UK Privacy Agency Reopens Inquiry into Google Street View Spying
Just when the fallout of the Google Street View spying fiasco appears to have subsided in the United States, evidence of Google having “deliberately captured” payload data from unsuspecting wi-fi users has prompted the United Kingdom’s Information Commissioner’s Office to reopen its own investigation into Street View. The decision to revisit the Street View scandal comes as a result of investigation by the Federal Communications Commission in which it was revealed that Google was in fact not so ignorant of the payload data collection and, in fact, the entire Street View team had been given the details of the wardriving project by Engineer Doe (who was later revealed to be Marius Milner and not-so rogue after all).
In a letter to Google Senior Vice President Alan Eustace and Google France’s Global Privacy Counsel Peter Fleisher, the ICO suggests that Google intentionally misled the agency about the collecting payload data. ICO Head of Enforcement Steve Eckersley calls on Google to reveal what type of personal information was captured by the Google Street View cars, to provide copies of the original software details, and, among other information, why Google didn’t admit to knowing about the payload data collection in 2010 when the software had knowingly been in use since 2006.
Eckersley recounted in the letter the types of sensitive data that Street View cars are said to have collected from unsuspecting users and concluded, “Given the findings of the FCC we have reopened our investigation.”
The ICO, like every government agency that has asked Google for answers regarding the company’s practices, will likely find that Google is a tenacious competitor in these sorts of legal stare-down contests. Google will: say that they’re going to comply with all of the ICO’s requests but not actually comply, say that it has previously provided the information that the ICO has requested and therefore doesn’t need to supply more, or begrudgingly reveal the requested information piecemeal over the course of time until a minimal level of satisfaction and fatigue has been acquired by the ICO.
In 2010, the ICO deemed that the covert collection of payload data was wrong of Google but, “On the basis of the samples we saw we are satisfied so far that it is unlikely that Google will have captured significant amounts of personal data.” The agency also said, “There is also no evidence as yet that the data captured by Google has caused or could cause any individual detriment.” That was about the extent of the punishment doled out to Google at the time, but given Google has effectively been caught with its hand in the payload jar the ICO may pursue heavier penalties for Google this time around.
When asked for comment about the ICO’s decision, a Google spokesperson replied, “We’re happy to answer the ICO’s questions. We have always said that the project leaders did not want and did not use this payload data. Indeed, they never even looked at it.”
While that statement sounds encouraging, Google doesn’t seem to grasp the concept that its accountability in this particular case is somewhat mired given its already concealed or deceived investigators about what exactly was going on with the Street View wardriving.
The full letter to Eustace from the ICO is below.All Things D.]