFG

      There were laws in place before Wikileaks and Snowden demonstrated how much regard governments and organisations paid to them. So now we have new laws.

      The emperor's clothes this week are so much better than his clothes last week, don't you think? Obliviots.

    4. Nebra

      Re: OMFG

      Humm, right, until sarky comments against urangatan(g) baby become a crime against the great state. Sounds like you need more Orwell in your bed-time reading!

  20. Anonymous Coward
    Anonymous Coward

    More hype

    So, what Google have *actually* said is that they are changing the location of the data controller, not that they are moving the data.

    As GDPR is enshrined in the UK Data Protection legislation, Google are still bound by that i.e. GDPR still applies and will apply until such time as the law changes.

    People talk of "losing EU protection" - this is nonsense. GDPR regulations were published by EU and enshrined in our Acts - the same process all EU countries go through. EU would not have helped us before any more than now. Google would always be subject to UK law, which currently incorporates EU regulations.

    Given the punitive fines allowable under the Act, Google would be very stupid to put UK data into a breach situation.

    And yes, it was inevitable this would happen as we are decoupling from Europe; others such as Microsoft will follow. Once the new Data Protection legislation is out, there may well be a change again.

    Don't believe all the hyped up news articles; hey I'm not defending Google, not at all. But 2 + 2 does not equal 5

    1. Anonymous Coward
    2. Anonymous Coward
      Anonymous Coward

      Re: More hype

      If Google USA decides to drive down the wrong side of the road and then runs over your data coming the other way, do you really think US.gov will let them be extradited and/or taken to court by the UK?

  21. Anonymous Coward
    Anonymous Coward

    just bought an "infinite" google drive from Ebay for a fiver.

    i was going to actually use it, but now i'm tempted to see how much i can fill it up with random 1's and 0's

    datamine that yew caaaaaaaants!

    1. Fred Dibnah Silver badge
      Facepalm

      Well, you really stuck it to The Man, didn’t you?

    2. Anonymous Coward
      Anonymous Coward

      Encrytped backups?

      1. Anonymous Coward
        Anonymous Coward

        All the content in my Google Drive is already - and always has been - encrypted at source. Wouldn't have it any other way.

        A/C.

        1. This post has been deleted by its author

        2. Anonymous Coward
          Anonymous Coward

          ... then why stop using the drive?

      2. Fred Dibnah Silver badge
        Thumb Up

        Clever use of encryption there.

        1. Strahd Ivarius Bronze badge
          Joke

          unless the keys are stored in GSuite

  22. Anonymous Coward
    Anonymous Coward

    All your Google data are belong to US

    I had to get the reference in.

  23. richard_w

    Google is concerned about double jeopardy.

    If the UK is still subject to the ECJ and also any data protection rules the UK might enforce after the end of 2020 it might be sued in 2 jurisdictions. (UK and EU)

    UK citizens have little protection against their data being used by big government anyway. The investigatory powers act allows GCHQ lots of power. The ECJ think the act is illegal.

    At the end of the day, I suspect that the only way a UK citizen can protect their data is to remove it from Google (Facebook et al)

  24. Spanners Silver badge
    Pirate

    How do I tell Google that I'm Danish or something?

    I'm pretty sure that I have Viking ancestors. The Islands I come from were only taken over by Scotland in 1472 so I think Orkney and Shetland should rejoin a country that has not decided to detatch itself from the planet.

  25. Anonymous Coward
    Anonymous Coward

    "I have in my hand a piece of paper..."

    What I find most amusing - and charmingly naïve - about this is the way you-all assume that any of the privacy legislation is worth a damn. Sure, governments and corporations pay lip service to GDPR et al but did you really learn nothing from Edward Snowden? If they can access it, they will, and lie to you while they do so.

    All your (data)Bases are belong to us.

  26. taxman

    Government and Personal Data

    Offshoring of Government data (that is any data held by Gov Depts being) has been fairly strictly controlled to a few countries. If memory serves me right it doesn't like any data going outside the EEA.

    So I wonder if the Cabinet Office OGSIRO has issued a missive to Depts to ask which of them still us Google services. It wasn't all that long ago that some *large* ones did.

    See also https://ico.org.uk/about-the-ico/news-and-events/news-and-blogs/2020/01/statement-on-data-protection-and-brexit-implementation-what-you-need-to-do/

    and

    https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/brexit_en

    1. Anonymous Coward
      Anonymous Coward

      Re: Government and Personal Data

      These are all rules made by governments In he past....

      Now we have new government, new unelected leader Cummings, Boris, and the rest of yes-men/women party.

      They have enough spineless MP's they can change all that, and they will (US trade deal, anyone?)

  27. Mr Dogshit
    Joke

    But, but

    This isn't the Brexit I voted for!

    1. Huw D Silver badge

      Re: But, but

      Nobody's getting the Brexit they voted for (or against).

  28. Peter Danckwerts

    Factually incorrect

    The headline is factually incorrect.The UK is no longer in the EU, so we will not leave it after Google has transferred our data. We are in a transition period during which EU law, including GDPR still apply. If Google breaches GDPR before the end of 2020, it can expect to be very heavily fined by the UK Data Registrar. At the end of 2020, new UK GDPR rules come into effect which are virtually identical to EU GDPR rules, although the two may diverge over time. As I understand it, Google is certified as compliant under the EU–US Privacy Shield framework, in which case it could move all its EU data to the US if it wished.

  29. Boris the Cockroach Silver badge
    Big Brother

    But google is building a huge

    data center here...

    Must be to store all the US citizens data.. that way with our data in the US, the spies in this country can mine US citizens data, and the spies in the US can mine ours (and everyone elses), and thus prevent the ebil terrorists from completing their dastardly plans

    Although quit how you stop the lone wolf loons armed with a knife/gun/rifle/50 cal machine gun seems beyond either government....

  30. DontFeedTheTrolls Silver badge
    Mushroom

    "THIS IS NOT THE BREXIT I VOTED FOR"

    Anyone who utters this phrase against any changes as a result of Brexit needs to understand that this is EXACTLY what you voted for.

    Everyone was warned of the potential impact and consequences that would occur. You voted for it. You only have yourself to blame.

    1. codejunky Silver badge

      Re: "THIS IS NOT THE BREXIT I VOTED FOR"

      @DontFeedTheTrolls

      "Anyone who utters this phrase against any changes as a result of Brexit needs to understand that this is EXACTLY what you voted for."

      Not really. The people who tend to come out with this are remainers who technically didnt vote for any of it.

  31. Big_Boomer Silver badge

    Ooooohhh Goody,.... MORE SPAM!

    Thanks Brexit Voters. We had GDPR blocking the worst excesses of unfettered commercialism and now that is going down the drain. I hope that they plaster your Youtube/Facebook/Instagram/Twitter/etc. accounts with loads of willy-pill and get-rich-quick spam. Sounds like I might have to start closing down some of my accounts.

    1. codejunky Silver badge

      Re: Ooooohhh Goody,.... MORE SPAM!

      @Big_Boomer

      "Thanks Brexit Voters"

      Your welcome.

      1. Anonymous Coward
        Anonymous Coward

        Re: Ooooohhh Goody,.... MORE SPAM!

        His welcome what?

  32. adam 40 Bronze badge

    I replied back, I suggest you all do

    When I got the notification email in my gmail account, just strip off the 'noreply' from the email address.

    Dear Google,

    I think you will find, as I am domiciled in the UK, that the laws of England and Wales will now be applicable to our service agreement, rather than U.S. jurisdiction.

    Further to that, GDPR will still be applicable in the UK. I have not heard that this law will be repealed.

    - Adam

    1. smallfish

      Re: I replied back, I suggest you all do

      I hate to say it but the UK has 'repealed' the GDPR (if such a thing were possible) - see The Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019

      1. Anonymous Coward
        Anonymous Coward

        Re: I replied back, I suggest you all do

        No they haven't repealed it, GDPR is enshrined in the Act already and this bill has yet to be passed as law. If you read it you will see that the primary amendment is to allow continuity of provisions relating to the Privacy Shield, to ensure that there is parity between UK and Privacy Shield and EU and Privacy Shield.

        Most Acts are going to be revisited over the next year as they contain provisions and references to the EU which no longer apply. This is housekeeping to ensure that there can be continuity.

        So more hype and nonsense!

  33. smallfish

    Time to wash our hands of Google

    To be honest, I think that Google could claim that by offering termination of any contracts whereby the customer does not want Trump to be spaffing all over our personal data, Google are otherwise doing this under contract of it's customers.

    The best solution, although they are well aware this is not available to the masses, is to end your relationship with Google and go with a company that values privacy and confidentiality.

    It's very likely I will be ditching Android based on this move.

    If enough customers start ending their contract Google will listen.

  34. Anonymous Coward
    Meh

    Meh

    Google has always done whatever it likes with your data, whether you're in the EU or not. It will continue to do so. Nothing has changed or will change.

    And if you don't believe that, I have a bridge I'd like to sell to you.

  35. arctic_haze

    Am I a Brit in the Goolge's mind?

    I do have a Google account which lists English (UK) as default, I gave them no address. Does it make the account British?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020