Skip Links

Google "failed badly" over Wi-Fi data collection

By Trevor Clarke, Computerworld Australia
May 17, 2010 10:32 AM ET

Computerworld Australia - Google has ceased collecting Wi-Fi data as part of its Street View program days after being sent a letter by privacy groups worried about security and privacy.

The decision was announced in a blog post by Google senior vice-president of engineering and research, Alan Eustace.

In the post, Eustace said an audit request by the German data protection authority (DPA) into the Wi-Fi data collected by its Street View cars led to an internal examination of the program that found the company had "mistakenly" collected payload data (information sent over a network) in addition to SSID and MAC address details.

This was contrary to information the company had provided to German authorities and published in a blog post on 27 April.

Eustace also said Google had not used any of the data gathered in products and only fragments of payload data were collected because "our cars are on the move; someone would need to be using the network as a car passed by; and our in-car WiFi equipment automatically changes channels roughly five times a second. In addition, we did not collect information traveling over secure, password-protected WiFi networks".

He went on to call the payload data collection a mistake.

"In 2006 an engineer working on an experimental WiFi project wrote a piece of code that sampled all categories of publicly broadcast WiFi data. A year later, when our mobile team started a project to collect basic WiFi network data like SSID information and MAC addresses using Google's Street View cars, they included that code in their software--although the project leaders did not want, and had no intention of using, payload data," the blog post reads.

"As soon as we became aware of this problem, we grounded our Street View cars and segregated the data on our network, which we then disconnected to make it inaccessible. We want to delete this data as soon as possible, and are currently reaching out to regulators in the relevant countries about how to quickly dispose of it."

Earlier in the week the Electronic Frontiers Association (EFA) and Australia Privacy Foundation (APF) jointly questioned potential security breaches conducted by Google's Street View program.

In an open letter addressed to Google Australia's head of public policy and government affairs, Iarla Flynn, the two organisations highlighted the company's collection of Wi-Fi access point data by cars taking photos of streets and houses as part of its Street View feature.

(In pictures: Google's trike at Taronga Zoo.)

The letter's complaint centred on Google's announcement last month that its Street View cars captured Wi-Fi access points' unique MAC addresses while also taking 360 degree imagery of the surrounding area. While users can change the name, or SSID, of their wireless network, the MAC addresses are fixed to the router or device.

In the Google blog entry that incited the open letter, the company explained that it utilises this data to provide better location data for GPS-enabled devices such as smartphones.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News