Google Street View Battle Continues with FTC Letter

Google's privacy troubles continued on May 19, with two U.S. representatives apparently asking the Federal Trade Commission (FTC) in a letter if Google violated laws when it accidentally collected data from unsecured WiFi networks while photographing streets around the world for its Street View application. Meanwhile, officials in Germany, Spain and Italy indicated that they will begin an investigation into Google's collection of user data, which totals more than 600GB. The data could potentially consist of anything from e-mails to passwords to images.

Google could find recent concerns about its privacy controls multiplying, after two U.S. representatives asked the Federal Trade Commission in a letter if Google violated laws when it accidentally collected citizens' data from WiFi networks while photographing roads for its Street View application.

According to the letter, which can be found here, Joe Barton, R-Texas, and Edward Markey, D-Mass., asked the FTC chairman if the agency was "investigating this matter." Google claims that its Street View cars' collecting of private wireless data was an unintentional error. They also wanted the FTC to update them on the data's collection and storage, and if doing so violated citizens' privacy.

"Do Google's data protection practices with respect to Wi-Fi networks violate the public's reasonable expectation of privacy? Did Google collect passwords associated with Internet usage by customers?" asks one of the letter's five multipart questions.

The lawmakers apparently want a response from the FTC by June 2.

In addition to the FTC, the Department of Justice is also apparently interested in the matter. Google first confessed on May 14 that its Street View cars had inadvertently obtained more than 600GB of "payload data" from unsecured WiFi networks, in the course of driving around and photographing local terrain around the world. That data could consist of anything from e-mails to passwords to more personal information.

Google's issues continued on the other side of the Atlantic, with European regulators loudly protesting the inadvertent collection.

Viviane Reding, justice commissioner for the European Union in Brussels, wrote in a statement sent to eWEEK May 18 that it "is not acceptable that a company operating in the EU does not respect EU rules." Reding also said that the processing of personal data by Google Street View apparently falls under the umbrella of the EU's Data Protection Directive 95/46/EC and is therefore subject to its provisions.

Google has taken steps to extinguish this particular public-relations fire, although it declined to break down for eWEEK how exactly it intends to counter the most recent threats of regulatory action.

"We don't have anything to add beyond what we've said in our blog post [of May 14]," a company spokesperson said. "We're continuing to have discussions with the relevant authorities."

In Ireland, at least, four hard drives hosting payload data were apparently destroyed.

"We can confirm that all data identified as being from Ireland was deleted over the weekend in the presence of an independent third party," Alan Eustace, senior vice president of engineering and research at Google, wrote in a May 17 update to the original May 14 posting on the Official Google Blog. "We are reaching out to Data Protection Authorities in the other relevant countries about how to dispose of the remaining data as quickly as possible."

Whether those steps will be enough to cool those relevant countries' ire is another question entirely. According to a May 19 article in The Wall Street Journal, agencies in Germany, Span and Italy announced that they will begin investigating Google and the Street View service.