UK reopens investigation into Google Street View

British data regulator reopens investigation into Google over disputed Street View program

Associated Press
UK reopens investigation into Google Street View
.

View photo

FILE - In this Aug. 18, 2009 file picture a Google Street View car stands at the company's office in Zurich Switzerland. Switzerland's supreme court has ruled that Google doesn't need to be perfect when it comes to privacy. The Internet giant has won a partial repeal of a lower court decision that required the company to guarantee absolute anonymity for people pictured in its popular Street View service. It must be accepted that up to a maximum of 1 percent of the images uploaded are insufficiently anonymized," the Swiss Federal Tribunal said in a statement Friday June 8, 2012. (AP Photo/Keystone//Walter Bieri )

LONDON (AP) -- Britain's data regulator has reopened its investigation into Google's Street View, saying that an inquiry by authorities in the United States raised new doubts about the disputed program.

Steve Eckersley, enforcement chief of the British Information Commissioner's Office, said Google Inc. had questions to answer about Street View, an attention-grabbing project which sent camera-toting vehicles across the globe to create three-dimensional maps of the world's highways and byways.

But the cars weren't just taking pictures: They were scooping up passwords, web addresses, emails, and other sensitive data transmitted over unsecured wireless networks.

There was outrage on both sides of the Atlantic when the data-slurping was exposed in early 2010, and the U.K. Information Commissioner's Office was one of several European agencies which investigated Street View in the aftermath of the scandal. But in November of that year, the ICO gave Google a mere slap on the wrist, saying that while Google had violated British data protection laws it would escape any fines so long as it pledged not to do it again.

At the time, Google insisted that the breach was an accident.

"We did not want this data, have never used any of it on our products and services, and have sought to delete it as quickly as possible," the company claimed in 2010.

Evidence made public earlier this year by the Federal Communications Commission has since punctured Google's "oops-I-took-your-data" defense.

In an April 13 report, the FCC found that Google's data collection was the deliberate work of a Google engineer and that his Street View colleagues had been briefed on his activities. The report also noted that investigators in France, Canada and The Netherlands found that Google intercepted complete email messages, instant message conversations, video, audio, medical and legal information, and data related to dating or pornographic websites.

In a letter to Google executive Alan Eustace dated Monday and posted to the ICO website, Eckersley said that the FCC report flatly contradicted what the Mountain View, California-based company had told his office at the time of its investigation.

"We were specifically told by Google that it was a simple mistake," the letter read. "If the data was collected deliberately, then it is clear that this is a different situation than was reported to us in April 2010."

Eckersley said the ICO was reopening its investigation, demanding copies of the Google's original software design document, internal company memos, and a "substantial explanation" of why Google hadn't provided more information earlier.

"I would be grateful if you could provide a prompt response," the letter said.

Google struck a relaxed note in a written statement emailed to reporters.

"We're happy to answer the ICO's questions," the statement said, noting that Google's project leaders "never even looked" at the captured data.

Nick Pickles, who directs the privacy group Big Brother Watch, welcomed the new investigation, urging authorities "to get to the bottom of just how many British people's privacy was trampled on by Google."

The ICO has the power to impose fines of up to 500,000 pounds (roughly $780,000) for the most serious data breaches, although penalties are generally far less severe and can involve injunctions or reprimands.

Rates

View Comments (0)