The Register reports:
Google’s roving Street View spycam may blur your face, but it’s got your number. The Street View service is under fire in Germany for scanning private WLAN networks, and recording users’ unique Mac (Media Access Control) addresses, as the car trundles along.
Germany’s Federal Commissioner for Data Protection Peter Schaar says he’s “horrified” by the discovery.
From Huffington Post:
In a blog post published Friday, Google admitted to ‘mistakenly’ collecting sensitive private data sent over WiFi networks.
Germany’s data protection authority (DPA) requested Google audit the WiFi data collected by its Street View cars. The audit revealed that contrary to the company’s claims, for at least three years, Google has been collecting payload data (the information users send over a wireless network) from non-password-protected WiFi networks. A programming error from 2006 was at fault.
Excerpted from Google’s post:
…we [previously] said that while Google did collect publicly broadcast SSID information (the WiFi network name) and MAC addresses (the unique number given to a device like a WiFi router) using Street View cars, we did not collect payload data (information sent over the network). But it’s now clear that we have been mistakenly collecting samples of payload data from open (i.e. non-password-protected) WiFi networks, even though we never used that data in any Google products.
However, we will typically have collected only fragments of payload data because: our cars are on the move; someone would need to be using the network as a car passed by; and our in-car WiFi equipment automatically changes channels roughly five times a second. In addition, we did not collect information traveling over secure, password-protected WiFi networks.