EU countries probe Google data breach

  

Google is starting to feel the heat in Europe as several countries launch probes and demand more details about the companies' street-mapping technology, after it emerged that the application had inadvertently collected people's private information. 

German prosecutors were the first to raise the alarm after its audit of Google's Street View application revealed Google's data centres had collected payload data – emails, video, audio and VoIP information - being sent over the network by users.

Prosecutors in Hamburg are currently investigating how Google collected the data and whether it breached German data protection rules.

A spokesperson said the inquiry would likely take two weeks.

Officials in Spain, France and the Czech Republic also announced plans yesterday (21 May) to investigate Google's collection of data from wireless networks in their countries.

A spokesperson for the European Commission insisted that this was a matter for the national authorities, but added that the EU was currently reviewing the bloc's data protection rules, the results of which could be known in the autumn.

The spokesperson admitted, though, that Google should seek the explicit consent of a user before using data.

"Data protection rules are about consent. Companies must give a user the chance to give their explicit consent before they use the data gathered for commercial purposes," he added.

The European probes follow a lawsuit and an inquiry that was launched in the US last week.

United States congressmen have asked the Federal Trade Commission to explore whether or not Google has violated any laws.

According to documents from the US lawsuit, Google's cars had managed to collect swathes of personal data using so-called wireless packet sniffers.

According to a statement from Google, the packet sniffers, or receivers, contained a piece of faulty code, which was the source of their problem.

In the US, a woman from Oregon and a man in Washington have both filed a lawsuit against the company which could see the firm paying up to $10,000 for each individual data breach.

Technology bloggers have come out in the company's defence, saying only wireless networks that were not protected by a password could have experienced breaches.

The wireless connection of the two people involved in the US trial were, on their own admission, insecure connections.

Timeline: 
  • Autumn 2010: European Commission to publish review of Data Protection Directive.
External links: 
Advertising

Content Partners