Feeds

30 states may join probe of Google Wi-Fi snoop

'As many questions as answers'

High performance access to file storage

As many as 30 states may investigate Google for surreptitiously sniffing traffic traveling over open Wi-Fi networks over a three-year span, Connecticut's top law-enforcement official said on Monday.

Connecticut Attorney General Richard Blumenthal said his office will lead the multi-state investigation into the unauthorized data collection by Google Street View cars. A “significant number of states” are expected to participate, according to a press release issued by his office that claimed representatives from more than 30 states joined a recent telephone conference call to discuss the probe.

“While we hope Google will continue to cooperate, its response so far raises as many questions as it answers,” Blumenthal said in the release. “The company must provide a complete and comprehensive explanation of how this unauthorized data collection happened, why the information was kept if collection was inadvertent and what action will prevent a recurrence.”

In mid May, Google disclosed that its Street View cars in more than 30 countries routinely sniffed the payloads of unencrypted Wi-Fi networks within range of their sensors. The disclosure contradicted previous assurances that only network SSIDs and device MAC addresses were recorded. Google said the sniffing was accidental and was the result of experimental code that was inadvertently added to the Street View fleet.

Google has since come under criticism for failing to answer questions such as what kind of information was collected and who may have had access to it. At least seven civil lawsuits have been filed against Google over the Street View snooping, and agencies in Canada, Australia and throughout Europe have opened investigations. US lawmakers have called on the Federal Trade Commission to conduct its own inquiry.

“It was a mistake for us to include code in our software that collected payload data, but we believe we didn't break any US laws,” a Google spokesman wrote in an email. “We’re working with the relevant authorities to answer their questions and concerns.”

Blumenthal didn't name the other states that participated in the conference call. The press release is here. ®

High performance access to file storage

More from The Register

next story
OpenSSL Heartbleed: Bloody nose for open-source bleeding hearts
Bloke behind the cockup says not enough people are helping crucial crypto project
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Experian subsidiary faces MEGA-PROBE for 'selling consumer data to fraudster'
US attorneys general roll up sleeves, snap on gloves
Bad PUPPY: Undead Windows XP deposits fresh scamware on lawn
Installing random interwebs shiz will bork your zombie box
prev story

Whitepapers

Mainstay ROI - Does application security pay?
In this whitepaper learn how you and your enterprise might benefit from better software security.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.