FCC Google StreetView report shocks "duped" EU regulators

Investigations may be re-opened or widened

European data protection regulators may widen ongoing Google StreetView investigations in light of the US report which revealed that several Google engineers knew of plans to collect ‘payload’ data back in 2007.

The detail in the US Federal Communications Commission’s report published by the <i>New York Times</i> (NYT) that appears to have shocked EU data protection authorities was:

“As early as 2007 and 2008 ... Street View team member (sic) had wide access to Engineer Doe’s Wi-Fi data collection design document and code, which revealed his plan to collect payload data”, which several nation's investigations found included emails, passwords and other personal data.

Privacy regulators in Britain, Germany and France confirmed the new information revealed in the report, which Google released, may change the course of investigations, NYT reported Wednesday.

Dutch Data Protection Authority commissioner Jacob Kohnstamm told NYT “this is a bloody shame”.

Johannes Caspar, Hamburg’s data protection commissioner who initiated the first investigation into Google's war driving, suggested in a statement to NYT that Google had deceived it during its investigations in 2010.

“We had been told that it was a simple mistake, as the company had told us. But now, we are learning that this wasn’t a mistake and that people within the company knew this information was being collected,” said Caspar.

A spokesperson for Hamburg’s data protection authority later clarified to <i>Ars Technica</i> that it was not so much “deceived” as “duped” by Google.

Page 11 of the FCC’s 25 page report also shows Engineer Doe had raised privacy as a potential issue since it was known the program being used would collect email data, but he concluded that the short duration of that collection period made it “not a significant concern”.

Earlier this week NYT revealed the identity of “Engineer Doe”, the developer of the payload collecting program gstumbler, gslite and later Kismet (PDF), as Google engineer Marius Milner.

Milner created a similarly-named Windows ‘war driving’ tool in the early 2000s called NetStumbler, <i>Wired</i> reported.

A Google spokesperson said it disagrees with some parts of the FCC’s report but agreed with the commission’s finding that it did not break the law. The FCC however issued a small fine of US$25,000 to Google for obstructing its investigations.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

More about EUFCCFederal Communications CommissionGoogleUS Federal Communications Commission

Show Comments

Featured Whitepapers

Editor's Recommendations

Brand Page

Stories by Liam Tung

Latest Videos

More videos

Blog Posts