Google breached Australians' privacy: Commissioner

By Ry Crozier on Jul 9, 2010 3:19 PM
Filed under Networking

Google apologises: "We failed badly here".

Google Australia breached the Privacy Act when it inadvertently collected data from private wireless networks using its Street View cars, Australian Privacy Commissioner Karen Curtis said today.

In response, the search and advertising giant was forced to publicly apologise.

And it must conduct privacy-impact assessments "on any new Street View data collection activities in Australia that include personal information" in the future, and to submit these to Curtis, she said.

"Collecting personal information in these circumstances is a very serious matter," Curtis said.

"Australians should reasonably expect that private communications remain private.

"[But] under the current Privacy Act, I am unable to impose a sanction on an organisation when I have initiated the investigation. My role is to work with the organisation to ensure ongoing compliance and best privacy practice."

The Australian Federal Police has launched a separate investigation into the incident.

Curtis said that Google would also have to "regularly consult with the Australian Privacy Commissioner about personal data collection activities arising from significant product launches in Australia".

Google has admitted the data collection was a "simple mistake".

"To be clear, we did not want and have never used any payload data in our products or services - and as soon as we discovered our error, we announced that we would stop collecting all wi-fi data via our Street View vehicles and removed all wi-fi reception equipment from them," Google's senior vice president of engineering and research Alan Eustace said in an apology today.

"We want to reiterate to Australians that this was a mistake for which we are sincerely sorry.

"Maintaining people's trust is crucial to everything we do and we have to earn that trust every single day. We are acutely aware that we failed badly here."

Google Australia engineering director Alan Noble told iTnews in May that it would audit its systems to ensure such a breach didn't happen again.

Google breached Australians' privacy: Commissioner

15 comments in this discussion

"@FLashy - couldn't see any problem with your google search of published web sites, is it supposed to show something 'interesting'? FYI: published web sites are in no way similar to private WLANs. ..."

By Ace

Tags

google, australia, privacy commissioner, laws, wifi, wifi data payload street, view collection apology afp federal

EU lawmakers seek to limit use of data by Internet firms

Google hands over user data

ATO grapples with big data in tax haven hunt

Researchers tap phone data to establish mobility patterns

Breaking Stories

Linfox crunches big data to keep trucks on time

Decoding NetSuite's anti-SAP bravado

Ex-Googler blows whistle on dodgy tax deals

NBN Co wants block on Telstra disconnection processes

Microsoft researcher predicts Eurovision winner

Readers of this article also read...

