Corporate Partners

FCC Google StreetView report shocks "duped" EU regulators

Investigations may be re-opened or widened

European data protection regulators may widen ongoing Google StreetView investigations in light of the US report which revealed that several Google engineers knew of plans to collect ‘payload’ data back in 2007.

The detail in the US Federal Communications Commission’s report published by the New York Times (NYT) that appears to have shocked EU data protection authorities was:

“As early as 2007 and 2008 ... Street View team member (sic) had wide access to Engineer Doe’s Wi-Fi data collection design document and code, which revealed his plan to collect payload data”, which several nation's investigations found included emails, passwords and other personal data.

Privacy regulators in Britain, Germany and France confirmed the new information revealed in the report, which Google released, may change the course of investigations, NYT reported Wednesday.

Dutch Data Protection Authority commissioner Jacob Kohnstamm told NYT “this is a bloody shame”.

Johannes Caspar, Hamburg’s data protection commissioner who initiated the first investigation into Google's war driving, suggested in a statement to NYT that Google had deceived it during its investigations in 2010.

“We had been told that it was a simple mistake, as the company had told us. But now, we are learning that this wasn’t a mistake and that people within the company knew this information was being collected,” said Caspar.

A spokesperson for Hamburg’s data protection authority later clarified to Ars Technica that it was not so much “deceived” as “duped” by Google.

Page 11 of the FCC’s 25 page report also shows Engineer Doe had raised privacy as a potential issue since it was known the program being used would collect email data, but he concluded that the short duration of that collection period made it “not a significant concern”.

Earlier this week NYT revealed the identity of “Engineer Doe”, the developer of the payload collecting program gstumbler, gslite and later Kismet (PDF), as Google engineer Marius Milner.

Milner created a similarly-named Windows ‘war driving’ tool in the early 2000s called NetStumbler, Wired reported.

A Google spokesperson said it disagrees with some parts of the FCC’s report but agreed with the commission’s finding that it did not break the law. The FCC however issued a small fine of US$25,000 to Google for obstructing its investigations.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Comments

Comments are now closed

Editor's Recommendations

Solution Centres

Events

View all events Submit your own security event

Blog Posts

Media Release

More media release

Market Place