A Google executive said Friday that the company "failed badly" when its Street View cars collected unencrypted WiFi data , adding that "we are mortified by what happened." In a post on The Official Google Blog, Senior VP of Engineering and Research Alan Eustace announced several changes to strengthen the search giant's internal privacy and security practices.
Those changes include the appointment of Alma Whitten as director of privacy across both engineering and product management. Whitten is described as "an internationally recognized expert" in privacy and security, and she will be charged with building more effective privacy controls in products and policy. For this effort, Google said it is increasing the number of engineers and product managers who will be working with her.
'Privacy Design Document'
Another prong of the new effort is the enhancement of core training for engineers, product managers, and others on "the responsible collection, use and handling of data." This will be added to the current orientation training about privacy principles, which includes signing the company's Code of Conduct. By the end of this year, all employees will also have to take a new information security awareness program.
Google will also be adding new processes to its internal compliance procedures, which will mandate that engineering project leaders maintain a "privacy design document" for every project they head.
The new initiative comes as governmental regulators around the world continue their investigations. In his posting, Eustace noted that a closer inspection by regulators has indicated that, in some cases, entire emails and URLs were gobbled up by the Street View cars, in addition to passwords and other data.
Italy's privacy regulators said Saturday that the company has to make sure its Street View cars are clearly marked, and their routes and schedules need to be publicized three days in advance. Investigations have also been launched in Germany, Ireland, Italy, France, Spain, Australia, and other countries. In the U.S., a multi-state governmental team has been looking into the matter, and at least seven class action lawsuits have been filed.
'Clear Violation' of Google Policies
The Street View controversy stems from the collection of private wireless data by Google vehicles, which have ridden down streets worldwide to collect photos for use on the company's Street View application within Google Maps. Google said that about 600 GB of data, in 30 countries, has been mistakenly collected. (continued...)
Posted: 2010-11-12 @ 4:45am PT
They haven't deleted it yet because the investigations prohibit them from doing so. Deleting it would be "tampering with evidence".
Anon Y. Mous:
Posted: 2010-11-01 @ 8:08am PT
Another reason to set your router not to broadcast your SSID and have your wireless network encrypted!
Posted: 2010-11-01 @ 4:49am PT
When are people going to wake up to the fact that our moves are minds, studied and predicted? I personally am sick of being one of the subjects, and I don't care whether it may be in "aggregate" form or not. The fact of the matter is that we don't know where our data really goes, and neither do the companies who collect it. Thanks a lot, Google, but it's time for you to go in my opinion.
Posted: 2010-10-30 @ 9:33pm PT
600GB != terabytes
Posted: 2010-10-30 @ 4:00pm PT
The reason SSIDs were being collected is, I'm pretty sure, that they have built a database of GPS locations of all the wireless networks they encountered.
This is very useful because it allows devices with no GPS hardware to determine location purely by looking up the locations of locally visible WiFi networks - like a poor man's GPS. For example, Google Maps on my 1st gen iPod Touch can locate me quite accurately on the map just by the WiFi.
On the minus side, I gave my old router to my father 200 miles away and now his iPod thinks it's in my house!
Posted: 2010-10-26 @ 5:50am PT
Why would they even collect the SSID information as part of their mapping??? To make it EASIER for people to hack open networks by providing a picture of the building it is located in.
Posted: 2010-10-25 @ 3:25pm PT
Good point. Has it been deleted? Will it.
Inidiviuals have been convicted of using other peoples wireless network. Google CEO should be prosecuted!! To say Oooops is not enough.
Posted: 2010-10-25 @ 2:52pm PT
Everyone should be grateful that the Wi-Fi Security weaknesses exposed by Street View’s Cars has brought this matter to the attention of so many people.
Just think (if you are using Wi-Fi) as you are reading this comment, your computer could be easily accessed from a car or a neighbor in your street and it could be downloading illegal material for which you could be fined or imprisoned depending on the content of the download.
This brings me to say that the laws about downloading material, as they are, cannot be seriously enforced, as anyone could have placed this material on your ISP’s server track record (and or on your computer’s hard drive) simply by carrying out the latter.
As to encryption of your ‘Wi-Fi Security System’ there are devices that can decrypt any encryption in a matter of minutes sometimes-even seconds.
Remember the pub owner in UK (under Mandy's revised Law) was fined Ł8000 when one of his customers was caught downloading copyrighted digital content from the pub’s Wi-Fi? See ‘Digital Rights Act/ Digital Economy Bill’ is legally seriously flawed.
Signed Carl Barron Chairman of agpcuk
Posted: 2010-10-24 @ 1:44pm PT
I noticed in the article there is no mention of the data illegally/wrongly collected being deleted!
"Google said that about 600 GB of data, in 30 countries, has been mistakenly collected." Translation: Google has terabytes of your personal data - ha!