Comments: 15

poida76 Jul 10, 2010 12:12 AM	I base my comments with the following. Each time the free to air stations in Australia filmed in our suburb and a residents property featured more than x amount of minutes/seconds in a segment or scene in the media they would (as required by law) to have written consent of the property owner. Now, given that Google has taken photographs of our properties (global, national, international) without signed consent of the property owner and displayed and broadcast the image 'static' on the Internet media/medium globally for more than x amount of minutes/seconds (probably a 2-3 years) for all to see, they have breached the consent of millions of property owners. Forgive me if im wrong or if media/privacy laws have been updated/changed since my last reading/interpretation some years ago, but where is the consent!! 1st Advice: For Google to claim their 'data collection' is an 'error' is a cop-out/excuse/cover-up/disguise/evasion/rationalisation/stopgap/subterfuge and attempt at vindication for collection of property images and wireless information illegally. Yes I have chosen every synonym to convey and allow more to understand my opinion/point and make their own judgement. They (Google) are trying to play dumb / play down the issue to the greater masses who are not 'tech savy'. Google are saying, "I'm sorry..it was a mistake' in hope that no entity/person/collective play down the issue and think the wiser then investigate the matter 'legally' for breach of privacy. If you have lawyers, barristers, Qc's to consult on the matter for breach of privacy in relation to 'consenting to display' an image of your property, I suggest you do. I'm sure there is legal recourse. It's about time the little man/women fights back for their privacy in this IT/breach of information & lazy practices of globally recognised it company. Any IT person around the world of substance / qualification / admittance of truth would know that when implemented such software/hardware as Google has done what data it was capable of collecting. For Google to claim it was a mistake is an outright LIE or outright STUPIDITY!!!!!
poida76 Jul 10, 2010 12:15 AM	REGARDLESS GOOGLE SHOULD BE HELD ACCOUNTABLE!
poida76 Jul 10, 2010 12:32 AM	Whilst im on my little rant / stand up of the citizen. I would like to invite the ACMA, Federal/Local Govt. and/or appropriate departments where applicable to make a rational and logical statement their interpretation of the subject matter.
frogg11 Jul 10, 2010 9:57 AM	If Google is deemed to have breached the Privacy Act, the the Australian Government's proposal to snoop on our emails must be downright criminal. The Government does not, and cannot, open our postal mail under current law except in specific circumstances (usually involving a warrant), so why would we tolerate them opening our email?
Tom Brown Jul 10, 2010 10:52 AM	Frogg11, your comment appears to have no validity. I do not think the government has the proposal being touted in these forums, I asked (email) Senator Ludlam about this and the reply did not advise if there was a proposal and my 2nd request has not been answered. I have found no other evidence. Furthermore I think the government/FP already have these powers, what happened with Dr Hannif, he was arrested very quickly! Poida76, "a mistake" and Australian Privacy Commissioner Karen Curtis "inadvertently collected data from private wireless networks" I think there is probably more to Google's data collection and I doubt this will ever be revealed, this occurred in the EU where Google refused to give the collected data to the investigators. How hard will Australian authorities contest the big American and how deep is the big American involved in the implementation of US government policy, must be lucrative. If you want a conspiracy theory this is it! I like this poll, the question really does not relate to either answer. It is alike the question, have you stopped beating your wife, answer 1: no you have not, answer 2: yes you have. So the Question is about the Act, what public knows what the Act says so 72% of people do not even read the question nor do they care about the question, or maybe Google saw it and decided plant a show of public support, more conspiracy. So I ask that if you ITNews, do a poll make it sensical.
anonymous Jul 10, 2010 12:01 PM	@Tom, at present the govt has power to intercept post, phone or other communications where a crime has been committed or there is a belief that a crime may be committed by the subject of the interception. As you know very well, there is no other interception or requirement for retention imposed in the case of mail or phone services. In other words: frogg11 +1.
marcusg Jul 10, 2010 12:07 PM	Not this still... Certainly poida76, you may have a point about consent, but the simple thing here is that Google wanted to register free wifi hotspots for possible use in Google Earth, Maps, Street View, Android based phones or some other product. Free wifi - yeah!! Who knew that there were so many unencrypted wireless devices out there, in the public domain, being used by people in their homes (and probably shared with their neighbours too). And how much data was collected with cars driving down the street taking photos? My neighbour can't get wifi in his upstairs front bedroom, let alone the front yard. It was Google who released the initial statement indicating the accidential recording of unencrypted data in the first place. They seemed surprised that such data was collected and came clean. Do you think they'll do this again in the future? But more to the point, where were the appropriate authorities before this happened? Did anyone check? Who would check? What about the telcos selling unencrypted devices, with no instructions as to how to install and correctly secure these devices? I was reading on another site that some bigwigs of Homeland Security, in the US, also have unencrypted wireless devices running in their homes. What hope is there for the average person? So, give Google a break, they came clean, which is a lot more than can be said for others who have been caught out. BP anyone?
