Google explains why Street View cars record Wi-Fi data

Google explains why Street View cars record Wi-Fi data

Summary: In a letter to data protection authorities across Europe, Google said it needs to record houses' Wi-Fi data to help it provide location-based services

SHARE:
TOPICS: Mobility, Apps
4

Google has sent an explanatory letter to the UK's privacy watchdog after it emerged that the company had sniffed and logged the Wi-Fi addresses of citizens across the country.

The letter was sent to the Information Commissioner's Office (ICO) and other data protection authorities across Europe on Tuesday.

Last week, German data protection commissioner Peter Schaar expressed dismay at the news that Google's Street View cars had been registering Wi-Fi data from people's routers as the cars drove around taking photographs for Google Maps. The cars collected media access control (MAC) addresses and service set identifiers (SSIDs). Subsequently, Google said it was doing the same thing in the UK, prompting the ICO to seek an explanation.

"The data which we collect is used to provide location-based services within Google products and to users of the Geolocation API," Raphael Leiteritz, Google product manager, wrote in the letter. "For example, users of Google Maps for Mobile can turn on 'My Location' to identify their approximate location based on cell towers and Wi-Fi access points which are visible to their device."

The company said the Wi-Fi data could help provide location-based services to people whose phones do not have GPS, for example.

According to the letter, Google uses two pieces of the data collected during the driving operation: the MAC address of each access point and the GPS co-ordinates of the vehicle at the point at which the access point was visible.

When someone uses a location-based service based on Google's database, the company explained, the user's device "sends a request to the Google location server with a list of MAC addresses which are currently visible to the device". The server then correlates the addresses with those on its own list, returning latitude and longitude co-ordinates that are used to calculate the user's approximate location.

On Tuesday, Google privacy chief Peter Fleischer wrote a blog post suggesting that Google had "talked about the collection of Wi-Fi data a number of times before". In this phrase, he linked through to two earlier Google blogs, both of which referred to Google's geolocation services, but neither of which referred to Wi-Fi data.

"[Street View cars] collect the following information — photos, local Wi-Fi network data and 3-D building imagery," Fleischer wrote. "This information enables us to build new services and improve existing ones. Many other companies have been collecting data just like this for as long as, if not longer, than Google."

Fleischer said the geolocation firm Skyhook already collected Wi-Fi network data globally. He said collecting MAC addresses and SSIDs did not let Google identify an individual, and the company did not collect any information about householders.

Google did not inform data protection authorities of its Wi-Fi data collection programme, Fleischer said, because "it was unrelated to Street View" and such data was already "accessible to any Wi-Fi-enabled device". He added Google does not publicly disclose MAC addresses from its database.

In its explanatory letter to data protection authorities, Google stressed that it "never collects the content of any communications" from people's Wi-Fi transmissions. "In addition, the operator of the access point can choose to restrict the SSID from broadcast, and in many cases this will mean that the SSID is not received," the company wrote.

Topics: Mobility, Apps

David Meyer

About David Meyer

David Meyer is a freelance technology journalist. He fell into journalism when he realised his musical career wouldn't pay the bills. David's main focus is on communications, as well as internet technologies, regulation and mobile devices.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

4 comments
Log in or register to join the discussion
  • "In addition, the operator of the access point can choose to restrict the SSID from broadcast, and in many cases this will mean that the SSID is not received," the company wrote.

    In most cases - but not all cases, which is it in Googles case?
    TThum
  • Here here!
    Nobody should be allowed to collect the volume of intelligence data that Google does.
    ginkson
  • The likely reason google is collecting the data is likely that using that method (which many PCs can do) subverts the hidding of the SSID. Hiding the SSID only hides it from nice people with no IT knowledge.

    I hope that this does not result in a lot more people hiding their ssid since that will result merely in it being much more difficult to arrange the choice of appropriate radio channels. This can result in unwanted interference.

    There is also the possibility that information like computernames have been harvested from a large number of users. Windows PCs broadcast their name quite frequently over connected networks. I have chose my computer name to be meaningless. Using securely encrypted wireless of course solves that problem. WPA with full lenght key or WPA2 seem to be OK.

    Very ocassionally of course they may have bumped into something juicy like an email login. Give the scope of the project they must have quite a few.

    I wonder if this is the reason that they have street-viewed the whole of the UK. Has it been funded out of the likely earnings from the wireless data? I notice that they haven't done a comprehensive street view of the USA yet. I wonder if the collection of wireless data there is illegal?

    Is it legal here? Misuse of computer act is pretty broad. Have they misused my computer?

    Why not extradite the google board and find out? Just a long friendly chat.
    Jimjim247
  • Well looks like google are pretty shaken by it, going by how they started to flap towards the end of that story.
    CA-aba1d