Google, feeling lucky, tells German privacy czar to wait

By Shelley DuBois, reporter


FORTUNE -- Yesterday, Google dropped the ball on a deadline to turn over a hard drive full of illegally collected data to the German government. The misstep, it's fair to say, makes Google watchers wonder: does the Internet giant answer to anyone?

The company is facing criminal charges from Germany related to its Google map feature, Street View. Street View shows 360 degree images of locations all over the globe. To get these images, Google deploys vans, cars and kooky tricycles equipped with cameras and GPS receivers, to collect photos of as many places as possible. Turns out, besides taking snapshots of the local biergarden in Germany, Google's vehicles were also mapping and enumerating the locations of open Wi-Fi networks.

google_screen.03.jpg

Google (GOOG, Fortune 500) had until yesterday to turn over the hard-drive with the data from the stolen Wi-Fi, and they didn't. In a statement, Google said:

"Since our announcement two weeks ago that we had mistakenly been collecting Wi-FI payload data, we've been working hard to address the concerns of data protection authorities around the world. The data protection authority in Hamburg has made a number of requests -- including to be given access to an original hard-drive containing the payload data, and to a Street View car.

"We want to cooperate with these requests -- indeed we have already given him access to a car -- but as granting access to payload data creates legal challenges in Germany which we need to review we are continuing to discuss the appropriate legal and logistical process for making the data available. We hope, given more time, to be able to resolve this difficult issue."

If Germany decides to prosecute, they've got pretty robust data privacy laws in place, unlike those of the United States. So, who's on Google watch?

The privacy patchwork

In Germany, it's illegal to collect and store information about the location of people's wireless hubs without their knowledge. Google has admitted it did just that. There aren't rules against that in the United States, but there are rules against collecting transmissions over wireless hubs. That's something Google also did in Germany, and that sounds a lot like wiretapping.

Mark Rotenberg, the Executive Director of the Electronic Privacy Information Center says that he and colleagues are working on a letter to send to the chairman of the Federal Trade Commission, because "there is a good case that Google violated U.S. federal wiretap laws."

They didn't mean to, apparently. "I don't think there's any reason to doubt that it was a mistake," says Jennifer Granick, the Civil Liberties Director of the Electronic Frontier Foundation. At the beginning of May, Germany asked Google they were illegally downloading data from Wi-Fi networks, and Google denied it. It would be easy to catch them if they had been deceiving people about their intent, Granick says, and "they're not that dumb."

The Google excuse: they didn't know they were doing it wrong

Google co-founder Sergey Brin has publicly apologized, and the company has compiled a hard drive of the illegally downloaded data. They say they're ready to delete it as soon as governments from various countries give the green light. Google claims to have gotten the information from Wi-Fi networks because of a coding error. They say they didn't even know about it until a German law student filed a complaint.

"It's just unbelievable to me that they would say that," says Rotenberg. Unlike Granick, he thinks that the data that Google was collecting was too valuable, and there was too much of it to just be a coding problem with some of the software in the data collection vehicles.

Other mapping companies use similar camera-strapped-to-a-car technology. A company called Navteq, for example, provides location data for Garmin, Yahoo! and AOL/Mapquest, among many others. Navteq sends people out in cars equipped with multi-view cameras and a GPS receiver, like the Google cars. A Navteq spokesperson told Fortune, "we can't comment on others, but NAVTEQ has not collected any Wi-Fi data."

Privacy: Is Europe stringent, or is the US lax?

Now, countries in Europe besides Germany are starting to get their hackles up. Spain, France and the Czech Republic are looking into allegations against Google. All of these countries have government-backed data protection agencies, and are tougher on Internet privacy issues than the United States. "I'm not sure if Europe is particularly stringent or the US is particularly lax," says Rotenberg.

He believes that Germany's Data Protection Agency helped the country flag this issue. "We have laws in the US that limit this activity. They may be different than the laws in Germany, but they are enforced in Germany." Rotenberg would like to see the US set up a similar agency.

"There's not a lot that individual consumers can do when Google's going through the neighborhood and scarfing down their Wi-Fi."

But that's Google's problem, not the government's according to Granick. "I think they do have to make a structural change," she says. "They're in the business of collecting and monetizing people's data. They need to make people feel comfortable."

Unenforced, but important privacy rule: don't jack Wi-Fi

Government regulation designed for a Google-sized company isn't the answer, she claims. That would limit creative software development by small companies who wouldn't have the resources to meet or even know about strict rules, she says.

But clarifying the 2006 Computer Fraud and Abuse Act could help.The law against Google's actions could already exist within it, just in an unenumerated fashion. The act says, in a nutshell, that you shouldn't jack other people's Wi-Fi, but of course everybody does. "There haven't been many prosecutions [related] to open wireless networks because that's how people kind of get online," says Rotenberg.

In the meantime, Granick says citizens everywhere concerned about Internet privacy should look out for themselves, and lock it down. "You have to encrypt. People who have open Wi-Fi can't count on the law to protect their security." To top of page

Frontline troops push for solar energy
The U.S. Marines are testing renewable energy technologies like solar to reduce costs and casualties associated with fossil fuels. Play
25 Best Places to find rich singles
Looking for Mr. or Ms. Moneybags? Hunt down the perfect mate in these wealthy cities, which are brimming with unattached professionals. More
Fun festivals: Twins to mustard to pirates!
You'll see double in Twinsburg, Ohio, and Ketchup lovers should beware in Middleton, WI. Here's some of the best and strangest town festivals. Play
Company Price Change % Change
Bank of America Corp... 16.15 0.00 0.00%
Facebook Inc 58.94 0.00 0.00%
General Electric Co 26.56 0.00 0.00%
Cisco Systems Inc 23.19 -0.02 -0.09%
Micron Technology In... 23.91 0.00 0.00%
Data as of Apr 17
Index Last Change % Change
Dow 16,408.54 -16.31 -0.10%
Nasdaq 4,095.52 9.29 0.23%
S&P 500 1,864.85 2.54 0.14%
Treasuries 2.72 0.08 3.19%
Data as of 12:55pm ET
Sponsors

Sections

GM won't have to tell customers to keep their recalled cars parked until fixed, after a federal judge denied emergency motion Thursday. More

Obamacare sign ups hit 8 million, though final enrollment remains to be seen. More

Office for iPad move is a symbolic victory for Nadella's Microsoft, but the company is still weighed down by many of the same old issues. More

Schwinn, Trek and Cannondale are all iconic American bicycle brands. But none of them are made in the United States. More

As Detroit moves closer to reaching a bankruptcy deal, retired civilian workers are poised to be left worse off than firemen and police officers. More

Market indexes are shown in real time, except for the DJIA, which is delayed by two minutes. All times are ET. Disclaimer LIBOR Warning: Neither BBA Enterprises Limited, nor the BBA LIBOR Contributor Banks, nor Reuters, can be held liable for any irregularity or inaccuracy of BBA LIBOR. Disclaimer. Morningstar: © 2014 Morningstar, Inc. All Rights Reserved. Disclaimer The Dow Jones IndexesSM are proprietary to and distributed by Dow Jones & Company, Inc. and have been licensed for use. All content of the Dow Jones IndexesSM © 2014 is proprietary to Dow Jones & Company, Inc. Chicago Mercantile Association. The market data is the property of Chicago Mercantile Exchange Inc. and its licensors. All rights reserved. FactSet Research Systems Inc. 2014. All rights reserved. Most stock quote data provided by BATS.