May 16, 2010

Google "Mistakenly" Collected Sensititve Data From WiFi Networks

When German authorities wanted to check the Wifi data Google collected with their Street View cars, Google say they reexamined that data and the collecting software... and found out that they were actually not just collecting Wifi network names and addresses, but also “information sent over the network”. Google says this happened by mistake; a piece of code written four years ago allegedly made it into the live software three years ago, without intent by the project leaders. Google now wants to delete this data as soon as possible, they say, and they furthermore say they “decided that it’s best to stop our Street View cars collecting WiFi network data entirely”.

This case illustrates some issues at hand. For one thing, it shows how software of a single engineer at Google can have quite far reaching privacy consequences. Google likes to build things that are scalable and which will have enormous impact; an erronous piece of code in such a system may have similarly big impact. Furthermore, the case shows that sometimes it needs authorities pressuring Google to actually make Google reexamine their approaches. Last not least, from what we can see, Google tries to make the case really transparent and public once it found out about their error. Looking at the blog post, I could imagine that Google upon finding out really wanted to make sure that there was no hiding of this, and this may be the important line between corrupt (intentionally bad) or merely flawed (unintentially bad) handling of data.

Google adds, “This incident highlights just how publicly accessible open, non-password-protected WiFi networks are today.”

[SOURCE]

No comments: