Connecticut AG Blumenthal Probes Google over WiFi Privacy Gaffe

By Clint Boulton  |  Posted 2010-06-21

Connecticut State Attorney General Richard Blumenthal said June 21 that his office will lead a multistate investigation into Google's accidental collection of data from unsecure wireless networks.

In the latest in a series of actions against the company for accidentally sucking up users' e-mails, passwords and Web browsing data, Blumenthal will lead the charge for as many as 30 states. Blumenthal also wants more information from Google about what data it collected and how this happened.

"Street View cannot mean Complete View-invading home and business computer networks and vacuuming up personal information and communications," Blumenthal said in a statement June 21. "Consumers have a right and a need to know what personal information ... Google may have collected, how and why.

"Our investigation will consider whether laws may have been broken and whether changes to state and federal statutes may be necessary."

Google admitted May 14 that its Street View cars had stored 600GB of WiFi network payload data for the last three years in more than 30 countries and regions all over the world.

The data storage happened as the result of rogue code a Google programmer placed on the company's servers, and Google has been working with affected countries to delete the data or at least disclose what data was collected in each region.

Blumenthal and his counterparts in more than 30 states convened via conference call June 10 to discuss whether or not to pool their resources to investigate Google. They wondered whether Google broke U.S. laws by collecting data from WiFi networks.

Google said in a letter to U.S. representatives June 9 that it did not use any of the data it collected and broke no laws. A Google spokesperson reiterated that position to eWEEK June 21.

"It was a mistake for us to include code in our software that collected payload data, but we believe we did nothing illegal. We're working with the relevant authorities to answer their questions and concerns."

Blumenthal, who has naturally taken a strong interest into what kind of data was collected in his home state of Connecticut and in what towns, said that while he hopes Google continues to cooperate, its answers to his questions raised "as many questions as it answers."

He called for the company to provide a comprehensive explanation of how this data collection happened, why the information was kept and what action will prevent a recurrence.

"Google needs to describe how code that intercepted and collected unencrypted data transmitted over WiFi networks was inserted into its software," Blumenthal said. "We want to know who did this, why and how and when Google discovered it. Another concern is whether the data was accessed in any way by Google and if so when and why."

Google, which has a third-party consultant investigating the code used to collect the data in the country, is under fire from data privacy authorities in Germany, Spain and France.

Rocket Fuel