The UK Information Commissioner's Office (ICO) has served Google notice that it must delete any WiFi data it collected through its Street View operations within 35 days, but did not find enough evidence against Google to levy a fine.
The UK Information Commissioner’s Office (ICO) has served Google notice that it must delete any WiFi data it collected through its Street View operations within 35 days, but did not find enough evidence to levy a fine.
Google previously admitted that while carrying out its Street View image collection, the firm’s various cars also collected WiFi data from homes, an action that led to an ICO investigation.
While the ICO’s investigation of Google concluded last year, the organization has finally got around to dishing out some stern words, specifically, that Google should delete all WiFi data it collected within 35 days.
“Today’s enforcement notice strengthens the action already taken by our office, placing a legal requirement on Google to delete the remaining payload data identified last year within the next 35 days and immediately inform the ICO if any further disks are found,” said Stephen Eckersley, the ICO head of enforcement. “Failure to abide by the notice will be considered as contempt of court, which is a criminal offence.”
The ICO said that it did not find enough evidence against Google to show that the firm actually intended to collect the data.
“The early days of Google Street View should be seen as an example of what can go wrong if technology companies fail to understand how their products are using personal information,” Eckersley said. “The punishment for this breach would have been far worse, if this payload data had not been contained.”
A Google spokesperson provided the following statement:
We work hard to get privacy right at Google. But in this case we didn’t, which is why we quickly tightened up our systems to address the issue. The project leaders never wanted this data, and didn’t use it or even look at it. We cooperated fully with the ICO throughout its investigation, and having received its order this morning we are proceeding with our plan to delete the data.
According to the ICO, it thought that “detriment caused to individuals by this breach fails to meet the level required to issue a monetary penalty”, meaning Google faces no financial liability.
This article was originally published on the Inquirer.