A Google engineer knowingly created software that would collect sensitive personal information about people without their knowledge, according to an un-redacted version of a federal investigative report.
In a full version of a Federal Communications Commission report, an engineer shared e-mails with other Google officials indicating the company could collect “payload data,” including e-mail addresses and text messages through a program to collect location-based software from residential and business Wi-Fi networks. The company released the full contents of the report, which was heavily redacted by the FCC, except for the names of its employees.
The report, supplied by Google, concluded that the company’s actions do not violate FCC or federal eavesdropping rules. The agency recently fined the company $25,000, however, for being uncooperative in a two-years-long investigation. A separate investigation by the FTC resulted in no fines and was closed in 2010.
With both investigations closed, Google released the full report by the FCC upon the request of reporters. The report showed an engineer, identified in the report as “Engineer Doe,” appeared to conceive of the Wi-Fi collection software to collect sensitive information that he thought might be useful to the firm for other services.
“We decided to voluntarily make the entire document available except for the names of individuals,” a Google spokeswomen said in an e-mailed statement. “While we disagree with some of the statements made in the document, we agree with the FCC’s conclusion that we did not break the law. We hope that we can now put this matter behind us”.
And inconsistent with public remarks, the report showed knowledge within the company that Google officials knowingly collected the payload data with its crews of Street View cars roaming the world for its mapping and location-based services.
“On at least two occasions Engineer Doe specifically informed colleagues that Street View cars were collecting payload data,” the FCC report said.
So besides e-mail addresses, what could Google derive from its data collection?
In the report, the FCC cited an analysis by French regulators over a sample of Google’s data collection: 72 e-mail passwords, 774 distinct e-mail addresses and, for example, “an exchange of e-mails between a married woman and man, both seeking an extra-marital relationship with first names, e-mail addresses and physical addresses.”
More from The Washington Post: