US Continues To Drill Google Over WiSpy Incident

Connecticut State Attorney General Richard Blumenthal said June 21 that his office will lead a multistate investigation into Google’s accidental collection of data from unsecure wireless networks.

In the latest in a series of actions against the company for accidentally sucking up users’ e-mail, passwords and Web browsing data, Blumenthal will lead the charge for as many as 30 states. Blumenthal also wants more information from Google about what data it collected and how this happened.

“Street View cannot mean Complete View — invading home and business computer networks and vacuuming up personal information and communications,” Blumenthal said in a statement on 21 June. “Consumers have a right and a need to know what personal information… Google may have collected, how and why. Our investigation will consider whether laws may have been broken and whether changes to state and federal statutes may be necessary.”

600 Gigabytes Of WiFi Data

Google admitted on 14 May that its Street View cars had stored 600 gigabytes of WiFi network payload data for the last three years in more than 30 countries and regions all over the world.

The data storage happened as the result of rogue code a Google programmer placed on the company’s servers and Google has been working with affected countries to delete the data or at least disclose what data was collected in each region.

Blumenthal and his counterparts in over 30 states convened via conference call on 10 June to discuss whether or not to pool their resources to investigate Google. They wondered whether Google broke U.S. laws by collecting data from WiFi networks.

Google said in a letter to U.S. representatives on 9 June that it did not use any of the data it collected and broke no laws. A Google spokesperson reiterated that position to eWEEK on 21 June. “It was a mistake for us to include code in our software that collected payload data, but we believe we did nothing illegal. We’re working with the relevant authorities to answer their questions and concerns.”

Why Was Information Kept?

Blumenthal, who has naturally taken a strong interest into what kind of data was collected in his home state of Connecticut and in what towns, said that while he hoped Google continued to cooperate, its answers to his questions raised “as many questions as it answers.”

He called for the company to provide a comprehensive explanation of how this data collection happened, why the information was kept and what action will prevent a recurrence.

“Google needs to describe how code that intercepted and collected unencrypted data transmitted over WiFi networks was inserted into its software,” Blumenthal said. “We want to know who did this, why and how and when Google discovered it. Another concern is whether the data was accessed in any way by Google and if so when and why.”

Google, which has a third-party consultant investigating the code used to collect the data in the country, is under fire from data privacy authorities in Germany, Spain and France.