By Cecilia Kang
Washington Post Staff Writer
Thursday, October 28, 2010; A15
The federal government has ended an inquiry into a privacy breach involving Google's Street View service, satisfied with the company's pledge to stop gathering e-mail, passwords and other information from residential WiFi networks as it rolls through neighborhoods.
Wednesday's decision by the Federal Trade Commission is a sharp contrast with the reaction of regulators in Europe. The United Kingdom has launched a new investigation into Google's collection of unencrypted WiFi data, exposing the company to potential fines. Germany told Google to mark its Street View cars that take pictures of neighborhoods and homes. The Czech Republic banned Google from expanding its mapping software program.
The differences highlight an increasing gap between regulators in the United States, where the freewheeling Internet culture has birthed many of the social networking sites and search engines used worldwide, and governments in Europe and Canada, which tend to be much more aggressive about privacy.
"Part of it is cultural, and part of it is that the U.S. and Europe have radically different privacy regimes," said Chris Calabrese, legislative counsel for the American Civil Liberties Union. "The European model is extensive data protection in private information, and the U.S. model is piecemeal."
The result is a rising number of trans-Atlantic conflicts. The Obama administration has been criticized for its efforts to allow law enforcement to surveil Internet networks, for instance. In addition, the European Union is pushing back against U.S. demands to share data about U.S.-bound air passengers.
Many European nations have laws that sanction or fine companies for learning too much about Web users and sharing that information with other companies. Regulators there tend to focus on consumers' rights to their own information on the Internet. In the United States, companies argue that consumers lose their rights after information is shared with a third party.
U.S. regulators are working on suggestions for how far companies can go with information they collect, store and share about Internet users. Those suggestions, to be released in a report by the FTC in the coming weeks, could result in a legislative road map for Congress. But because of the agency's limited rule-making power, the FTC's report could have limited impact, privacy groups fear.
The advocates also argue that U.S. companies have a strong voice in debates at the FTC and on Capitol Hill over privacy legislation. As a result, critics say, the U.S. government has been more sensitive to how privacy regulation or laws could affect the businesses of Web sites like Facebook and Amazon and media sites, such as WashingtonPost.com and CNN.com.
"We are trying to develop a framework with input of many stakeholders that would be useful as we all go forward on privacy," said Jessica Rich, deputy director of the FTC's Consumer Protection Bureau.
In a letter to Google on Wednesday, the FTC said privacy concerns over its Street View cars' data collection were allayed when the search giant announced that it would beef up privacy training for employees and not use any collected data for any Google products or services.
"This assurance is critical to mitigate the potential harm to consumers from the collection of payload data," David Vladeck, head of the FTC's Consumer Protection Bureau, wrote in closing the review.
While taking photos of cars and homes, Google's Street View cars were also collecting information about the placement of WiFi networks. After German authorities investigated the practice, Google said its cars had accidentally also collected Internet user data - or payload data - while passing homes.
"We are deeply disappointed that FTC dropped the ball on Google," said Jeffrey Chester, executive director of the Center for Digital Democracy. "It took other regulators in Germany and Canada to expose the extent of the privacy violation. And the U.S. is saying it will continue to be absent on this issue."