Google's mistake leads to a lot of collected Wi-Fi payload data via Street View

Google's mistake leads to a lot of collected Wi-Fi payload data via Street View

Summary: A mistake by an engineer caused Google to inadvertently collect Wi-Fi payload data via its Street View cars. An audit turned up the problem.

SHARE:

Google said Friday that an audit showed that it was collecting Wi-Fi data, including sites consumers visited, from its Street View cars that compile data for Google Maps and other services. In a blog post, Google said that the data protection authority (DPA) in Hamburg, Germany asked for the audit. Since the request, Google looked at all the data it was collecting. Google initially said that it collected public SSID data and MAC addresses but didn't grab information sent over a network. However, Google realized it was collecting payload data even though it never used it in a product.

Usually, Google only got fragments of payload data---sites you visit and other items---because Street View cars were on the move.

Add it up and it's a big mistake:

In 2006 an engineer working on an experimental Wi-Fi project wrote a piece of code that sampled all categories of publicly broadcast Wi-Fi data. A year later, when our mobile team started a project to collect basic Wi-Fi network data like SSID information and MAC addresses using Google’s Street View cars, they included that code in their software—although the project leaders did not want, and had no intention of using, payload data.

As soon as we became aware of this problem, we grounded our Street View cars and segregated the data on our network, which we then disconnected to make it inaccessible. We want to delete this data as soon as possible, and are currently reaching out to regulators in the relevant countries about how to quickly dispose of it.

Oops.

Topics: Mobility, Google, Networking, Wi-Fi

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

36 comments
Log in or register to join the discussion
  • In other words, they got caught

    so it suddenly becomes "a mistake that they'll rectify".

    Germany asked, so now they have to get rid of it all before anyone else asks.
    AllKnowingAllSeeing
    • RE: Google's mistake leads to a lot of collected Wi-Fi payload data via Street View

      oh well...
      devalias88
  • Wifi

    Had no idea they were doing more than taking photos.
    Now I am glad they missed my street.
    MoeFugger
  • "Do no evil"

    But if you do, call it an accident.

    Where's Garrett Rogers on this one?
    hickum
  • Something tells me

    They're only doing this cause they got caught, and that they know they were doing it.
    The one and only, Cylon Centurion
    • RE: Google's mistake leads to a lot of collected Wi-Fi payload data via Street View

      I think they could have easily obscured data from external auditors and that this type of discovery is the whole point of an audit.
      trophygeek
    • RE: Google's mistake leads to a lot of collected Wi-Fi payload data via Street View

      @NStalnecker <br>First of all rate of entropy is directly proportional to the company size. Applies universally.<br>And then - they collected some unencrypted traffic on the street. So what? It is like picking through garbage left at the curb. Whatever leaves your residence/business and ends up floating down the street is a fair game. And they did not use taxpayers $$ to finance it. NBD.
      maxtov
  • RE: Google's mistake leads to a lot of collected Wi-Fi payload data via Street View

    So some foolish people's Wi-Fi was left unsecured, Google came along and took a snapshot of the connection details and some user data.
    Instead of covering up, obfuscating, denying, and all the tricks that other companies get up to when caught in the wrong, Google fest-up and attempts to rectify the wrong.
    We all know other companies that would have acted much differently.
    Agnostic_OS
    • Really? Odd that it took the German inquireries to

      make Google admit that they were collectingf data, and will now "do something about it".

      BTW: How many other companies were logging this information?
      AllKnowingAllSeeing
    • Irrelevant

      @Agnostic_OS

      Unsecured and foolish or not this is unacceptable.

      Google claims it was inadvertent. They had the hardware and the software running to do this and it was inadvertent?

      Google has just shot themselves in the foot. Unfortunately Ballmer probably has a huge smile on his face and the MS friendly press will ride this story for as long as they can.

      Google has left no doubt that they can't be trusted.

      New, more aggressive privacy protections are sorely needed here in the US.
      Tim Patterson
    • RE: Google's mistake leads to a lot of collected Wi-Fi payload data via Street View

      @Agnostic_OS Google fested up about what? They got caught. And then they attempted all the things that you said other company's do.

      Also, what attempts did they make to rectify the issue? Did they reimburse the affected people? They didn't do anything beyond trying to protect themselves.
      Yax_to_the_Max
    • RE: Google's mistake leads to a lot of collected Wi-Fi payload data via Street View

      @Agnostic_OS
      No, Google collected secure and insecure network data and they said they were not doing so. But the Germany authorities knew better and requested an audit. Google knew they were caught and quickly owned up to it being a mistake. So, no audit, no own up. No audit, no mistake. Yes, sounds like Google is just as bad as the rest, or even worst.
      eargasm
    • RE: Google's mistake leads to a lot of collected Wi-Fi payload data via Street View

      @Agnostic_OS Confessed=to admit wrong-doing. Slang= fessed-up, not fest-up
      rle11wb
    • RE: Google's mistake leads to a lot of collected Wi-Fi payload data via Street View

      @Agnostic_OS

      Yes, bring other companies into the mix, that will make it all better, even though Google didn't act all that much differently. Google didn't exactly fess up. First it was "we only collected SSIDs and MAC addresses", then it became "oops, it appears we actually did collect payload info, but it's OK, we deleted it (well, most of it, but we'll get around to the rest of it someday". And now it's "Look, it's all better. You can opt out, just muck up your cool SSID with our naming convention, then go to every device you own and edit your WiFi profile."

      And it doesn't appear that they've taken any measures to actually notify any of the actual owners of these WiFi networks, so apparently these people also have to read the right tech blogs and news sites to even know their data was harvested, let alone that there's a way they can opt out.
      TroyMcClure
  • You want to delete the data?

    "We want to delete this data as soon as possible, and are currently reaching out to regulators in the relevant countries about how to quickly dispose of it."
    Why the heck don't you just delete it then. Why wait to "reach out to regulators"?
    In spite of what they are telling us, it wasn't an accident. Did you think a street view car only has a camera? Why would it need a wifi receiver and a means of storing the intercepted wifi data if that wasn't their goal to begin with?
    Im just saying.....
    wcallahan1
  • They don't know how to delete data??

    "We want to delete this data as soon as possible, and are currently reaching out to regulators in the relevant countries about how to quickly dispose of it."

    For all it's technological might. It seems that Google does not know how to delete data.

    C'mon, it's not toxic waste! Just delete the data and scrub the HDDs.

    According to them the data is already quaranteened.
    rarsa
    • They probably can't

      @rarsa You don't delete evidence in an ongoing investigation otherwise you are accused to destroying evidence and covering it up. You can delete it only once.
      LarsDennert
      • RE: Google's mistake leads to a lot of collected Wi-Fi payload data via Street View

        @LarsDennert My thoughts exactly. You would have to be a complete moron to try and delete evidence during an investigation.<br><br>I have to say for a tech blog some of the posters here sure seem stupid!
        shadowscrawl
  • RE: Google's mistake leads to a lot of collected Wi-Fi payload data via Street View

    Read the blog post linked in the article, the reason they are reaching out to regulators to delete the data is so a third party has their hands on the deletion process. Primarily so that everyone doesn't freak out and claim google didn't delete anything at all.
    gantoris
  • They ADMITTED they did not know?????

    They actually ADMITTED that they didn't know??? The only thing scarier than them actually DOING it, is thinking we're STUPID enough to believe it was an accident!!! Admitting that they "didn't know" says volumes about either their integrity or their competence!! Good-Bye Mr. Google!
    catbirdee