Google faces further UK probe for Street View Wi-Fi data collection

The UK's data protection agency ruled in 2010 that Google did not breach UK data laws. But an FCC report may force the UK regulator into reinvestigating the search company.

The Information Commissioner's Office (ICO), the UK's data protection agency, may reinvestigate Google in light of a U.S. regulator's report.

Despite closing its case against Google a year ago, the search giant may face further scrutiny in the UK after a Federal Communications Commission (FCC) report showed Google employees were aware that the Street View program was collecting Wi-Fi payload data from unencrypted wireless networks.

A spokesperson said the ICO would examine the FCC's heavily redacted report, and consider whether any further action should be taken.

Google released the FCC's report in a vastly unredacted form, only blacking out personally identifiable information, such as employee names.

If Google is found to have deliberately collected the data, rather than unintentionally, it could result in the search giant falling foul of the UK's wiretap and surveillance law, the Regulation of Investigatory Powers Act (RIPA).

RIPA is often used by UK police and intelligence services to acquire citizen data with or without court order, depending on the level of 'intrusion'.

In 2010 the ICO, under the impression that data was only being viewed or "sniffed", found Google was not in breach of the UK's Data Protection Act, which stems from a wider European directive on data protection.

They said it was "wrong," but not illegal.

But the ICO's counterparts in Canada found Google had violated its laws after it was found to have collected Wi-Fi data, and the ICO soon came under fire for its hasty judgement. The regulator said it would look at the evidence again.

In trying to keep the British public on side and Parliament's politicians content, the regulator subsequently found that Google had "significantly" breached UK law, but failed to fine the company. The ICO said it would conduct a thorough audit of the company's practices.

The ICO can impose an unlimited fine if a legal case reaches a higher Crown Court for serious offences.

Google passed the audit, but the ICO told the search giant that it "must improve" its privacy policies, and suggested advanced data protection training was given to all engineers.

The search company's next audit will take place in June to ensure its recommendations have been put into place from last year's first review.

“Google will not be filed and forgotten by the ICO”, said Christopher Graham, the data protection chief.

Image credit: Google/ZDNet.


Show Comments