IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Hamburg fines Google for Street View data breach

Logging Wi-Fi networks lands search giant in trouble with German state.

Snooping

Privacy regulators in Germany have fined Google for illegally recording signals from Wifi networks while it was taking photographs for its Street View service.

Google's roving Street View vans picked up large amounts of personal data such as e-mails, passwords, photos and online chat protocols, said the commissioner for data protection and freedom of information in Hamburg city state, Johannes Caspar.

Caspar fined Google 145,000 euros ($189,700), close to the maximum of 150,000 euros allowed under his mandate but a drop in the ocean for the top search engine provider, which has a stock market value of around $260 billion.

"Cases like this make it clear that the sanctions provided for by the Federal Data Protection Act are totally inadequate for the punishment of such serious breaches of data protection," the commissioner said in a statement.

Google said it would not appeal the fine.

The history of the Nazi Gestapo and East Germany's Stasi secret police has left many Germans especially wary of invasions of privacy.

Google said it received more than 244,000 requests two years ago for it to delete their homes from Street View, which allows users to take virtual "walks" along streets using their computers.

Caspar said Google had confirmed that from 2008 until 2010 it not only took pictures of houses for Street View but also scanned wireless networks within range and stored the data.

Google has deleted the data it collected, the regulator said in its statement.

"This is one of the most serious cases of violation of data protection regulations that have come to light so far," Caspar said.

He said Google had told him it had never intended to store personal data.

"But the fact that this nevertheless happened over such a long period of time, and to the wide extent we have established, allows for only one conclusion: that the company's internal control mechanisms failed seriously," said Caspar.

Google's global privacy counsel, Peter Fleischer, said in a statement that the project leaders never wanted the collected data, that they did not use it or even look at it.

"We work hard to get privacy right at Google," he said. "But in this case we didn't, which is why we quickly tightened up our systems to address the issue."

Last year, Caspar investigated Facebook's policies on retaining and deleting data and the level of control users have over their information. The probe was closed this year after Facebook changed its policies.

Featured Resources

Four strategies for building a hybrid workplace that works

All indications are that the future of work is hybrid, if it's not here already

Free webinar

The digital marketer’s guide to contextual insights and trends

How to use contextual intelligence to uncover new insights and inform strategies

Free Download

Ransomware and Microsoft 365 for business

What you need to know about reducing ransomware risk

Free Download

Building a modern strategy for analytics and machine learning success

Turning into business value

Free Download

Recommended

Regtech and the elimination of paper
compliance

Regtech and the elimination of paper

20 May 2021

Most Popular

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack
hacking

Russian hackers declare war on 10 countries after failed Eurovision DDoS attack

16 May 2022
Windows Server admins say latest Patch Tuesday broke authentication policies
Server & storage

Windows Server admins say latest Patch Tuesday broke authentication policies

12 May 2022
IT admin deletes company’s databases and is jailed for seven years
Policy & legislation

IT admin deletes company’s databases and is jailed for seven years

16 May 2022