Google "mortified" by amount of personal info in Street View data

The search giant has implemented a number of new privacy and security measures to mitigate against future repeats

Five months after “mistakenly” collecting “fragmented” data from home networks via its Street View cars, Google has confirmed that private emails, Web addresses as well as passwords were among the data captured.

In a recent blog post, the search giant admitted to “failing badly”, noting that in May, Google had not analysed the data and did not know what information was included in the collection.

“Since then a number of external regulators have inspected the data as part of their investigations (seven of which have now been concluded),” Google senior vice president of engineering and research, Alan Eustace, said in the post. “It’s clear from those inspections that while most of the data is fragmentary, in some instances entire emails and URLs were captured, as well as passwords.

“We want to delete this data as soon as possible, and I would like to apologize again for the fact that we collected it in the first place.”

According to the post, the company has put in place a number of new processes in an attempt to rectify its internal privacy and security practices.

The company has appointed a director of privacy, Alma Whitten, across its engineering and product management. The role will focus on building effective privacy controls into the company’s products and internal practices. The company is also looking to increase the numbers of engineers and product managers to assist with this.

Staff training procedures will also be altered with specific focus on the responsible handling and collection of data.

“In addition, starting in December, all our employees will also be required to undertake a new information security awareness program, which will include clear guidance on both security and privacy,” the post reads.

The search giant will also add a new review process to the existing review system, in which every engineering project leader will need to maintain a privacy design document, detailing how user data is being handled, for each project they are working on.

“We are mortified by what happened, but confident that these changes to our processes and structure will significantly improve our internal privacy and security practices for the benefit of all our users,” the post reads.

The ordeal has prompted much criticism of Google’s Street View program, including an open letter from both the Electronic Frontiers Association and Australia Privacy Foundation jointly questioning potential security breaches the program posed.

Join the Computerworld newsletter!

Error: Please check your email address.

Tags google street viewdataGoogleprivacy

More about GooglePrivacy Foundation

1 Comment

Pasc

1

This makes no sense. Google is apologising for something that is totally not their fault.

People are broadcasting confidential information unencrypted into the world where it can be collected by anyone with a wifi card. Whether Google goes out of their way to not record the data or not, there are people out there collecting it, who actually plan to use it to commit fraud.

We should be thankful that this problem has finally been given air play in the mainstream media where non techs will actually see it and just maybe not turn off encryption on their wifi router next time they buy one.

Comments are now closed

Get ready for IoT, mobile cybercrime in 2015: industry

READ THIS ARTICLE
DO NOT SHOW THIS BOX AGAIN [ x ]