Google’s acquisition of Fitbit: Risk to Data Security of Millions?
Google is required to conduct a complete assessment of the data protection practices and implications relating it is the acquisition of the health-ware brand: Fitbit. The European Data Protection Board (EDPB) is looking into the matter itself with a direct overview of Google’s actions.
In a plenary session on February 20, the legal obligations falling on Google pertaining to the merger were discussed. The EU’s General Data Protection Regulation (GDPR) requires both companies to first mitigate any risks or threats to the right to privacy and data security of individuals. The acquisition was announced in November, of the previous year. Information Commissioner’s Office (ICO) and the US Department of Justice are watching over the activities undertaken to protect individuals in the merger.
Google’s senior vice president of devices and services, Rick Osterloh, at the time stated that the “privacy and security are paramount”. Google has been held in breach of the GDPR in the past nonetheless. In his blog, he also mentioned that the ongoing efforts will ensure that the data collected is transparent, purposeful and lawful. Google also reaffirms that it will never sell any information collected by it whatsoever.
According to Rick Osterloh’s blog, Fitbit will allow its user base to choose to review, move, or delete their data. Furthermore, the data collected from Fitbit Health will not be used for Google Ads as of now. This aims to give the end-user control over what they are sharing.
The EDPB said: “The combination and accumulation of sensitive personal data regarding people in Europe by a major tech company could entail a high level of risk to privacy and data protection.” The ICO stated: “We are aware of Google’s acquisition of Fitbit and we are considering the potential impact on the privacy rights of UK users.”
The risk or not, let’s see what becomes of it in the coming future.