British privacy officials may have finally decided to get to the bottom of how and why Google secretly collected personal data from potentially millions of the nation’s citizens. This week, the Information Commissioner’s Office reopened its investigation. There is a big problem, however; the I.C.O. permitted Google to destroy the controversial data two years ago.
“It is rather difficult for the I.C.O. to now turn the clock back or indeed prove anything,” Chris Pounder, a data protection expert with the training firm Amberhawk, was quoted as saying in The Telegraph.
The back story: Google was forced to reveal in the spring of 2010 that its Street View mapping cars had also been scooping up information from unencrypted Wi-Fi networks in homes and businesses. As privacy investigations began around the world, the company maintained that the data collection had resulted from an unauthorized project by an engineer acting on his own and that very little consequential data had been collected anyway.
In July 2010, I.C.O. officials visited Google headquarters in London and viewed a sample of the data as served up by the search engine’s technicians. Not much to it, the investigators concluded: “On the basis of the samples we saw, we are satisfied so far that it is unlikely that Google will have captured significant amounts of personal data.”
A second look, in 2011, persuaded the investigators that sensitive personal data had indeed been obtained. But it was the Federal Communications Commission’s much more thorough examination, which concluded two months ago, that prompted the I.C.O. to take yet another crack at it.
“We understand that a wide range of personal data together with some sensitive data was present in the payloads, including I.P. addresses, full user names, telephone numbers, complete e-mail messages, e-mail headings, instant messages and their content, logging in credentials, medical listings and legal infractions, information in relation to online dating and visits to pornographic sites and data contained in video and audio files,” Steve Eckersley, the I.C.O. enforcement head, wrote to Google on Monday.
What really seems to have irked Mr. Eckersley was that what was originally billed as “a simple mistake” was not, according to the F.C.C., quite so simple; others at Google were informed. “If the data was collected deliberately then it is clear that this is a different situation than was reported to us in April 2010,” Mr. Eckersley wrote.
Google told the British media that its executives did not want the data and had never looked at it, and that it would cooperate with the new inquiry.
Some experts were a bit more hopeful that the regulators could achieve a satisfactory resolution. Nick Pickles, director of the civil liberties campaign group Big Brother Watch, was quoted in the Huffington Post U.K. as saying that “the investigation must now be pursued with the vigor sadly lacking in 2010, and every effort made to ensure that Google answers the extremely important questions that it has so far avoided.”
One of those questions posed by the I.C.O. on Monday: When Google showed the I.C.O. a sample of what was collected in that July 2010 visit, why didn’t it include anything like the type of personal data the I.C.O. now knows was collected?
No comments:
Post a Comment