Slashdot Mirror

← Back to Stories (view on slashdot.org)

Google Didn't Delete All Street View Wi-Fi Data

Posted by Soulskill on from the don't-trust-the-recycle-bin dept.

nk497 writes "Google is in more trouble over the Street View Wi-Fi data slurping incident. Two years ago Google admitted it had collected snippets of personal data while sniffing for Wi-Fi connections. The UK's data watchdog, the ICO, didn't fine Google, but did demand it delete the collected data. Following the FCC's investigation, the ICO double-checked with Google that the data was deleted, receiving confirmation that it had. Except... it hadn't all been deleted, Google has now admitted. That breaches the deal between the ICO and Google, and the watchdog has said it's in talks with other regulators about what to do next."

3 of 150 comments (clear)

  1. expectation of privacy by Anonymous Coward · · Score: 5, Interesting

    This stuff was was broadcast in the clear over public airwaves. That means it has no expectation of privacy. If you want privacy, every WAP I've ever heard of provides encryption. Turn it on, and you DO have an expectation of privacy, so if Google was decrypting it, then they should be punished.

    Must we design the whole world to protect the least competent people from themselves?

  2. Handed over to the ICO? by hawguy · · Score: 5, Insightful

    This makes no sense:

    “In their letter to the ICO today, Google indicated that they wanted to delete the remaining data and asked for the ICO’s instructions on how to proceed. Our response, which has already been issued, makes clear that Google must supply the data to the ICO immediately, so that we can subject it to forensic analysis before deciding on the necessary course of action.

    If the data is so sensitive and worrisome, why doesn't the ICO just insist that it be deleted as agreed upon? If it was ok to delete it earlier, why does it have to be handed over now?

    I'd rather have my data in the hands of Google than in the hands of Google *and* some random regulatory body. Many companies have a hard time certifying data destruction with multiple redundant offsite backups and replication, and data stored in the cloud where they may not even know every place their cloud provider stores it.

    Though really, why is there no outrage about the fact that plaintext email passwords (and credit card numbers or whatever other personal data they are worried about) are even able to be captured with a simple drive-by Wifi scanner? There is no reason why a Wifi router should default to an open unencrypted mode, and even if it does, there is no reason why personal data should be allowed to be sent in the clear. CPU powerh is cheap, SSL should be used to secure *all* sensitive data.

    The fact that Google drove by and captured snippets of data is not the problem... they aren't going to steal your credit card number or hack into your bank account (and there is a good chance that they already host your email) - the problem is when an identify thief does the same thing.

  3. Re:Admitted after being caught by Anonymous Coward · · Score: 5, Insightful

    This is the joke of the thing.

    "Shit, we collected a lot of data that we probably shouldn't have... we better disclose that."

    Headline: Google Secretly Stealing WiFi Information on Millions of People

    "Well, regulators are going to want to look this over now so we better not destroy it."

    Headline: Google Kept Stolen WiFi Data

    "Ok, ze Germans said we're alright and to delete the data"

    Headline: US Authorities Investigating Google For Destruction of Evidence in WiFi Snooping Controversy

    "Shit, someone screwed up and deleted some, but not all of the data. We better disclose."

    Headline: Google Faces New Street View Data Controversy

    Yeah, they shoulda just kept their mouths shut. If someone spilled the beans afterwards, the response would have been, "Yeah we collected stuff by accident, it was never used anywhere, and we destroyed it." Case closed.