Oopsie! Google Accidentally Harvested WiFi Data

Google today admitted that, in the years that it's been photographing the streets of the world for Google Maps, it has also been unintentionally collecting payload data from open WiFi networks and public hotspots. The revelation came after the German Data Protection Authority asked to audit the WiFi data collected by the Google Street View cars.

Alan Eustace, Senior VP, Engineering & Research today said that during that review the search giant discovered that a statement it sent to data protection authorities (and in an earlier blog post) was incorrect. On April 27, Google sent out a technical note that stated that, while the Street View cars did collect publicly broadcast SSID information and MAC addresses, they did not collect payload data. However, it seems that is not actually the case.

 "… it’s now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) WiFi networks, even though we never used that data in any Google products," said Eustace.

Eustace goes on to assure us that typically, Google would only have collected fragmented payload data because:

"Our cars are on the move; someone would need to be using the network as a car passed by; and our in-car WiFi equipment automatically changes channels roughly five times a second."

The accidental data harvesting is attributed to a mistake made in 2006. Four years ago, an engineer working on an experimental WiFi project wrote a piece of code that sampled all categories of publicly broadcast WiFi data. Eustace says that a year later, when Google's mobile team started a project to collect basic WiFi network data like SSID information and MAC addresses using Google’s Street View cars, it included that code in their software—although the project leaders did not want, and had no intention of using, payload data.

Google says to maintain the users' trust, it will be asking a third-party to review the software issue, how it worked and exactly what data was gathered. Additionally, this third-party will also be checking to see that Google deleted the data appropriately. There will also be an internal review of procedures to ensure that should something like this ever happen again, Google will be able to handle the issue properly.

Eustace signs off with an apology from the engineering team at Google.

"The engineering team at Google works hard to earn your trust—and we are acutely aware that we failed badly here. We are profoundly sorry for this error and are determined to learn all the lessons we can from our mistake."

Create a new thread in the Streaming Video & TVs forum about this subject
This thread is closed for comments
48 comments
Comment from the forums
    Your comment
    Top Comments
  • chickenhoagie
    yeah..finally caught and now they decide to call it a mistake. but it was only from non-secured wifi. anyone can get info off that so who cares. I guess if you don't want people carelessly taking your network info then its a good idea to use a bit of security encryption! Derrrr.
    30
  • socrates047
    this doesn't really bother me cause lets be realistic if google want to fuck u over u think ur wifi password is gonna stop them. I'll just let the paranoid people take this one.
    26
  • Kelavarus
    I'm still slightly confused as to how this seems so 'bad' when anyone could do it to any network if they were close enough...
    17
  • Other Comments
  • chickenhoagie
    yeah..finally caught and now they decide to call it a mistake. but it was only from non-secured wifi. anyone can get info off that so who cares. I guess if you don't want people carelessly taking your network info then its a good idea to use a bit of security encryption! Derrrr.
    30
  • socrates047
    this doesn't really bother me cause lets be realistic if google want to fuck u over u think ur wifi password is gonna stop them. I'll just let the paranoid people take this one.
    26
  • NeeKo
    All of them collect data about us, its how they make money!
    8