Google announced today that the Wi-Fi snooping its Street View vans were engaged in was even worse than previously acknowledged. The company announced today that entire URLs, emails, and passwords were collected as well. And they still have it.
Google broke the news at the end of a lengthy blog post late Friday afternoon, so it's safe to say it's something they're not particularly proud of. The revelation didn't even come from Google itself; the breach was discovered by external regulators who have been investigating Google for its illicit data collecting. According to Google exec Alan Eustace:
It's clear from those inspections that while most of the data is fragmentary, in some instances entire emails and URLs were captured, as well as passwords. We want to delete this data as soon as possible, and I would like to apologize again for the fact that we collected it in the first place.
So for months, Google has been sitting on extremely sensitive personal information, and it took outside auditors to get them to find and fix it. And although Google wants to delete the data soon, all that means is that it hasn't been deleted yet. The government won't let them until it completes its investigation.
In response, Google has appointed a new director of privacy for engineering and product management, announced that they're going to enhance "core training" for employees privy to private data, and tightened their compliance standards. It's a little like putting up a stop sign on a busy intersection five months after a terrible accident.
The more we hear about the Wi-Fi snooping, the worse it gets. And coupled with reports of employee abuse of sensitive data, every new disclosure raises more questions than it answers. [Google via Reuters]