Monday, June 14, 2010

Google May Face Prosecution over Wi-Fi Data




(News Today) - Technical details revealed in a Google audit could see the company face criminal prosecution around the world for collecting private Wi-Fi data, a British privacy organisation said.

Privacy International said it had examined an independent audit supplied by Google and believed that details from the report reveal criminal intent and placed the company at risk of "prosecution in almost all the 30 jurisdictions in which the system was used".

Google admitted last month to collecting 600GB of data from unsecured Wi-Fi networks in 30 countries while out taking photographs for its Street View mapping service.

Google said the independent audit of its data collection practices had been conducted by security consulting firm Stroz Friedberg and sent to the interested data protection authorities today.

"In short, it confirms that Google did indeed collect and store payload data from unencrypted Wi-Fi networks, but not from networks that were encrypted," the company wrote on its blog.

However Privacy International said the audit report revealed a level of intent to gather data.

"The independent audit of the Google system shows that the system used for the Wi-Fi collection intentionally separated out unencrypted content (payload data) of communications and systematically wrote this data to hard drives. This is equivalent to placing a hard tap and a digital recorder onto a phone wire without consent or authorisation," it said.

The organisation claimed the data collection went well beyond the "mistake" that has been cited by Google.

It said communications law of most countries permitted the interception and recording of content of communications only when a police or judicial warrant was issued.

"All other interception is deemed unlawful," it said.

Google is already under investigation in Australia after the Privacy Commissioner referred the capture of Wi-Fi data to the Australian Federal Police.

"We can confirm we received a referral from the Attorney-General's department. The referral relates to possible breaches of the Telecommunications Interception Act and this matter is being evaluated by the AFP," a federal police spokesman said this week.

Alan Eustace, Google's senior vice-president of engineering and research has not ruled out sacking the "rogue" software engineer the company claims was behind the incident.

However, the Privacy International said the issue went beyond a single person.

"This action by Google cannot be blamed on the alleged 'single engineer' who wrote the code. It goes to the heart of a systematic failure of management and of duty of care," it said.

Australian Communications Minister Stephen Conroy has also accused Google of deliberately engineering the "single greatest breach in the history of privacy", which he claimed had collected data that included banking transactions as well as other personal information.

Other countries, including Germany, France and Spain, are launching their own investigations into the matter and criminal charges are being considered.

"The Germans are almost certain to prosecute. Because there was intent, they have no choice but to prosecute," Simon Davies, head of Privacy International told the BBC.

In Britain, the Information Commissioner's Office has said it is reviewing the audit but that for the time being it had no plans to pursue the matter.

"I don't see any alternative but for us to go to Scotland Yard," Mr Davies said.

A Google spokesman said: "As we have said before, this was a mistake. The report today confirms that Google did indeed collect and store payload data from unencrypted Wi-Fi networks, but not from networks that were encrypted. We are continuing to work with the relevant authorities to respond to their questions and concerns."

Source : kompas.com

0 komentar:

Post a Comment

Share

Twitter Facebook