FCC probes Google over Street View program's collection of personal data

By Cecilia Kang
Washington Post Staff Writer
Wednesday, November 10, 2010; 8:40 PM

The Federal Communications Commission said Wednesday it is investigating whether Google violated communications laws when it collected data from WiFi networks in U.S. homes through its Street View mapping program.

The probe comes amid U.S. and international government regulators' growing concerns that Web companies such as Google and Facebook are operating fast and loose by collecting information on Internet users without clear rules to protect consumers.

It looked like Google had received a reprieve in the United States when the Federal Trade Commission said last month that it closed a separate investigation into the company's WiFi data breach. The FTC said Google's promises to delete information it collected and moves to beef up privacy training for employees were enough to stop its probe.

But the FCC's review puts new pressure on the Internet search giant, exposing it to possible fines, according to privacy law experts.

On Wednesday, Google reiterated its regret over the incident. "We are profoundly sorry for having mistakenly collected payload data from unencrypted networks," a spokesman said. "As soon as we realized what had happened, we stopped collecting all WiFi data from our Street View cars and immediately informed the authorities."

The FCC would not disclose details of its investigation, which was reported by the Wall Street Journal. Experts said the probe will likely address how consumers may be harmed by the collection of data from WiFi "hot spots" and other such communications networks, as well as whether WiFi data mining violates laws that protect consumer privacy.

"As the agency charged with overseeing the public airwaves, we are committed to ensuring that the consumers affected by this breach of privacy receive a full and fair accounting," Michelle Ellison, the FCC's enforcement bureau chief, said in a statement.

In May, Google admitted that cars it sent roaming around the world to take pictures of homes for its Street View application were also rigged with software that collected data about the location of residential WiFi networks, which let users connect devices wirelessly to the Internet over short-range airwaves. The firm wanted to compile WiFi network location data so it could use it for future mobile phone applications built around users' geographic location.

The software installed in those cars, however, collected more than just the locations of such networks. Last month, Google said it was "mortified" to discover that the Street View cars also vacuumed up e-mail addresses and passwords and histories of the Web pages visited by users.

Foreign governments have been quick to criticize Google.

Britain said last month that the firm violated privacy laws and that authorities would audit Google's practices. Germany, whose regulators first discovered the WiFi breach, forced the company to clearly mark its Street View cars and warn residents when employees were planning to drive the cars by their homes. Canada also said Google violated local privacy laws and that it would continue to monitor the company's promises to improve its practices.

The interest by the FCC exposes Google to especially tough communications laws, experts said.

"Intercepting communications traffic is a serious crime in the United States," said Marc Rotenberg, executive director of the Electronic Privacy Information Center. EPIC sent a letter last May to the FCC asking for an investigation into wiretapping and consumer protection violations.

"It's one of the strongest privacy laws we have because of the strong privacy presumption in network communications," he said.

The FCC has acknowledged concerns about the episode in the past, but Wednesday's announcement was the first time the agency said it had launched an official probe. Details of FCC investigations are not made public.

© 2010 The Washington Post Company