DazzaJ Jul 10, 2010 12:54 PM	How ridiculous can Australia get. Its okay for Telstra to SELL our personal information to phone sales companies so they know more about our personal habits than we do. (How does some little indian fellow know how much I spend and on what I spent it on.) It's okay to restrict and filter information via internet and monitor peoples browsing, searching and email activity. There's no breach of freedom of information or personal rights there??? Its even okay to log every persons PERSONAL browsing, searches, cache, IP address, information and whatever else and store that for 10 years so that can track what everybody is doing. (Including bank information etc.) No security, personal or freedom problems there either ?!?!? BUT Its NOT OKAY to take photos of PUBLIC roads, or to monitor public access points. People might see I haven't mowed my lawns AHHHhhhh! Sue Sue Sue It therefore must be illegal to have phones and devices that can tether to wireless points such as the ifad type gear. If people are running unrestricted, and unprotected wireless points then it should be their problem. Not GOOGLES. Walk or drive around with a laptop and monitor wireless points and youll find 100's of them. Anybody can do it! Take your digital camera with you and wait for the lawyers to rock up. Why doesn't Curtis look into REAL issues and concerns of privacy and personal rights being breached by Australian government and corporate bodies!
FLashy Jul 10, 2010 5:29 PM	How silly is the whole concept of privacy of un-encrypted WiFi networks. Unless users take the proper due care and diligence with their home PC networks, their open networks are free to anyone else to use. WEP encryption is so simple to activate on a wireless network, obviously these simpletons deserve to have these open wireless networks published. Installers of wireless networks drive around all day using "Stumble upon" on laptops mapping open LANs just for fun. If your business is open, too bad. Hundreds of LANS have been accessed over the years all over Australia. I dunno why there is currently any interest in this old subject.
charlesmanly Jul 10, 2010 6:22 PM	You can certainly ask your physician to keep your visit confidential (I wouldn't see any reason why they wouldn't anyway...); however, if you are on your parent's insurance they will know about your visit and prescriptions when they received their "summary of services" from the insurance company. http://www.healthproductreviewers.com/force-factor-review.html
Ace Jul 10, 2010 7:13 PM	@Flashy, that is simply not true. If you forget to lock your car, is not breaking the law if someone drives of with it? The fact is, locked or unlocked, a private persons WiFi network is not public property and accessing it, or using their bandwidth is theft.
FLashy Jul 11, 2010 2:38 AM	Thanks Ace, you are correct. Unlocked WLAN's are really not to be accessed, much the same as websites. Sadly millions of web sites are 'unlocked' For example: just a little search I did for fun. http://tinyurl.com/2g9x62p Careful not to click on any pictures.
Pilotyoda Jul 11, 2010 1:29 PM	A couple of issues: I don't have a problem with "Street View". It has been invaluable both in my job and personally to find places. However, governments may use it for less fair purposes (property rating, by-law compliance, etc). I wiwsh it was of higher resolution and more frequently updated, but hey, I enjoy this stuff. As for WiFi data, by fitting Aerials (and associated electronic hardware) to the cars (not done accidentally) then any data collected was intentional and not "inadvertant". It would have been faster and more accurate to employ a chip into the electronics to identify public WiFi hotspots with no need to use software to decode the data. So I don't believe the hypothesis that @marcusg has put forward. Google makes (lots of) money from all sorts of data. If it really was inadvertent they could have deleted the lot in a couple of keystrokes and made up some simple excuse, but they actually sent the cameras and antennas out on the road SET UP to access this data! Guilty as charged!!
rexel99 Jul 12, 2010 8:46 AM	I am confused. On one hand we have laws that say you are responsible to lock your car doors when parking it so as not to incite theft. On the other hand if you leave your house doors open, or not secure your wifi and the contents are seen intentionally or otherwise, the viewer is at fault. I have no problem with street view, locating my wifi hotspot or even getting my data if I didn't lock it down, so long as there is no intent or possibility of it being used against me, unless by the proper authorities. Do you trust google to do this and show people how vulnerable their wifi spots are or would you prefer it to be an unknown, where the neighbours and hackers can use your wifi because no information was provided to you about securing it?
Ace Jul 13, 2010 1:52 PM	@FLashy - couldn't see any problem with your google search of published web sites, is it supposed to show something 'interesting'? FYI: published web sites are in no way similar to private WLANs. And the privacy commissioner agrees.