Germany fines Google for 'unprecedented' Street View Wi-Fi data breach

Germany fines Google for 'unprecedented' Street View Wi-Fi data breach

Summary: The fine imposed by Germany represents a total of 0.002 percent of Google's $10.7 billion net profit in 2012, and would take mere minutes to claw that back.

SHARE:

Germany's privacy regulator has fined Google €145,000 ($189,000) after the search giant illegally collected private Wi-Fi network data, including usernames, passwords and website results.

screen-shot-2012-04-15-at-011110
(Image: CNET)

It amounts to a minor bluff for Google, but an overall win, as the fine represents about 0.002 percent of its total net profit in 2012.

This is despite it being "one of the biggest data protection rules violations known," according to Hamburg data regulator Johannes Caspar in an emailed statement to Bloomberg, claiming that Google's "internal control mechanisms must have severely failed."

It's the highest fine that Germany could have dished out to any company under German law. A new EU data protection and privacy law would have allowed up to 2 percent of Google's annual turnover to have been collected.

Caspar noted, however, that the fine was "a totally inadequate" deterrent to the company.

Six other EU nations remain entangled with Google over its merged privacy policy, but under EU law a member state can only fine up to €1 million per privacy breach. For a multinational technology giant like Google, this is no worse than a pebble dropping in an ocean.

Between 2008 and 2010, Google's Street View mapping cars captured the data from unsecured home and business Wi-Fi networks, but the case was reopened once criminal prosecutors dropped a case against the search giant.

Google mirrored this behavior around Europe and as far away as the U.S. and Hong Kong, as a result of the built-in software in the Street View cars. 

Earlier this year, Google settled its U.S. Wi-Fi data collection in the U.S. for $7 million. The settlement took Google just two hours to recover from. The $7 million was split between the attorneys general of 38 U.S. states.

According to Google, the data was unintendedly collected, and the company neither wanted it in the first place or "even look[ed] at it," according to Google global privacy chief Peter Fleischer.

Topics: Google, Data Management, Privacy

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

22 comments
Log in or register to join the discussion
  • What did Google Learn?

    Don't publicly disclose when you make mistakes like this. Standard business at most companies but a sad lesson to learn.
    basotl
    • RE: What did Google Learn?

      Its called "Honesty", an attribute that's extremely rare in large corporations these days. That's quite refreshing actually.
      thezorch@...
  • What?

    "For a multinational technology giant like Google, this is no worse than a pebble dropping in an ocean."

    Anybody see the movie, "Idiocracy"?

    Drink Brawndo! It's got electrolytes!
    JohnnyRenoNV
    • My Body . . .

      . . . craves electrolytes!
      Gr8Music
  • no worries

    to be fair though, they didn't track your open wifi maliciously. I guess they thought that no-one would be stupid enough to leave their wifi unsecured and so they'd only detect publicly open ones like in McDs and starbucks. So that all these people are broadcasting their internet use to everyone who cares to listen their own fault (and problem).

    So in this case, I'm fine with this small fine. I'm more concerned about the online advertisers who track your internet usage all the time... but they're ok because they tell you they're tracking you.
    gbjbaanb2
    • That would be nonsense

      Moving Cars don't sniff & record username/ passwords just like that. Great amount of code would have been written & tested to ensure it gathers this data flawlessly. This certainly was no accident. It was clearly intentional, malicious or not is for you to infer.
      mm71
      • Clearly intentional

        Yes, it was intentional. And, IMHO, if someone intentionally steals my data, they are malicious in fact.
        Iman Oldgeek
      • How could it record usernames and passwords

        ...fromopen wifi networks that don't use usernames and passwords?
        radleym
  • Germany fines Google for 'unprecedented' Street View Wi-Fi data breach

    The fine was not nearly high enough and this will allow Google to continue violating people's privacy. Germany should have increased the fine 10 fold so that Google would know not to ever do it again.
    Loverock-Davidson
    • If you want wifi privacy...

      Secure your access points! It isn't hard. If you don't know how, ask somebody.
      In this day and age there is little excuse to have your personal home wifi unsecured. Be thankful that it was google and not some hacker out war driving. In that case, you'd never know until it was WAY TOO LATE!
      JustWow2000
    • check your math...

