An investigation into Google's ability to collect unsecured WiFi data via its Street View cars has found that several employees knew of this capability.
According to Reuters, an investigation by the Federal Communications Commission found that the Google engineer who wrote the software told two colleagues and a senior manager about it. The report states: “Engineer Doe intended to collect, store and review payload data for possible use in other Google projects.” This comes despite the company's insistence that it did not initially know about the capability.
Google was investigated over the collection of data by its cars when photographing for its Street View service by information and privacy commissioners globally. In May 2010, it apologised for collecting the data, saying it was 'clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) WiFi networks, even though we never used that data in any Google products'.
In the UK, the Information Commissioner's Office (ICO) made a decision that Google had breached the Data Protection Act over Street View, with information commissioner Christopher Graham then saying that Google had passed an audit but ordered it to make privacy improvements on all of its products.
In a statement issued two years ago, Alan Eustace, senior vice president of engineering and research at Google, said: “In 2006 an engineer working on an experimental WiFi project wrote a piece of code that sampled all categories of publicly broadcast WiFi data. A year later, when our mobile team started a project to collect basic WiFi network data such as SSID information and Mac addresses using Google's Street View cars, they included that code in their software—although the project leaders did not want, and had no intention of using, payload data.
“As soon as we became aware of this problem, we grounded our Street View cars and segregated the data on our network, which we then disconnected to make it inaccessible. We want to delete this data as soon as possible, and are currently reaching out to regulators in the relevant countries about how to quickly dispose of it.”
An article by the New York Times named an engineer and said that his LinkedIn page lists his occupation as “hacker” and under the category called “Specialities,” his entry reads, “I know more than I want to about WiFi.”
In a statement to Reuters, Google said: “While we disagree with some of the statements made in the document, we agree with the FCC's conclusion that we did not break the law. We hope that we can now put this matter behind us."