The choppy waters around Google’s “WiSpy” accident aren’t getting any smoother, as regulators in Germany and Hong Kong are objecting to Google’s refusal to let them look at personal information the search engine accidentally collected from unsecured WiFi networks.
Google earlier in May admitted its Street View cars, which take pictures for Google Maps, had accidentally collected fragments of 600GB of e-mails, passwords and information about Web browsing habits from users all over the world.
Google has deleted this data in Ireland, Denmark and Austria, but has yet to delete the data in the United States, Germany, Hong Kong, Spain or France. These are just a handful of the 33 areas where Google’s computers grabbed this so-called payload data from 2007 until 2010.
Germany and Hong Kong have asked to inspect the information Google collected from the Street View cars.
Johannes Caspar, the Hamburg data protection supervisor, gave Google until May 26 to turn over the hard drive containing the payload data Google collected in Germany, and to be given access to a Street View car.
Caspar said he would consider fining Google for failing to fulfill his requests.
However, prosecutors in Germany face an obstacle in pressing any charges because the country has no corporate criminal liability laws. Prosecutors would have to instead prove that Google Street View workers deliberately broke wire-tapping laws.
A Google spokesperson told eWEEK May 27 the company could not meet Caspar’s request to see the information due to Germany’s own privacy laws.
“We want to cooperate with these requests-indeed, we have already given him access to a car-but as granting access to payload data creates legal challenges in Germany which we need to review, we are continuing to discuss the appropriate legal and logistical process for making the data available. We hope, given more time, to be able to resolve this difficult issue.”
The situation is a bit different in Hong Kong, where Privacy Commissioner Roderick Woo threatened to sanction Google after the company did not respond to his request to see the data it had collected in Hong Kong.
Woo told the New York Times that Google did not meet his May 24 deadline to give him the information he requested. He threatened to “resort to a more assertive action,” which, while vague, likely means a fine of some kind.
However, the Google spokesperson told eWEEK the company has since “been in touch with the privacy commissioner and responded to his questions earlier this week.”
Cries of discontent over this flouting of user privacy are no quieter in the United States, where Federal Trade Commission Chairman Jon Leibowitz told Congress that his group would investigate the incident.
Reps. Joe Barton, Henry Waxman and Edward Markey wrote a May 26 letter to Google CEO Eric Schmidt saying they wanted to know how much personal data the company gathered from what has become known in some quarters as the WiSpy incident.
Even if Google manages to avoid legal prosecution in the United States and abroad over this matter, the incident is another black eye for a company that has already suffered a major privacy debacle in 2010.
Days after launching Google Buzz in February, the company was bombarded by complaints that the service exposed users’ contacts to anyone using Google. The search engine has backtracked since then, adding more privacy controls to Buzz.