      10 times 0.002% of profit is still only 0.02% profit - two hundreths of one percent. Is that really significant? Maybe 500 times would be considered significant?
      randysmith@...
  • Killing the goose laying the golden eggs

    Streetview is an asset to every community and country where it is available. It lets tourist decide where to spend money, drivers and walkers spend less time, money, pollution and confusion getting to a destination, and lets the advertising dollars businesses spend on store-fronts get double duty.

    A Streetview car takes 30 seconds driving by a location every two years -- the very localities and countries yelling at Google have video cameras recording every movement 24 by 7 by 365 -- literally a million times(!) more likely to violate privacy. This hypocritical article in what purports to be a technical journal emphasizes how small in relation to Google's profit this is without getting to how stupid the entire concept of making up European fiscal deficits with "fines" on American companies that are really "tribute paid to the emperor".

    People writing for publications such as this should not only know the amazing benefits of StreetView, but the phenomenal idea of geolocation without a GPS. How about if Google charged Germany the millions of Euros the product brings to the country, and then return a portion as a license.

    And the evidence of a single IP address discovered on during the bi-annual drive by or a single password misused? And the assurance that not a single frame of the 24 hour a day video surveillance was misused?
    TomMariner
    • Killing the goose

      Seems to me that the world got along well with maps and tourist guides well before StreetView. The point of the article, however, is not the benefits of Google's map services, but their practice of farming information wherever they are able to find it. They have more "accidental" entries into private information than is reasonable.

      Whether or not a network is open is irrelevant; if I leave my laptop sitting on my front porch while I go in for a drink, does that make it legal to come and strip it of all data? Regardless where data is floating around in the ether, it is unlikely that Google has any legal claim to it.

      I favor fining not the company, but the officers of the company. Larry Page, Sergey Brin, and Eric Schmidt, at the least, should bne fined directly by all parties involved in privacy violations by Google; those are illegal practices decided by board policy. Google's advertising revenue is more of a company policy, so the company should be fined.
      Iman Oldgeek
      • Trespassing vs. passive listening

        > if I leave my laptop sitting on my front porch while I go in for a drink, does that make it legal to come and strip it of all data?

        Transferring data unencrypted over the air is more like standing outside and having a conversation so loud it penetrates into every house and vehicle on the block. By now, most people have learned not to conduct their private business this way...
        Greg Courville
    • What?

      "Streetview is an asset to every community and country where it is available. "

      Sure. Google Street View publishes a photo of my house, including my dog. They publish a photo of my neighbors unloading groceries from their car. They publish a photo of my co-worker's sister and her kids playing on the sidewalk in front of their house.

      A real asset to the community... :rolleyes:

      None of this helps "tourist decide where to spend money, drivers and walkers spend less time, money, pollution and confusion getting to a destination, and lets the advertising dollars businesses spend on store-fronts get double duty."

      "the very localities and countries yelling at Google have video cameras recording every movement 24 by 7 by 365 -- literally a million times(!) more likely to violate privacy. "

      Really? My community doesn't have those.
      bb_apptix
    • 24 by 7 by 365

      "the very localities and countries yelling at Google have video cameras recording every movement 24 by 7 by 365 -- literally a million times(!) more likely to violate privacy."

      Too bad Boston didn't have this; the FBI relied upon spectators and civilians to provide photos.

      news.yahoo.com/runner-spectator-photos-marathon-suspects-014835588.html
      bb_apptix
  • Is it just me

    or would a World Wide ban on sending tech INTO Germany eliminate about 2/3 or the tech lawsuits?
    timspublic1@...
  • Fines need to be serious

    Two hours to recover? Google needs to be fined a month's profits to notice. Until they are, they will pay the parking tickets and move on, laughing. Their corporate attitude with all of the investigations and lawsuits, has been "Go ahead, sue us." Someone needs to stick it to them in a HUGE way. Maybe arresting the directors on violating privacy laws would be a start...their pocketbooks aren't as deep as Google's, and German prisons aren't as posh as their homes.

    Maybe the Germans could resurrect a Stalag for their comfort :D
    Iman Oldgeek
  • Google...

    They captured data and then said they didn't know they were doing it, and they published home user's wireless MAC addresses. They scan your emails for keywords. They log your website visits and send you user-specific ads.

    Meanwhile, people are using Chrome, Android, and Google, as if their life depended on it.
    bb_apptix
    • Oh, Really?

      Then why am I still seeing ads for Progressive, even though I have had a different insurance company for years and have never clicked on a Progressive ad?

      Their scanning is nowhere near the all powerful intrusive entity you portray.
      mejohnsn