The Atlanta Journal-Constitution
FCC: Google knew of data project
Report of a rogue engineer proves false. Company says, however, info was never used for other initiatives.
SAN FRANCISCO — Google’s harvesting of emails, passwords and other sensitive personal information from unsuspecting households in the United States and around the world was neither a mistake nor the work of a rogue engineer, as the company long maintained, but a program that supervisors knew about, according to new details from the full text of a regulatory report.
The report, prepared by the Federal Communications Commission after a 17-month investigation of Google’s Street View project, was released, heavily redacted, two weeks ago. Although it found that Google had not violated any laws, the agency said Google had obstructed the inquiry and fined the company $25,000.
On Saturday, Google released a version of the report with only employees’ names redacted.
The payload data was secretly collected between 2007 and 2010 as part of Street View, a project to photograph streetscapes over much of the civilized world. When the program was being designed, the report says, it included the following “to do” item: “Discuss privacy considerations with Product Counsel.”
“That never occurred,” the report says.
Google says the data collection was legal. But when regulators asked to see what had been collected, Google refused, the report says, saying it might break privacy and wiretapping laws if it shared the material.
A Google spokeswoman said Saturday that the company had much stricter privacy controls than it used to, in part because of the Street View controversy. She expressed the hope that with the release of the full report, “we can now put this matter behind us.”
Ever since information about the secret data collection first began to emerge two years ago, Google has portrayed it as the mistakes of an unauthorized engineer operating on his own and stressed that the data was never used in any Google product.
The report, quoting the engineer’s original proposal, gives a somewhat different impression. The data, the engineer wrote, would “be analyzed offline for use in other initiatives.” Google says this was never done.
Privacy advocates said the full report put Google in a bad light.
“Google’s rogue engineer scenario collapses in light of the fact that others were aware of the project and did not object,” said Marc Rotenberg, executive director of the Electronic Privacy Information Center.
“This is what happens in the absence of enforcement and the absence of regulation.”