Google has admitted it accidentally gathered personal data
from wi-fi networks while doing its Street View mapping, and has now stopped
Last month it was revealed that the cars taking photographs
for Street View had also been collected information from non-protected wi-fi
access points, including wi-fi devices inside private homes. Google responded
that this was not illegal, as the broadcast information could be read by anyone
with a wi-fi enabled device, and that the data collected would be used to
improve Google’s geo-location services.
An international group of privacy commissioners, including
New Zealand’s Marie Shroff, criticised Google earlier this year for launching
Street View “without due consideration of privacy and data protection laws and
There were complaints from members of the public whose homes
appeared on Street View, particularly when people’s faces were clearly visible.
The commissioners noted that such privacy concerns were addressed “only after
the fact, and there is continued concern about the adequacy of the information
you provide before the images are captured”.
Last week, Shroff issued a statement saying she was
surprised the public had not been told beforehand that Google’s cars would be
collecting other information. She said she had asked Google to confirm that wi-fi
data was collected in New Zealand, before deciding whether to take further
Now Google admits that its cars collected data transmitted
by the wi-fi networks they passed – previously it had denied doing this, saying
they only collected publicly broadcast SSID information (the wi-fi network
name) and MAC addresses (the unique number given to a device like a wi-fi
In a blog posting, Alan Eustace, Google’s Senior VP,
Engineering & Research, says collecting the data was “a mistake”.
“In 2006 an engineer working on an experimental wi-fi
project wrote a piece of code that sampled all categories of publicly broadcast
wi-fi data,” Eustace said. “A year later, when our mobile team started a
project to collect basic wi-fi network data like SSID information and MAC
addresses using Google’s Street View cars, they included that code in their
software – although the project leaders did not want, and had no intention of
using, payload data.
“As soon as we became aware of this problem, we grounded our
Street View cars and segregated the data on our network, which we then
disconnected to make it inaccessible. We want to delete this data as soon as
possible, and are currently reaching out to regulators in the relevant
countries about how to quickly dispose of it.”
Street View cars have now stopped collecting wi-fi data
entirely, Eustace said. A third-party review will look at the software
concerned and confirm that all data collected has been deleted. Procedures are
also being reviewed to ensure this doesn’t happen again.
“The engineering team at Google works hard to earn your
trust – and we are acutely aware that we failed badly here. We are profoundly
sorry for this error and are determined to learn all the lessons we can from
our mistake,” Eustace concluded..