NEW YORK (CNNMoney.com) -- Google disclosed Friday that its Street View cars had mistakenly collected data about the Web sites users were visiting on open wireless Internet networks.
Alan Eustace, a senior executive in Google's engineering and research department, apologized for the mistake in a blog post and said the company is working with regulators to dispose of the data.
"We are profoundly sorry for this error and are determined to learn all the lessons we can from our mistake," Eustace wrote.
He said the company has stopped its Street View cars, which are used to gather information for Google's mapping service, from collecting WiFi data entirely.
Eustace also stressed that the data was only collected from networks that were not password protected, and that it was never used "in any Google products."
While the data were collected from networks that were not password-protected, Google would not have been able to access any encrypted data, such as bank account information, the company said.
Google (GOOG, Fortune 500) had previously said that its Street View cars only collected information that is publicly broadcast on WiFi networks, such as network names and router numbers. At the time, however, the company said the cars did not collect "payload data" sent over the network, which could include what Web sites people are visiting.
That disclosure, in a blog post on April 27, was in response to an inquiry from the German data protection authority.
On Friday, Google said the request from a German authority had prompted the company to conduct an internal investigation of "everything we have been collecting," according to Eustace.
"It's now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) WiFi networks," he said in his post.
The mistake stemmed from an experimental piece of software code, which sampled all categories of publicly broadcast WiFi data, that was inadvertently included in a program the cars began using in 2007 to collect other wireless data.
Eustace said "only fragments" of data were collected by the cars, which use equipment that automatically changes channels about five times a second.
Danny Sullivan, editor of industry blog Search Engine Land, said the cars would have only detected "snippets" of information, and that encrypted data would not have been compromised.
"There could be some incredibly sensitive data in there, and there could be some that means very little," he said.
Sullivan said he was not surprised that Google could have made such a mistake. "But it doesn't make it any more acceptable," he said, adding that the disclosure comes at an inopportune time for the company.
"This is a really bad thing for them to have happen right now," he said. "They're already under fire on privacy because of the way they rolled out Google Buzz."
In February, Google modified a feature on its new social network service that automatically made people's private contacts public, after an uproar over the privacy breach.
Musk is a long-term thinker in a short-term world, but his runway is running out. More
Producer and consumers may disagree. But analysts say the oil price was near perfect earlier this year. More
Cell phone location data aggregator, LocationSmart, said it has taken a demo feature offline after cybersecurity experts revealed it could be exploited to find location data for millions of cellphones. More
In 1998, Ntsiki Biyela won a scholarship to study wine making. Now she's about to launch her own brand. More