Google has not deleted the sensitive data it collected from private wireless networks in 2010, according to a report from The Telegraph. Earlier, the company had promised regulators it would dispose of the information.
The search engine giant originally collected the data while it was mapping areas for its Street View services. While its camera-equipped cars were taking photos to create street-level views of places around the world, they were also picking up sensitive data, including passwords, legal and medical information, that had been transmitted across home wireless networks that weren’t password-protected.
After the data collection was discovered in 2010, Google claimed it was an accident and that it was unaware of its mistake. It said it never used the information for commercial purposes. In May of 2010, the company wrote that the data collected from Ireland had been deleted and it was looking into ways to purge the additional information as quickly as possible.
However, a recent investigation suggests Google hasn’t kept its promise to delete the data. The Information Commissioner’s Office, which is in charge of data privacy in the U.K., said it had confirmation from Google that the company is still hanging on to some of the possibly sensitive information it collected. The IOC said it will investigate the data before Google deletes it.
Google did not respond to our request for comment.
Privacy Issues in US, Too
A U.S. Federal Communications Commission report from earlier this year found that some Google engineers and managers knew of the code responsible for picking up the data. Before the report was released, the FCC fined Google US$25,000 for impeding its investigation. Google refused to provide the appropriate individuals or documents that could help the regulatory commission conclude its report, according to the FCC.
The company has maintained throughout the international investigations that none of its actions picking up information from the U.S., Ireland, France, Belgium, Netherlands, Norway, Sweden, Finland, Switzerland, Austria and Australia were illegal, since the wireless accounts were unprotected.
The law has trouble keeping up with rapidly advancing technologies that have the power to collect such sensitive information, Jeff Kagan, a technology analyst and consultant, told TechNewsWorld.
“It may not be illegal for Google to have collected this data, but that’s not because it’s harmless,” he said. “No, it’s because this is all too advanced and new, and the law could never have predicted this would become an invention and then an issue. Now, after the fact, is when the lawmakers generally take a closer look and write law. The lawmaking process takes time.”
Google may not face severe legal consequences from this particular breach of privacy, but its actions could put it in a very negative light when policymakers undertake that rewriting process, said Marc Roth, a partner in the advertising, marketing and media division of Manatt, Phelps & Phillips.
“Their actions were in direct conflict from what they told the FCC and other regulators they were going to do,” he told TechNewsWorld. “That shows a disregard and a disrespect for the legal process, and that may not be legally actionable, but it doesn’t really help their cause with regulators. They are being watched pretty carefully from a privacy perspective as well as an antitrust perspective, and continued actions like this really sours relations.”
Now is not the time to compromise that credibility, said Aaron Kelly, Internet privacy attorney at Kelly Warner Law. Policymakers are now highly focused on passing tougher privacy regulations. With consumer data an important part of online companies’ business models, the legal battles could get interesting, said Kelly.
“Expect to see, over the next several years, online and social media companies pushing for less — or no — privacy regulations,” he told TechNewsWorld. “It should be interesting to watch, too, since up until now there has been some camaraderie between tech companies and tech users on various government regulations. But it will be interesting to see what happens when consumer privacy concerns are in direct conflict with corporations’ info-based revenue streams.”
However, while regulators and consumer privacy advocacy groups might be up in arms about Google and other tech companies’ snooping, mainstream consumer outrage hasn’t quite caught up to that, said Roth.
“This should kind of send a message to consumers, but I don’t think many people are aware of the breadth and expanse of their home WiFi networks and the kind of data that Google can collect. Consumer behavior probably will not change just because of this,” he said.