Google Denies Laws Broken With WiSpy Incident

Google did not use any of the 600 gigabytes of data it unwittingly snatched out of the air from WiFi networks and broke no laws, the search engine wrote in a response to questions from U.S. representatives.

Google revealed on 14 May that its Street View cars, which take pictures for Google Maps, collected 600 gigabytes’ worth of e-mail, Web browsing and other data fragments from unsecured WiFi networks. The data collection, enabled from 2007 to 2010 by code from a rogue software engineer, happened in 33 regions, including the United States, Ireland, Denmark, Germany, Hong Kong, Spain and France.

House Commerce Committee Chairman Henry A. Waxman, D-Calif., Joe Barton, R-Texas, and Edward Markey, D-Mass., asked Google in a 26 May letter whether it conducted a legal analysis regarding the applicability of consumer privacy laws on data collection of WiFi transmissions.

“We believe it does not violate U.S. law to collect payload data from networks that are configured to be openly accessible (i.e., not secured by encryption and thus accessible by any user’s device),” wrote Pablo Chavez, director of public policy for Google, in a letter dated on 9 June.

Not Unlawful

Google Street View Car

“We emphasise that being lawful and being the right thing to do are two different things, and that collecting payload data was a mistake for which we are profoundly sorry.” Google declined to comment but confirmed the contents of the letter, which laid out Google’s use for WiFi data.

Chavez explained that information about the location of WiFi networks improves the accuracy of location-based services, such as Google Maps or driving directions, that Google provides to consumers.

Google Street View cars were outfitted with WiFi antennas and software that detected and collected WiFi network data, including WiFi network IDs and addresses, signal strength, data rate, channel and encryption type.

The data was relayed to Google software that stored the data for eventual use to fortify location-based services, such as Google’s My Location feature in Google Maps.

A Google engineer included code that collected fragments of payload data, including e-mail addresses and browsing addresses. However, Chavez said this data has never been used in any Google product or service and Google has since ceased collecting any WiFi data.

Google added that only the programmer who wrote the offending software and the security engineer who tested the data after Google found it had seen the software. Google has not figured out how many networks it unknowingly swiped data from or how many consumers were affected.

Data Deleted

Google deleted the data collected in Ireland, Denmark and Austria and is turning over the data from other countries. Google is retaining data in the United States due to the launch of civil suits against the company in the matter.

Barton and Markey have also asked the FTC to determine whether Google violated laws by collecting the WiFi data. The FTC is looking into the issue. “Google now confesses it has been collecting people’s information for years, yet claims they still do not know exactly what they collected and who was vulnerable,” Barton said in a statement on 11 June. “This is deeply troubling for a company that bases its business model on gathering consumer data.”

It’s the second major privacy scandal Google has been involved in this year. Google launched its Google Buzz social service in February, startling users by exposing their Gmail contacts to the public on Google profile pages.

Clint Boulton eWEEK USA 2012. Ziff Davis Enterprise Inc. All Rights Reserved

View Comments

Recent Posts

Apple, Google Mobile Ecosystems Should Be Investigated, CMA Told

CMA receives 'provisional recommendation' from independent inquiry that Apple,Google mobile ecosystem needs investigation

4 hours ago

Australia Rejects Elon Musk Claim About Social Media Ban For Under-16s

Government minister flatly rejects Elon Musk's “unsurprising” allegation that Australian government seeks control of Internet…

7 hours ago

Northvolt Files For Bankruptcy Protection In US

Northvolt files for Chapter 11 bankruptcy protection in the United States, and CEO and co-founder…

9 hours ago

UK’s CMA Readies Cloud Sector “Behavioural” Remedies – Report

Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector

1 day ago

Former Policy Boss At X, Nick Pickles, Joins Sam Altman Venture

Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…

1 day ago

Bitcoin Rises Above $96,000 Amid Trump Optimism

Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…

1 day ago