Google says it accidentally collected personal data through StreetView cars

Google admitted that it had mistakenly been collecting data from non-password protected wireless networks through its StreetView cars today.

The revelation came after German data protection authorities asked to audit WiFi data collected by the cars nine days ago.

The request “prompted us to re-examine everything we have been collecting, and during our review we discovered that a statement made in a blog post on April 27 was incorrect,” said Alan Eustace, the company’s senior vice president of engineering and research. “It’s now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) WiFi networks, even though we never used that data in any Google products.”

Eustace said it was a mistake. Four years ago, an engineer working on an experimental WiFi project wrote code that sampled publicly broadcast WiFi data. That code was included in software used by Google Street View cars a year later. Eustace said the company only had fragments of payload data since the cars were always on the move and switching from WiFi network to WiFi network.

He said the company grounded all Street Views cars, segregated the data and plan to delete it as soon as possible. In addition, the company will ask a third party to review the software and internal procedures and will stop Street View cars from collecting WiFi data altogether.

“The engineering team at Google works hard to earn your trust—and we are acutely aware that we failed badly here,” he said. “We are profoundly sorry for this error and are determined to learn all the lessons we can from our mistake.”