Our Terms of Service and Privacy Policy have changed.

By continuing to use this site, you are agreeing to the new Privacy Policy and Terms of Service.

Google mistakenly collected WiFi data

By Ben Rooney, staff reporter


NEW YORK (CNNMoney.com) -- Google disclosed Friday that its Street View cars had mistakenly collected data about the Web sites users were visiting on open wireless Internet networks.

Alan Eustace, a senior executive in Google's engineering and research department, apologized for the mistake in a blog post and said the company is working with regulators to dispose of the data.

"We are profoundly sorry for this error and are determined to learn all the lessons we can from our mistake," Eustace wrote.

He said the company has stopped its Street View cars, which are used to gather information for Google's mapping service, from collecting WiFi data entirely.

Eustace also stressed that the data was only collected from networks that were not password protected, and that it was never used "in any Google products."

While the data were collected from networks that were not password-protected, Google would not have been able to access any encrypted data, such as bank account information, the company said.

Google (GOOG, Fortune 500) had previously said that its Street View cars only collected information that is publicly broadcast on WiFi networks, such as network names and router numbers. At the time, however, the company said the cars did not collect "payload data" sent over the network, which could include what Web sites people are visiting.

That disclosure, in a blog post on April 27, was in response to an inquiry from the German data protection authority.

On Friday, Google said the request from a German authority had prompted the company to conduct an internal investigation of "everything we have been collecting," according to Eustace.

"It's now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) WiFi networks," he said in his post.

The mistake stemmed from an experimental piece of software code, which sampled all categories of publicly broadcast WiFi data, that was inadvertently included in a program the cars began using in 2007 to collect other wireless data.

Eustace said "only fragments" of data were collected by the cars, which use equipment that automatically changes channels about five times a second.

Danny Sullivan, editor of industry blog Search Engine Land, said the cars would have only detected "snippets" of information, and that encrypted data would not have been compromised.

"There could be some incredibly sensitive data in there, and there could be some that means very little," he said.

Sullivan said he was not surprised that Google could have made such a mistake. "But it doesn't make it any more acceptable," he said, adding that the disclosure comes at an inopportune time for the company.

"This is a really bad thing for them to have happen right now," he said. "They're already under fire on privacy because of the way they rolled out Google Buzz."

In February, Google modified a feature on its new social network service that automatically made people's private contacts public, after an uproar over the privacy breach. To top of page

Search for Jobs

Index Last Change % Change
Dow 19,170.42 -21.51 -0.11%
Nasdaq 5,255.65 4.55 0.09%
S&P 500 2,191.95 0.87 0.04%
Treasuries 2.39 -0.05 -2.09%
Data as of 11:51pm ET
Company Price Change % Change
Bank of America Corp... 21.23 -0.27 -1.26%
Chesapeake Energy Co... 7.23 0.18 2.55%
Ford Motor Co 12.24 -0.19 -1.53%
Freeport-McMoRan Inc... 15.42 0.39 2.59%
Cisco Systems Inc 29.25 -0.20 -0.68%
Data as of Dec 2
Sponsors

Sections

Increased health coverage through Obamacare and greater use of health care services accounted for the nearly 6% rise of national health spending in 2015, which approached $10,000 per person. More

Facebook admits it messed up more ad metrics than previously thought, potentially eroding its trust and relationship with marketers and publishers. More