Data must only leave HSCIC under carefully controlled circumstances. It's pseudo-anon within HSCIC and anon outside HSCIC, but still with careful controls on who has access and what they can do with it.
I can't tell from the article what data PA Consulting had; nor why they had it; nor why they felt the need to upload it to Google. Even though it's been anonymised it should still be treated as sensitive confidential data.
There's a possibility that someone at PA Consulting has committed a criminal offence even though they "got permission" to upload it to Google.
The otrage about Google is around keepin data within the EU And this protected by EU data protection laws.
I can't tell from the article what data PA Consulting had; nor why they had it; nor why they felt the need to upload it to Google. Even though it's been anonymised it should still be treated as sensitive confidential data.
There's a possibility that someone at PA Consulting has committed a criminal offence even though they "got permission" to upload it to Google.
The otrage about Google is around keepin data within the EU And this protected by EU data protection laws.