Google cleared of UK privacy breach

Powered by SC Magazine
 

Harm threshold not breached.

The UK's Information Commissioner's Office today declared Google's collection of unencrypted WiFi data while on its Street View operation was inadvertent and harmless.

"The information we saw does not include meaningful personal details that could be linked to an identifiable person," it said.

The ICO had visited Google's offices to assess samples of the data the search giant had collected.

"Whilst Google considered it unlikely that it had collected anything other than fragments of content, we wanted to make our own judgement as to the likelihood that significant personal data had been retained and, if so, the extent of any intrusion," the ICO said.

"On the basis of the samples we saw we are satisfied so far that it is unlikely that Google will have captured significant amounts of personal data."

The ICO said it had found no evidence that data captured by Google had caused or could cause any individual detriment, however it did acknowledge that Google "was wrong to collect the information".

UK privacy advocate, Privacy International, which initially raised the case with the ICO, has claimed that Google intentionally collected the data. PI claims that an audit of the program that Google used, "gslite", revealed that it was coded to dump encrypted network data but store data transmitted over unencrypted networks.

"This means the code was written in such a way that encrypted data was separated out and dumped, leaving vulnerable unencrypted data to be stored on the Google hard drives," PI said last month.

Earlier this month Australia's recently replaced Privacy Commissioner Karen Curtis ruled that Google's Street View operation had breached the local Privacy Act, however she was unable to impose any sanctions on the company.

She asked Google to conduct a privacy-impact assessment for future Street View harvests.

London's Metropolitan Police and the Australian Federal Police have commenced their own investigations into Google's alleged data breach.

The US appears to be taking a more hardline approach to the alleged data breach. Last week a 38-state response to Google was spearheaded by Connecticut Attorney General Richard Blumenthal, who wants to know whether Google tested its Street View software before it used it.

If it did, argued Blumenthal, the test should have revealed whether the program collected data.

Blumenthal has asked Google "whether its program was designed to collect random bits of information broadcast over wireless networks or download specific types of data and whether it has sold or otherwise used technical network information also collected."


Google cleared of UK privacy breach
 
 
 
Top Stories
Turnbull introduces data retention legislation
Still no definition of metadata to be stored.
 
Images: the next frontier in data analytics?
Barclay’s global data chief says we’re still at the starting line.
 
Crime Commission prepares core systems overhaul
Will replace 30 year-old national criminal database.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  27%
 
Sourcing and strategy
  12%
 
IT infrastructure (servers, storage, networking)
  21%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  25%
TOTAL VOTES: 417

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  55%
 
No
  45%
TOTAL VOTES: 196

Vote