Google ‘Mortified’ Street View Cars Swiped Emails, Passwords
October 25, 2010
(ChattahBox Technology News)—-Google dropped its time bomb revelation on late Friday, perhaps hoping the embarrassing news would escape notice. It didn’t. It turns out that the controversial Wi-Fi spying by its Street View cars was much worse than the company previously admitted. And it took outside regulators to uncover the extent of the massive snooping. What Google officials dismissed as the capturing of unintended “fragmentary” data in May, actually was much more onerous. For three years, the Street View cars scooped up “entire emails and URLs,” including “passwords.” Google blamed the mining of payload data on a rogue engineer. Google seems to have a problem with rogue snoops in its employ. The mining of private wireless data is so troublesome, a privacy organization in London is looking into filing criminal charges against Google.
Google published a lengthy post on its official blog, saying the wireless data was “mistakenly collected,” and the company blamed the fiasco on “human error.” At the same time, the search engine giant admitted it “failed badly,” adding company officials are “mortified.”
“In May we announced that we had mistakenly collected unencrypted WiFi payload data (information sent over networks) using our Street View cars. We work hard at Google to earn your trust, and we’re acutely aware that we failed badly here,” read Google’s mea culpa posted by Alan Eustace, Senior VP of Engineering & Research.
To ensure the company’s nosy engineers don’t become overzealous again in the future, Eustace is proposing additional privacy training for employees, that would “focus on the responsible collection, use and handling of data.” Engineers would also be required to beef up their compliance documentation.
Google also promises it will delete the wireless data, as soon as possible. But there is a looming question here. Why did it take outside regulators to figure out that the so-called “fragmentary” data wasn’t so fragmentary after all?
“Finally, I would like to take this opportunity to update one point in my May blog post. When I wrote it, no one inside Google had analyzed in detail the data we had mistakenly collected, so we did not know for sure what the disks contained. Since then a number of external regulators have inspected the data as part of their investigations (seven of which have now been concluded). It’s clear from those inspections that while most of the data is fragmentary, in some instances entire emails and URLs were captured, as well as passwords. We want to delete this data as soon as possible, and I would like to apologize again for the fact that we collected it in the first place. We are mortified by what happened, but confident that these changes to our processes and structure will significantly improve our internal privacy and security practices for the benefit of all our users,” wrote Eustace.
Besides the rogue Street View cars engineer, Google also has a big problem with at least one engineer spying on the gchats and contacts lists of minors. The creepy engineer, David Barksdale used the private data to stalk teens on the Internet.
Google should be “mortified.”
Photo Source: Wikimedia/Flickr/Bob Bobster/Google Street View Car in Honolulu/Creative Commons Attribution.