DPIA Google G Suite Enterprise for SLM Rijk | 9 July 2020, with update 12 February 2021
As quoted in Section 1.4, Google explains it uses machine learning that commonly uses billions of common phrases and sentences as language understanding models. This means Google permits itself to process Customer Data for a purpose not specifically agreed by the customer. There is no opt-out for government organisations.156 As described in Section 2.3.1, Google collects detailed telemetry data (Diagnostic Data) from Android devices, the Chrome OS and the Chrome browser. It is plausible that Google collects similar data from iOS devices. Section 4.4 describes that the Chrome OS and browser also install three unique identifiers, for installation tracking, tracking of promotional campaigns and field trials. Admins have no control over this data collection and these trackers, and cannot block or limit Google from collecting these personal data. Google does not allow admins to change the default setting for Ads Personalization. Google explained that admins should block the Additional Services, or encourage end users to individually turn Ads Personalization off. “We would recommend that the Additional Services are switched off as a solution to this issue. However, if the Dutch Government wishes to allow their end users to access Additional Services while logged into their corporate account, without receiving personalised ads, then end users should be advised to switch Ads Personalization off in ‘My Account’.”157 Finally, admins cannot centrally prevent end users from using controller services such as Feedback that are embedded in the Core Services.
4.
Purposes of the processing Under the GDPR, the principle of ‘purpose limitation’ dictates that personal data may only be collected for specified, explicit and legitimate purposes, and may not be further processed in a manner that is incompatible with the initial purpose.158 The purposes are qualified and assessed in part B of this DPIA. This Section provides a factual description of the purposes of the processing of Customer Data and Diagnostic Data by government organisations and Google.
4.1
Purposes government organisations The general interests government organisations may have to use G Suite Enterprise are described in Section 6.1. Government organisations may process Diagnostic Data collected by Google about the individual use of the G Suite services when accessing or retrieving data from the available audit log files. Government organisations may need to process these data to comply with information security requirements, to verify access authorisations, to investigate and mitigate data security breaches and to comply with data subject right requests. As data controllers, government organisations must determine when they need to access log files generated by Google, what retention periods are necessary to comply with security requirements, and for what specific purposes specific personal data in the log files may be (further) processed and analysed. Their specific purposes are not in scope of this umbrella DPIA.
After completion of this report, Google has provided guarantees that it will not use grammar and spelling outside of the domain of each Enterprise customer to improve spelling suggestions. 157 Idem. 158 Article 5(1)(b) GDPR. 156
p. 68/162
