FCC points to rogue Google engineer over Street View Wi-Fi snooping

While Google got off easy over its Street View data mining case with the FCC — it was only charged a $25,000 fine for obstructing the agency — the full report of the investigation, released today by Google, raises new questions.

The report (embedded below) is heavily redacted and blacks out individual names, according to the LA Times, who was able to get an early look at it. It blames one “rogue engineer” in particular for intentionally creating software for Street View cars that grabbed personal data, including e-mails, search histories, and passwords, from unprotected Wi-Fi networks.

Notably, Google has repeatedly said the data collection was “inadvertent.” But the FCC report offers up some evidence that makes us think Google had to be aware of it somehow. The unnamed engineer — who invoked his 5th Amendment right and didn’t speak with the FCC — told two other engineers (one a senior manager) that he was grabbing the data. The report also claims the engineer gave the Street View team a document in October 2006 that outlined what he was doing.

“While we disagree with some of the statements made in the document, we agree with the FCC’s conclusion that we did not break the law,” a Google spokesperson told VentureBeat over e-mail. “We hope that we can now put this matter behind us.”

Writes the LA Times Jessica Guynn:

Those working on Street View told the FCC they had no knowledge that the payload data was being collected. Managers of the Street View program said they did not read the October 2006 document. An different engineer remembered receiving the document but did not recall any reference to the collection of payload data. An engineer who worked closely with the engineer in question on the project in 2007, reviewing all of the codes line by line for bugs, says he did not notice that the software was designed to capture payload data. A senior manager said he preapproved the document before it was written.

While Google continues to maintain it never authorized sucking up personal data, it’s hard to believe the company was completely unaware of what was happening. It’s also hard to trust Google at this point, which first denied that it gathered any data, only to later admit that gobs of personal data was collected by its Street View cars.

Google still hasn’t divulged the identity of the engineer responsible for the data snooping software. According to the FCC report, he was a part-time engineer who was interested in collecting data from unprotected networks to potentially benefit Google’s other services.

Photo via Justin Taylor/Flickr

blog comments powered by Disqus