Google to face fresh scrutiny over WiFi snooping

Google's conduct over the notorious 'WiSpy' incident is facing fresh scrutiny from the Information Commissioner's Office

Google's conduct over the notorious "WiSpy" incident is facing fresh scrutiny from the Information Commissioner's Office (ICO), following the publication of a report by its US counterpart the Federal Communications Commission (FCC).

In May 2010, Google admitted that it had inadvertently collected more than 600GB of payload data - including full URLs, emails and passwords - from unsecured Wi-Fi networks around the world, while photographing streets for its Street View application.

However, the FCC report, released last month, casts doubt on Google's claims that the data collection was accidental, claiming that Google engineer Marius Milner had "intended to collect, store and review payload data for possible use in other Google projects".

The document goes on to state that, in addition to Milner, other Google employees, including at least one senior manager, were aware of the practice long before it was brought to the attention of the FCC. Google had previously claimed he acted without the knowledge or authorisation of senior managers.

Google is now facing a US $25,000 fine from the FCC for repeatedly failing to respond to requests for information, thereby impeding the agency's investigation.

The ICO conducted its own investigation into the incident in July 2010, concluding that the data collected was free of any "meaningful personal details". However, the Information Commissioner did a u-turn later that year, stating that the search giant had indeed broken the law.

It later emerged that the ICO had send lawyers, not technical staff, to investigate Google's Wi-Fi data breach, leading Conservative MP Robert Halfon to label the ICO 'Keystone Kops'. He also described the Information Commissioner as "lily-livered" and said the ICO's lack of action was "lamentable".

The ICO is now considering reopening its investigation, in light of the FCC report. The regulator said in a statement that it is in the process of deciding whether further action, if any, needs to be taken.

"Google provided our office with a formal undertaking in November 2010 about their future conduct, following their failure in relation to the collection of WiFi data by their Street View cars," said a spokesperson.

"This included a provision for the ICO to audit Google's privacy practices. The audit was published in August 2011 and we will be following up on it later this year, to ensure our recommendations have been put in place."

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments