The UK's Information Commissioner's Office (ICO) has found that Google's Street View data harvest was a "significant breach", backflipping on a previous finding that it only collected meaningless fragments of data.
Google has previously admitted that the cars it used to capture images for the Street View mapping service also netted personal data from unencrypted wi-fi networks.
"It is my view that the collection of this information was not fair or lawful and constitutes a significant breach of the first principle of the Data Protection Act," Information Commissioner Christopher Graham said on Wednesday.
Google UK must now sign an undertaking with the data protection watchdog that promises it will never again do what it almost got away with in the UK.
"The most appropriate and proportionate regulatory action in these circumstances is to get written legal assurance from Google that this will not happen again - and to follow this up with an ICO audit," said Graham.
Google hasn't faced any enforcement action to date over the breach, but in future it may, said Graham, showing a tougher face in light Google's recent admission that it collected entire emails, which contradicted the ICO's earlier finding.
However, following Google's public admission in late October that, in fact, it collected entire emails and passwords from homes its cars passed, the ICO decided to take a second look.
British conservative MP, Robert Halfon, recently labelled the ICO's Graham "lily-livered" over his handling of Google's breach, according to a report by The Register.
Halfon, who has been leading a charge in the UK for an Internet Bill of Rights, reckoned Google collected the data on purpose.
"My feeling is that the data were of use to Google for commercial purposes and that is why it was done," he wrote on his Blogspot account on Tuesday.