Google users in England, Wales, Scotland, and Northern Ireland will no longer be protected by GDPR and will instead be at the mercy of the privacy regulations of the United States.
According to Reuters, multiple sources familiar with Google’s plans said that Brits will be asked to accept new terms of service as their accounts are transferred to US jurisdiction. The move comes amid confusion over whether the UK will still follow GDPR now that it’s left the EU, with US regulation the preferred solution in the short term rather than setting up a British subsidiary.
Since US data privacy laws are far less strict than those governed by GDPR in Europe, the UK authorities will now have easier access to the Google data of its citizens. Sure enough, I’ve already received an email from Google that reads as follows:
We’re improving our Terms of Service and making them easier for you to understand. The changes will take effect on 31 March 2020, and they won’t impact the way that you use Google services. And, because the United Kingdom (UK) is leaving the European Union (EU), Google LLC will now be the service provider and the data controller responsible for your information and for complying with applicable privacy laws for UK consumer users.
So as of March 31, Google’s US business will be in charge of the data of UK users rather than the Ireland-based European HQ, thus rendering local privacy laws applicable. This will be a blow to advocacy groups and sets a worrying precedent with other US companies likely to follow suit. Google and others collect a monumental amount of data from UK consumers, and the protection we’ve become accustomed to is about to be seriously diminished.