Mervinskiy 516

Page 90

DPIA Google G Suite Enterprise for SLM Rijk | 9 July 2020, with update 12 February 2021

for personal data that falls within the scope of the G Suite DPA, but not as an independent data controller.

5.3

Data controller Given the limitation of the scope of the G Suite DPA to personal data in Customer Data from the Core Services, and Google’s explanation that this also applies to the Google Account when used in conjunction with Core Services and the Features, Google qualifies itself as a data controller for the processing of personal data in the Google Account when used outside of the Core Services, the Additional Services, Other related services such as Feedback and for all Diagnostic Data.

5.3.1

Google Account As explained in Section 1.2, government employees must create a Google Account if they want to use the G Suite Enterprise services. When end users create their account, they have to accept the (consumer) Terms of Service and the (consumer) Privacy Policy. See Figure 6. Google distinguishes between the use of the Google Account in the Core Services, and the use of the account in other (consumer) services, as detailed in Section 1.4.2. However, this technical distinction is not yet contractually guaranteed. For end users the operational difference between the enterprise and the consumer environment may be hard to discern. This is the case, for example, when end users want to use a spellingchecker in Google Docs. If an employee uses a Chrome browser, there are three kinds of spellcheckers available, while only the Feature Spelling and grammar falls within the scope of the G Suite DPA. Google qualifies itself as data controller for the Google Account that can be used for any of the 92 different consumer services. Unless Google provides contractual assurances about the purposes for which it can process the Google Account in the Core Services, and allows admins of government organisations access to all data collected about the use of the Google Account in the Core Services, Google factually qualifies as data controller in both enterprise and consumer environments, but not as independent controller. This will be explained further in Section 5.4 below.

5.3.2

Diagnostic Data To provide secure, well-functioning, bug free and up to date services, the processing of some Diagnostic Data about the individual use of the services may be necessary. In order to achieve such clear objectives, the data processor has a certain liberty to decide how the personal data are processed and in which systems (with which means). However, the processor must be transparent about what personal data it needs to process, and for what purposes, in order to successfully claim to act on instructions of the controller. In the G Suite DPA Google does not mention the Diagnostic Data at all. Diagnostic Data is therefore not covered by the G Suite DPA and Google is not a data processor when it processes Diagnostic Data. In Section 4.2.2, ten purposes have been identified for which Google processes the Diagnostic Data relating to the use of the Core Services. These purposes have been identified in discussions with Google during the course of this DPIA. Two of these ten identified purposes are so broad that the government organisations cannot determine what types of processing are in, or outside the scope of these purposes. These are:

p. 82/162

Turn static files into dynamic content formats.

Create a flipbook

Articles inside

Conclusions

2min
page 170

17.4 Google measures 12 February 2021

19min
pages 161-169

16.3 Summary of risks

2min
pages 155-156

16.2 Assessment of Risks

36min
pages 142-154

15.7 Right to file a complaint

0
page 139

15.3 Right to access

5min
pages 136-137

14.3 Assessment of the subsidiarity

2min
page 134

14.1 The principle of proportionality

2min
page 130

14.2 Assessment of the proportionality

8min
pages 131-133

12.1 Transfer of special, sensitive, secret and confidential data to the USA

5min
pages 128-129

11.3 Google’s own legitimate business purposes

5min
pages 126-127

all Diagnostic Data

5min
pages 124-125

Services

22min
pages 116-123

Part B. Lawfulness of the data processing

2min
page 115

8.1 Anonymisation

15min
pages 106-111

6.3 Joint interests

11min
pages 101-105

6.2 Interests of Google

2min
page 100

6.1 Interests of the Dutch government organisations

2min
page 99

5.2 Data processor

5min
pages 88-89

5.3 Data controller

18min
pages 90-96

5.4 Joint controllers

5min
pages 97-98

4.4 Specific purposes Chrome OS and the Chrome browser

2min
page 86

5.1 Definitions

2min
page 87

4.3 Purposes Additional Services and Google Account, when not used in a Core Service

8min
pages 83-85

4.2 Purposes Google

13min
pages 77-82

4.1 Purposes government organisations

2min
page 76

2.5 Types of personal data and data subjects

7min
pages 60-62

3.2 Privacy controls administrators

7min
pages 70-75

3.1 Privacy controls G Suite account for end users

9min
pages 63-69

2.3 Outgoing traffic analysis

8min
pages 52-55

2.4 Results access requests

10min
pages 56-59

2.2 Diagnostic Data

7min
pages 47-51

Related services that may send Customer Data to Google, such as the Feedback form and the Enhanced Spellchecker in the Chrome browser.

4min
pages 13-15

2.1 Definitions of different types of personal data

7min
pages 44-46

Part A. Description of the data processing

0
page 25

The enrolment framework for G Suite Enterprise

2min
pages 42-43

G Suite Core Services, Google Account, Support Services, Additional Services, and Other related services

23min
pages 28-41

Functional Data

2min
page 27

Introduction

7min
pages 16-18

1 Legal framework and contractual arrangements between government organisations and

4min
pages 23-24
Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.