Germans incensed by Google’s WiFi snooping on personal data; activity called illegal

Mon, May 17, 2010 at 10:53 am

    Germans incensed by Google’s WiFi snooping on personal data; activity called illegal

    Germany’s Consumer Affairs Minister Ilse Aigner blasted Google over the weekend for its “accidental” collection of personal data by Street View cars driving by the homes of citizens in Germany (and the U.S. and other countries all around the world).

    “According to the information available to us so far, Google has for years penetrated private networks, apparently illegally,” Aigner said in a statement on Saturday.

    On Friday afternoon, Google had admitted that —  contradicting its own previous statements regarding the WiFi data collected by the company’s vehicles:  “…it’s now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) WiFi networks, even though we never used that data in any Google products.”

    In privacy-conscious Germany, regulators had been requesting information about the data collected, even though Street View has not yet been introduced there. And Google had been defending its activities and policies vehemently. In a 4/27/2010 submission to European data protection authorities, Google described the WiFi data collected and data not collected by its Street View vehicles around the world.

    “WiFi networks broadcast information that identifies the network and how that network operates. That includes SSID data (i.e. the network name) and MAC address (a unique number given to a device like a WiFi router).
    Networks also send information to other computers that are using the network, called payload data, but Google does not collect or store payload data.”

    In its European Public Policy Blog posting the same day, Google said it had not denied access to the vehicles and hardware by the German authorities:

    Why didn’t you let the German DPA see the car?

    We offered to let them examine it last year –it is totally untrue to say we would not let them see the car. They are still welcome to do so.

    But when Johannes Caspar, the data protection supervisor for Hamburg, took up the invitation, according to the New York Times:

    “Mr. Caspar said he had inspected one of Google’s StreetView recording vehicles at the company’s invitation this month and had noticed that the recording device’s hard drive had been removed. When he asked to view the drive, he said he was told he couldn’t read the information anyway because it was encoded. He said he pressed Google to disclose what type of information was being collected, which prompted the company to examine the storage unit.”

    In its review, Google confessed: “the company learned that its data collection performed by roving StreetView vehicles was much more extensive, including a record of sites viewed by the user and potentially the contents of messages if users did not secure their WLANS with a password.”

    Whoops!

    On Friday, Google said: “given the concerns raised, we have decided that it’s best to stop our Street View cars collecting WiFi network data entirely.”

    And “Sorry!”

    The engineering team at Google works hard to earn your trust—and we are acutely aware that we failed badly here. We are profoundly sorry for this error and are determined to learn all the lessons we can from our mistake.

    Inside Google blogger John M. Simpson spoke out about the debacle:

    “Once again Google has demonstrated a lack of concern for privacy,” said John M. Simpson, consumer advocate with the nonpartisan, nonprofit group. “Its computer engineers run amok, push the envelope and gather whatever data they can until their fingers are caught in the cookie jar. Then a Google executive apologizes, mouthing bafflegab about how privacy matters to the company.”

    “The takeaway from this incident is the clear need for government oversight and regulation of the data all online companies gather and store,” Simpson said. He said the Justice Department or the Federal Communications Commission should examine the Google case in the United States.

    In a comment to the  confession/apology on the Google Public Policy Blog, Simpson said:

    Google’s announced plan to have an unnamed third party study what went wrong and to check that the improperly gathered private data has been eliminated is inadequate.

    That’s like getting to pick the referees in a championship football game.

    So what happens next? Will someone press charges like they should?

    , ,

    Leave a Reply

    Celine Handbagsceline purseceline bag priceceline luggageceline taschenceline clutchceline onlinecheap ray ban sunglasses