Google admits harvesting passwords

The ICO will be investigating Google after the search giant admitted to taking emails, URLs and passwords during its Street View operation.

Computer privacy

Google could face a hefty fine from the UK's privacy watchdog after the search giant admitted it had captured passwords, emails and URLs when it collected unencrypted Wi-Fi payload data during its Street View operation.

The Information Commissioner's Office (ICO) said earlier this year it appeared no "meaningful" data had been taken by Google.

However, following investigations by various regulators from across the globe, Google has now admitted it had taken emails, URLs and passwords.

"We want to delete this data as soon as possible, and I would like to apologise again for the fact that we collected it in the first place," said Alan Eustace, senior vice president for engineering and research at Google, in a blog post.

"We are mortified by what happened, but confident that these changes to our processes and structure will significantly improve our internal privacy and security practices for the benefit of all our users."

The ICO said it will now be investigating Google again and will consider a monetary fine, which could reach 500,000 - the maximum penalty open to the ICO.

"Whilst the information we saw at the time did not include meaningful personal details that could be linked to an identifiable person, we have continued to liaise with, and await the findings of, the investigations carried out by our international counterparts," an ICO spokesperson said.

"We will be making enquires to see whether this information relates to the data inadvertently captured in the UK, before deciding on the necessary course of action, including a consideration of the need to use our enforcement powers."

Rik Ferguson, senior security advisor at Trend Micro, said it was difficult to see what laws Google would have broken, given no third parties appeared to have seen the data.

"It seems it was completely accidental and unintentional and Google did the best they could in terms of surrendering the information as soon as they discovered there was something they needed to surrender and working with every individual European information commissioner," Ferguson told IT PRO.

"Yes they made a mistake but they've been pretty good at putting their hands up and doing the right thing, which is commendable."

As for whether Google should receive a fine from the ICO, Ferguson said "there was no breach."

"It's difficult to see what laws they would have broken."

However, privacy groups continue to press for penalties, including criminal sanctions, against Google. Earlier this year Privacy International said it believed Google had acted with criminal intent in collecting the data.

Featured Resources

Shining light on new 'cool' cloud technologies and their drawbacks

IONOS Cloud Up! Summit, Cloud Technology Session with Russell Barley

Watch now

Build mobile and web apps faster

Three proven tips to accelerate modern app development

Free download

Reduce the carbon footprint of IT operations up to 88%

A carbon reduction opportunity

Free Download

Comparing serverless and server-based technologies

Determining the total cost of ownership

Free download

Recommended

Cabinet Office fined £500,000 for New Year Honours data leak
data breaches

Cabinet Office fined £500,000 for New Year Honours data leak

3 Dec 2021
Gmail vs Outlook.com: Which one is better?
email providers

Gmail vs Outlook.com: Which one is better?

26 Nov 2021
Compromised Google Cloud Platform instances are riddled with cryptominers
cloud computing

Compromised Google Cloud Platform instances are riddled with cryptominers

26 Nov 2021
ICO publishes new data protection standards for the adtech industry
data protection

ICO publishes new data protection standards for the adtech industry

25 Nov 2021

Most Popular

What should you really be asking about your remote access software?
Sponsored

What should you really be asking about your remote access software?

17 Nov 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

30 Nov 2021
How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

24 Nov 2021