Google 'surprised' by revived UK Street View investigation
Google is unable to list precisely what kind of sensitive personal data its Street View cars captured from UK Wi-Fi networks
IDG News Service - Google is "surprised" that the U.K. Information Commissioner's Office (ICO) reopened its investigation into the way the company's Street View cars gathered personal data from unencrypted Wi-Fi networks, according to a letter that a Google official sent to the ICO on Monday.
The ICO demanded more information about Google's Street View data-harvesting practices earlier this month, after the U.S. Federal Communications Commission (FCC) revealed in a report that Google knew its Street View cars had gathered personal data when scanning unencrypted Wi-Fi networks. The ICO said that Google had in the past said specifically that if Street View cars had collected personal data they had done so by mistake.
Google's global privacy counsel, Peter Fleischer, said in a response to the ICO that the FCC findings do not in any way change the position from the time that Google and the ICO reached an agreement in November 2010. However, the company does not seem to be able to answer all of the ICO's new questions.
For instance, Google is unable to list precisely what type of sensitive personal information was captured within the payload data collected in the U.K., wrote Fleischer in his response. The data on the hard drive that was shared with the ICO in the previous investigation was not further viewed or analyzed, Fleischer added. "Therefore, Google cannot definitively list what types of personal data and/or sensitive personal data were captured within the payload collected in the UK," he wrote.
But the data collected with Street View cars is likely to be similar to what other European data protection authorities found, he said. The data gathered by Street View cars included entire emails, URLs and passwords, according to Fleischer.
Besides the types of information mentioned by Fleischer, the Dutch data protection authority, for instance, reported in April 2011 that it had found medical data and data concerning financial transactions.
The ICO also wanted to know why, when it investigated Street View in 2010, it found only SSIDs and MAC addresses in the payload data and did not find any of the personal data Fleischer mentioned. According to Google, this kind of data probably could be found on the disk that it provided to the ICO at the time, but the personal data was probably overlooked because it was present in very small quantities. Approximately 0.0131% of the 700GB of data on the disk shared with the ICO consisted of Wi-Fi data, Google estimated. And approximately 1.5% of the Wi-Fi data was payload data, Fleischer wrote.
"Having not analyzed any of the payload data collected by the Google Street View Vehicles, We have no information on what proportion (if any) of payload data may have been 'personal data'," Fleischer wrote.
The ICO also asked Google to detail at what point Google managers became aware of the gathering of Wi-Fi data by Street View cars. Google maintains that while there were "red flags" that suggested the software written by an unnamed Google engineer was able to gather personal data, these signals were missed or misunderstood by Google managers involved in the project. Since the managers did not recognize that the data-gathering project might raise privacy concerns, the problems were not addressed, said Fleischer. Furthermore, he said that no senior Google managers were briefed about the collection of payload data.
The ICO is considering a response to Google's letter, a spokesman said via email.
Changing the Way Government Works: Four Technology Trends that Drive Down Costs and Increase Productivity
This paper discusses four technology-based approaches to improving processes and increasing
productivity while driving down department and agency costs.
- Gartner Magic Quadrant for Client Management Tools The client management tool market is maturing and evolving to adapt to consumerization, desktop virtualization, and an ongoing need to improve efficiency.
- Audit Ready and Asset Optimized: The Solid Promise of an Intelligent Software Asset Management Solution In this paper Frost & Sullivan examines the benefits of enterprise-grade Software Asset Management solutions, and how these solutions serve as the convergence...
- Pragmatic Endpoint Management: Empowering an SMB Workforce in the Age of Mobility Lacking the time for proper training and education, SMB administrators often resort to taking shortcuts to keep their environment running.This paper discusses the...
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Gov't Legislation/Regulation White Papers | Webcasts