Google Accused of Breaking European Privacy Law By Hoarding Personal Data of Potential Job Candidates

An anonymous reader shares a report: When Mohamed Maslouh, a London-based contractor, was assigned to enter data into Google's internal gHire recruitment system last September, he noticed something surprising. The database contained the profiles of thousands of people in the EU and U.K. whose names, phone numbers, personal email addresses and resumes dated back as far as 2011. Maslouh knew something was amiss, as he had received data-protection training from Randstad, the European human-resources giant that employed him, and was aware of the EU's five-year-old General Data Protection Regulation (GDPR), which remained part of British law after Brexit. Under the law, companies in the European Union and U.K. may not hang onto anyone's personal data -- that is, information relating to any identifiable living person -- for longer than is strictly necessary, which generally means a maximum retention time measured in weeks or months. Google may now face investigations over potential violations of the GDPR, after Maslouh filed protected whistleblower complaints with the U.K. Information Commissioner's Office in November and with the Irish Data Protection Commission (DPC) -- which has jurisdiction over Google's activities in the EU -- in February.

Read more of this story at Slashdot.