Critics are calling for Congressional hearings into why the Federal Trade Commission yesterday dropped its inquiry into the search giant’s global Wi-Fi eavesdropping campaign, even as lawsuits and government probes pick up steam in the U.S. and abroad.
Leading the call for Congressional oversight is John M. Simpson, managing director of the non-profit advocacy group Consumer Watchdog. Simpson calls this two-page letter the FTC sent to Google on Wednesday “premature and wrong. ”
“Once again, Google, with its myriad of government connections, gets a free pass,” says Simpson. “At a minimum the public deserved a full report about Google’s abuses from the FTC’s Bureau of Consumer Protection. Instead, the company announced a few steps that are little more than window dressing and the FTC caves in with a woefully inadequate two-page letter.”
Precursor analyst Scott Cleland also says Congress should look into the matter. Cleland questions why the FTC imposed no “accountability mechanism,” and saw fit to simply take Google’s word that it was all a big mistake that won’t be repeated in the future. Alan Eustace, Google’s senior vice president of engineering and research, outlines this apology and pledge of good behavior, going forward, in a May 14 blog post and a Oct. 23 blog post.
In his May 14 post, Eustace noted that the fleet of specially-equipped vehicles the company dispatched over a three-year period in 33 countries collected only “fragmentary” data, since the cars were on the move. (The cars were primarily designed to take photographs for Google’s Street View mapping service. But they also had equipment that scooped up information from unprotected Wi-Fi networks nearby.)
Google curtailed the data-collecting campaign last May after Germany protested. By then the search giant had harvested some 600 gigabytes of personal Wi-Fi data.
In his Oct. 22 post, Eustace concedes that “in some instances entire emails and URLs were captured, as well as passwords.” This admission followed Canadian investigators disclosure that Wi-Fi data Google harvested from Canadian consumers and businesses included medical records and other sensitive data.
“Google misrepresented central facts of the case and misled investigators with false assurances from the beginning of the investigation,” says Cleland “Why is the FTC allowing Google to self enforce, without any third party oversight or accountability mechanism?”
By contrast, Canada last week asked Google to come up with a “governance model” to assure compliance with Canada’s privacy laws. The model should “include controls to ensure that necessary procedures to protect privacy are duly followed before products are launched,” Commissioner of Privacy Jennifer Stoddart in a statement.
Meanwhile, Attorneys General in 38 states along with privacy regulators in Italy, the United Kingdom, Spain and Germany are continuing investigations.