Google's UK privacy head Stephen McCartney was responsible for 'data protection promotion' at the Information Commissioner's Office (ICO) during the period the search giant was cleared of wrongdoing over its Street View mapping system, it has been revealed.
The news of McCartney's role before he left for Google last November came to light after a freedom of information (FOI) request made by a member of the public which has been interpreted by some as a conflict of interest.
In July 2010, while McCartney was working for the ICO, the organisation decided to accept Google's explanation that Street View's possible capture of private user data such as Wi-Fi access point passwords and Mac addresses was not significant.
Embarrassingly, in June this year the ICO was forced to re-open the same investigation after a damning report by the US Federal Communications Commission (FCC) concluded that Google had not only gathered extensive personal data from its Street View cars but had failed to own up to how much it knew about it.
Criticised for the u-turn, by now McCartney was communicating with his former employer, the ICO, on behalf of his new employer, Google, regarding the same privacy issue.
The ICO's defence is that McCartney was not involved in the 2010 investigation and therefore there was no conflict of interest.
“Stephen McCartney played no part in the investigation into the Google Street View project while working at ICO,” the organisation said in a statement.
“The published correspondence between Google and the ICO clearly shows that Stephen McCartney was treated like any other organisation’s representative, with his emails receiving nothing more than a polite acknowledgement.”
The ICO's head of enforcement, Stephen Eckersley, was currently investigating Google's behaviour, the statement added.
Not everyone is happy with that explanation, starting with Conservative MP Robert Halfon.
"This is a pretty shocking revelation. It raises more questions about the Information Commissioner than it does Google because clearly the ICO has been asleep on their watch on this issue. Now it seems they [the ICO] have had a cosy relationship with the company they have been investigating,’ he told The Guardian newspaper.
In an era when data privacy has become a political issue, the ICO has come under increasing fire over its handling of a range of often complex issues. Some of this might be justified and some of it might just point to the sheer scale of the ICO's job.
Earlier this week, the ICO was criticised by security company Barracuda Networks for reporting on the issue of unwanted marketing via phone calls and email without mentioning abuse of social media. The defence could be that the ICO's figures reflect what members of the public actually complain about.
More contentiously, there have been longstanding grumbles about the effectiveness of the ICO's regime of fines for organisations found to have breached the Data Protection Act. The ICO projects itself as levying tough fines while critics feel the organisation's 'get tough' stance still lacks teeth.