Google Found Guilty of Australian Privacy Breach

schliz writes "The Australian Privacy Commissioner has found Google guilty of breaching the country's Privacy Act when it collected unsecured WiFi payload data with its Street View vehicles. While the Commissioner could not penalize the company, Google agreed to publish an apology on its Australian blog, and work more closely with her during the next three years. Globally, Google is said to have collected some 600 GB of data transmitted over public WiFi networks. In May, the company put its high-definition Australian Street View plans on hold to audit its processes."

Let me get this straight..

[Techman83]

It's not ok for google to inadvertadly capture minute packets of useless information, but it's ok for the government to direct ISPs to intercept data illegally.

The Australian Labor party have time and time again broken their promises, Barging ahead with Policies that their citizens do no want and completely fucking up things they tried to achieve

The only reason Google are in hot water is because they stood up to Senator Conroy and he got upset about it.

I for one will be making my vote count this year and I urge all fellow Australian slashdotters to do the same.

Re:Private?

[KDR_11k]

I find this statement quite funny, as Slashdotters on average have no respect for the law, so stating its legal status holds no merit

What, in a debate about a country investigating a company? You think the investigators follow Slashdot instead of the law?

Regardless, your statement above is demonstrably absurd. The average cellphone user cannot disable GPS tracking, either. The average person cannot do a great many things when it comes to securing their privacy. Someone who uses these legal methods to accumulate this data (say, by tracking GPS positions using Google Latitude or other services) is not in the wrong.

Yes they are, unless they have specific consent from the user to collect that data they have no right to collect it. If it's generated by regular use of the service the data has to be destroyed, not stored. Only information necessary for billing can be stored by default and then only as long as they are necessary for billing/tax purposes, after that they must be destroyed. A person is allowed to look into the personal data held by a corporation on him (of course not free of charge) and correct it or have it destroyed. Last I checked laws were being implemented that prevent opt-in clauses for data collection to be a part of a non-negotiated contract that's primarily about something else (e.g. a contract to use a service, without that you can't use the service but the citizen must have the ability to use the service without opting into additional data collecting). EULAs are invalid in Germany so that doesn't work either. There are also a ton of sanctions on the data including not exporting it to countries that don't have such strict data protection laws without voluntarily obeying EU data protection laws there too.

As you can imagine a company like Google that's specialized in gathering personal information about people isn't terribly popular with the agencies in charge of enforcing data protection laws.