google glass

The Information Commissioner's Office has warned companies about the data protection and privacy issues related to using wearable technologies such as Google Glass - which has been given an official launch in the UK.

Until recently, the ICO says, the collection of personal information by body worn devices was limited to trials in specific police forces, and others that could afford the specialist equipment. However, recent progress in hardware means that wearable technology may well become as common as mobile phones, it says.

Andrew Paterson, senior technology officer at the ICO, says in a blog: "This week we saw the UK launch of Google Glass, one of several products that are set to take processing of personal information to the next level. As this technology develops, people will understandably have reservations about the increasing amounts of personal information that these products are capable of collecting and transmitting."

Media reports in the US have recently focused on how some bar owners in San Francisco have already banned Google Glass from their premises due to customers’ concerns over being filmed without their knowledge. "Companies in the UK will now be considering their own response," said Paterson.

In the UK, this means making sure that such devices operate in line with the requirements of the UK Data Protection Act.

Paterson said: "If you are using a wearable technology for your own use then you are unlikely to be breaching the Act. This is because the Act includes an exemption for the collection of personal information for domestic purposes.

"But if you were to one day decide that you’d like to start using this information for other purposes outside of your personal use, for example to support a local campaign or to start a business, then this exemption would no longer apply."

But this is not the case for organisations, "whose use of wearable technology to process personal information will almost always be covered the Act", Paterson said.

This means they must process the information collected by these devices in compliance with the legislation. This includes making sure that people are being informed about how their details are being collected and used, and only collecting information that is "relevant, adequate and not excessive", and ensuring that any information that needs to be collected is kept securely and deleted once it is no longer required.

If the wearable technology is able to capture video or pictures then organisations must address the issues raised in the ICO's "CCTV Code of Practice". There is also guidance on the Surveillance Camera Commissioner’s website that is relevant to wearables containing cameras.

Paterson said: "The rise of wearable technology brings exciting new possibilities and is set to become widespread in the years ahead. But organisations must not lose sight of the fact that wearables must still operate in compliance with the law and consumers’ personal information must be looked after."