End of the Road for Google Street View Row

What better way to celebrate my return from 7 months on secondment than a post on the Brodies Tech Blog?

A lot has been going on in the world of technology in my absence – for example, boffins have invented a camera which can take pictures around walls (sort of).

However I’d like to discuss the most recent scandal concerning Google’s much-maligned Street View. A lot of people were unhappy last year when Google sent cars around the UK to capture street images which were then published on the internet. However it has gradually emerged that the Google cars were doing more than simply carrying out street-level photography. German authorities discovered that the cars were also gathering information about the location of unencrypted WiFi “hotspots”. And then the Canadian Privacy Commissioner learned that during this exercise Google had “mistakenly” collected payload data , or, in plainer English, mistakenly collected the actual information being sent on WiFi networks, including emails, URLs and passwords.

It remains unclear, even from a third-party audit why code designed to collect WiFi data transmissions got incorporated into a WiFi hotspot logging program.

Google apologised, and deleted the data, and throughout the summer it was speculated that Google might be the first company to be fined under the Information Commissioner’s new powers to impose monetary penalties on data controllers for breaches of the Data Protection Act. In July the Information Commissioner said that he did not think that the data captured by Google included significant amounts of personal data, nor was there any evidence that the data capture caused, or would cause, detriment to any individual. In August the Commissioner then said that if any law had actually been broken then it was probably not the Data Protection Act, but possibly the Regulation of Investigatory Powers Act, which governs the interception of communications, and is outwith the Information Commissioner’s ambit. And finallylast week the Information Commissioner released a press release, announcing that Google had signed a commitment to improve data handling to ensure breaches like the collection of WiFi payload data by Google Street View cars would not occur again.

This signed commitment appears to be the extent of Google’s censure, and this may initially seem surprising, especially if you consider that individuals have been fined and/or imprisoned for accessing unencrypted WiFi networks without permission. However, I think the difference is the intent. Google didn’t mean to intercept and/or collect the data, and it has also destroyed it. The Metropolitan Police did investigate a possible breach of the Regulation of Investigatory Powers Act, but closed their case, believing that criminal charges were not appropriate.

I think the situation is arguably comparable to a refuse collector gathering personal data because they have collected a bin. The refuse collector isn’t deliberately gathering the data, and it’s only being collected because it hasn’t been treated with enough care. While using an unencrypted WiFi network isn’t directly comparable to throwing your personal data in the bin for anybody to find, it’s not as different as you may think! And by leaving your network unsecured you may also be in breach of your contract with your ISP! And so on.

It’s nice to be back!

0 Responses to “End of the Road for Google Street View Row”

  1. Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Twitter: @BrodiesTechBlog feed

December 2010
« Nov   Jan »

%d bloggers like this: