Just as they made amends for violating the privacy of Buzz users in the United States, web giant Google, Inc. is in trouble yet again as the Information Commissioner in the United Kingdom has come to the conclusion that Google violated the privacy of UK citizens. This run-in with the UK government is slightly ironic in the sense that it comes at the same time that Google is suing the United States government, claiming that they violated fair competition laws when they specified that Microsoft software was a required component of a US Department of Interior bid.
But how exactly did Google violate the privacy of UK citizens? Many of you are probably familiar with the “street-view” component of Google’s Google Maps service, which allows an end user to see an image of a street in question – just as if you were driving on it. In order to do this, Google sends out cars equip with cameras in order to take the photographs that are later made available to the end-users. However, Google also uses these street-view cars in order to map out locales based on the MAC (Media Access Control) addresses broadcasted by wireless access points that reside within them. By doing so, Google is able to produce location-aware software that is able to determine a consenting user’s location my cross-referencing the access points near them with their database. One example of this technology can be seen in Apple’s iPod Touch, where location-aware applications (such as the native mapping application) is able to use the on-board wireless card in order to determine the location of a user.
While it has never been a secret that Google was collecting the MAC addresses of access-points in order to further their location-aware services, it is now coming out that the software that scanned for access points also connected to unsecured wireless networks and in some cases retrieved the personal data of the network’s users. This is a practice that people often refer to as “war driving”; connecting to unsecured (or breaking into secured) networks in order to steal personal data, known as a “payload.”
While Google’s Global Privacy Counselor, Peter Fleischer has said that Google was unaware and “profoundly sorry for mistakenly collecting payload data”, the fact of the matter is that Google’s image has taken yet another hit in one of the most important aspects of their practices: privacy. Even if Google was completely unaware of what was going on, the fact of the matter is that they were able to accidentally walk away with boatloads of potentially sensitive personal information. What does this say about the company’s ability to handle personal information? Should we be trusting a company like Google with our personal, business, and even government information?
While this is really a matter of personal opinion, the fact of the matter is that Google has shown a sense of carelessness when handling personal information. What do you think? Share your opinion in the comments!