Google WiFi data collection would have breached law: Privacy Commissioner

Privacy group happy as Google apologises for Street View WiFi data collection and agrees to undertake Privacy Impact Assessments
A screen grab of the Google Australia apology over its WiFi data collection

A screen grab of the Google Australia apology over its WiFi data collection

  • A screen grab of the Google Australia apology over its WiFi data collection
  • The Google Street View Trike at Taronga Zoo, Sydney.
  • The Google Street View Trike at Taronga Zoo, Sydney.
  • The Google Street View Trike at Taronga Zoo, Sydney.
  • The Google Street View Trike at Taronga Zoo, Sydney.
View all images

The Australian Privacy Commissioner has handed down its judgement on Google’s Street View WiFi data capturing, concluding the company’s collection of personal information “would have breached the Privacy Act”.

In response to the Privacy Commissioner, Karen Curtis’ investigation into the Internet giant’s Street View cars capturing WiFi access points' unique MAC addresses and unsecured payload data, Google has agreed to apologise and undertake Privacy Impact Assessments (PIA) on “on any new Street View data collection activities in Australia that include personal information”.

It has also agreed to provide the PIAs to the Commissioner and continue consultation over personal information collection “arising from significant product launches in Australia”.

"These steps will ensure Google's future products have privacy protections built in rather than bolted on. Google's undertakings will last for three years. These undertakings will be reviewed following any reforms to the Privacy Act,” Curtis said in a statement.

"Under the current Privacy Act, I am unable to impose a sanction on an organisation when I have initiated the investigation. My role is to work with the organisation to ensure ongoing compliance and best privacy practice.”

In May, Google ceased collecting WiFi data as part of its Street View program days after being sent a letter by the Electronic Frontiers Association (EFA) and the Australia Privacy Foundation (APF), which were worried about security and privacy. The company faced similar concerns across the world where its Street View vehicles operate.

We’re sorry, Google Australia today issued an apology, titling the post “We’re sorry”.

“We want to reiterate to Australians that this was a mistake for which we are sincerely sorry. Maintaining people’s trust is crucial to everything we do and we have to earn that trust every single day. We are acutely aware that we failed badly here,” Google senior vice-president of engineering and research, Alan Eustace, wrote.

The EFA’s Geordie Guy welcomed the “official” outcome.

“The Privacy Commissioner is who Australians expect to deal with privacy, and her office has issued a determination,” Guy told Computerworld Australia. “It's a welcome relief from some of the hand wringing we've seen from nearly every other sector and we hope it provides some perspective and closure.”

He added that as assessments by the EFA and “other experts” found Google’s collection of the WiFi data was inadvertent, it seemed a fair outcome that “Google formally recognise their mistake and undertake to consider how their conduct might affect Australians down the track”.

“You consider how your conduct will affect Australians in Australia with a PIA, so that's appropriate here,” Guy said.

“Google did make an error, but the gravity of that error was quickly overtaken by the people who lined up to take advantage of it and the most ostentatious there was Senator Conroy and his fanciful statements that were issued to sandbag against criticism of his department.”

In June, the French National Commission on Computing and Liberty (CNIL), which like many other countries is conducting an investigation into Google’s actions, found the data collected by the Street View cars included passwords and e-mails.

Data protection authorities in Spain and Germany have also asked Google for access to WiFi traffic data intercepted in their countries, while Italy has launched an investigation and concerns have been raised in the US by lawmakers.

However, there was no mention made in the Curtis’ statement of what would happen to the data that was collected or whether it could be used by those looking to launch legal action.

“Other privacy authorities and law enforcement agencies may still be investigating the collection of WiFi 'payload' data by Google. In view of those ongoing investigations I do not propose to comment in more detail,” Curtis said.

More about: EFA, Google, Privacy Foundation
References show all

Comments

1

Somethings fishy

Sat 10/07/2010 - 07:50

Headline: Consumer Group Sniffs Congresswoman's Open Wi-Fi

Update: All Parties Are Glad That's All They Sniffed

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: privacy, Google
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/170/gadwin-geforms/

Gadwin GeForms

GeForms allows you to create your own forms or fill in existing forms electronically. Using GeForms you are provided with sophisticated form design tools which ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia