Google downplays claim it may have breached lawmakers' home networks

Computerworld - Google Inc. is playing down claims that it may have accidentally breached personal Wi-Fi networks at the homes of several members of Congress, including some working on national security issues.

Consumer Watchdog, a Santa Monica, Calif.-based advocacy group that has been a sharp critic of Google's privacy practices in the past, said Thursday that the search giant may have breached the networks while its vehicles were collecting wireless SSID information for the company's Street View service.

Google in May had disclosed that the accidental inclusion of code written for an experimental Wi-Fi project was causing its Street View cars to inadvertently collect "payload" data from unprotected Wi-Fi networks along the routes. Google said that it has since removed the code and stopped collecting any Wi-Fi data.

Consumer Watchdog said an investigation found that the wireless network of at least one key lawmaker could have been among those breached by Google's Street View cars before the code was removed.

The group said its conclusions are based on tests it conducted over the past few days using the same kind of packet-sniffing technologies likely used in Google's Street View cars as they gathered images for the service, which lets users overlay street-level images on Google Maps.

A company hired by Consumer Watchdog "sniffed" the networks of five members of Congress whose homes are pictured on Google's Street View. The tests uncovered at least one unencrypted network at the residence of Rep. Jane Harman (D-Calif.), who is chairwoman of the Intelligence Subcommittee of the Homeland Security Committee, said Jamie Court, president of the public interest group. The unencrypted network could have been breached by Google, the consumer group said. Harman couldn't be reached for comment.

Court said Consumer Watchdog found unprotected networks near the homes of four other members of Congress and images of the residences of at least 18 lawmakers in total on Street View. In a letter sent to those lawmakers, Consumer Watchdog urged that the House Energy and Commerce Committee hold an immediate hearing on the issue.

In an e-mail statement sent to Computerworld Thursday, Google said "it was mistake for us to include code in our software that collected payload data, but we believe we did nothing illegal. We're continuing to work with the relevant authorities to answer their questions and concerns."

The company maintains that any information accidentally collected is likely to be fragmented at best because its Street View cars were moving and someone would have had to be using a Wi-Fi connection at the exact moment the car passed by in order for Street View to collect data.

The Computer and Communications Industry Association yesterday criticized Consumer Watchdog for making the charges and for the tests conducted near the homes of lawmakers.

In a statement, Ed Black, president of the Washington-based CCIA, slammed Consumer Watchdog's claims and said the information collected by the consumer group went beyond the type of data collected by Google. "They detected unsecured Wi-Fi networks that anyone, including neighbors, can pick up," Black said. "It proves nothing about what, if anything, a person or company like Google might have done to intercept and record data," Black said.

"What Consumer Watchdog did was not a useful contribution to what could and should be a broader online privacy debate," he added.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is jvijayan@computerworld.com.

Read more about Security in Computerworld's Security Topic Center.