Google has admitted that for the past three years it has wrongly collected information people have sent over unencrypted wi-fi networks.
The issue came to light after German authorities asked to audit the data the company’s Street View cars gathered as they took photos viewed on Google maps.
Google said during a review it found it had “been mistakenly collecting samples of payload data from open networks”.
The admission will increase concerns about potential privacy breaches.
These snippets could include parts of an email, text or photograph or even the website someone may be viewing.
In a blogpost Google said as soon as it became aware of the problem it grounded its Street View cars from collecting wi-fi information and segregated the data on its network.
It is now asking for a third party to review the software that caused the problem and examine precisely what data had been gathered.
“Maintaining people’s trust is crucial to everything we do, and in this case we fell short,” wrote Alan Eustace, senior vice president of engineering and research.
“The engineering team at Google works hard to earn your trust – and we are acutely aware that we failed badly here.”
‘Pushing the envelope’
Google said the problem dated back to 2006 when “an engineer working on an experimental wi-fi project wrote a piece of code that sampled all categories of publicly broadcast wi-fi data”.
That code was included in the software the Street View cars used and “quite simply, it was a mistake”, said Mr Eustace.
“This incident highlights just how publicly accessible, open, non-password protected wi-fi networks are today.”
Dan Kaminsky, director of penetration testing for security firm Ioactive, said there was no intent by Google.
“This information was leaking out and they picked it up. If you are going to broadcast your email on an open wi-fi, don’t be surprised if someone picks it up.” …
This is a few days old but still interesting if you missed it.