Feeds

UK regulator re-opens probe into Google Street View slurp outrage

ICO hauls Chocolate Factory back onto the data carpet

Beginner's guide to SSL certificates

The Information Commissioner's Office has reopened its investigation of Google's controversial Street View technology, after its data-collecting cars collected payload data including emails and passwords from unencrypted Wi-Fi networks.

The regulator's head of enforcement Steve Eckersley has sent an aggressive letter to senior Google veep Alan Eustace demanding "prompt" answers to seven questions to explain why Street View was able to slurp such data.

The letter followed the US Federal Communications Commission's findings that it seemed "likely that such information was deliberately captured" by the fleet of vehicles in the UK.

The FCC dismissed Google's claim that a lone engineer had been responsible for slurping unsecured Wi-Fi traffic and concluded that while the company had not breached the US Wiretap Act it was guilty of obstructing its investigation.

The search giant was slapped with a $25,000 fine in April this year for wasting the FCC's time.

Now, the ICO wants Google to explain "precisely what type of data and sensitive personal data was captured within the payload data collected in the UK".

It is also quizzing Google regarding just when its management became aware of what data had been collected by the Street View cars.

Further, the ICO wants to know why this information wasn't provided to the regulator when Google visited the ICO's London office with data that had been "pre-prepared" by the company in July 2010.

The ICO is also calling on Google to explain at what point senior members of the firm were privy to software design documents that showed what type of data could be captured by its Street View cars.

It's essentially looking for a corporate audit trail that backs up - or conflicts with - Google's original assertions about the embarrassing payload data slurp, which the company initially denied.

Finally, the ICO cited the Data Protection Act 1998 in its questions to Google. It wants to know what measures were introduced to prevent breaches at each stage of Street View's development and subsequent deployment.

Privacy campaigner Nick Pickles, of Big Brother Watch, told The Register this afternoon: “The Information Commissioner’s Office is absolutely right to re-open the investigation and must now take every step to get to the bottom of just how many Britons had their privacy trampled on by Google."

“The investigation must now be pursued with the vigour sadly lacking in 2010, and every effort made to ensure that Google answers the extremely important questions that it has so far avoided," he added, while accusing the search giant of "deliberately concealing" the truth of what happened from the ICO.

"Breaching the Data Protection Act is a criminal offence and the law should be applied to Google in the same way as any other company or individual.”

El Reg has asked Google to comment on this story, but it hadn't got back to us at time of publication. ®

Internet Security Threat Report 2014

More from The Register

next story
The cloud that goes puff: Seagate Central home NAS woes
4TB of home storage is great, until you wake up to a dead device
Azure TITSUP caused by INFINITE LOOP
Fat fingered geo-block kept Aussies in the dark
You think the CLOUD's insecure? It's BETTER than UK.GOV's DATA CENTRES
We don't even know where some of them ARE – Maude
Intel offers ingenious piece of 10TB 3D NAND chippery
The race for next generation flash capacity now on
Want to STUFF Facebook with blatant ADVERTISING? Fine! But you must PAY
Pony up or push off, Zuck tells social marketeers
Oi, Europe! Tell US feds to GTFO of our servers, say Microsoft and pals
By writing a really angry letter about how it's harming our cloud business, ta
SAVE ME, NASA system builder, from my DEAD WORKSTATION
Anal-retentive hardware nerd in paws-on workstation crisis
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
The Heartbleed Bug: how to protect your business with Symantec
What happens when the next Heartbleed (or worse) comes along, and what can you do to weather another chapter in an all-too-familiar string of debilitating attacks?
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.