Google Wi-Fi Data Snooping: A Brief FAQ

Google is cleaning up its mess after the company says it mistakenly collected browsing data from unencrypted Wi-Fi networks as part of its Street View project. The search giant said on Monday that it had deleted all Wi-Fi data collected in Ireland at the request of the Irish Data Protection Authority. The destruction of incorrectly obtained data in Ireland was confirmed by iSec Patners Inc., an independent security consulting firm.

Google says it has also reached out to “regulators in the other relevant countries about how to quickly dispose” of the Wi-Fi data it mistakenly collected. Google has not named the “other relevant countries” it has reached out to, but the company’s Wi-Fi data packet snooping could affect many locations included in Street View. In a blog post on Friday, Google said its Street View cars, which take 360-degree photographs for use in Google Maps, have been collecting data from unprotected Wi-Fi networks since 2007.

If you’re just hearing about Google’s Wi-Fi data collection faux pas for the first time, here’s a quick FAQ to get you up to speed:

Why was Google collecting Wi-Fi data in the first place?

Google says it was collecting basic Wi-Fi data from network routers including Service Set Identifier (SSID) information and Media Access Control (MAC) addresses. The search giant says collecting this information from data access points across the world helps the company improve the accuracy of its location-based products like Google Maps for mobile, My Location, and Buzz.

What else were the Street View cars collecting?

Google says the programming code meant to collect SSIDs and Mac addresses was also collecting data packet information (Web browsing and communication data) from non-password-protected Wi-Fi networks.

If a Street View car collected data in my neighborhood, does Google have my browsing data now?

For Google to have collected any information from your computer you would have had to be browsing the Internet on a Wi-Fi network that wasn’t password protected when the Street View car was in range of your wireless signal. It’s also important to note that Google says it collected only data fragments and not entire pieces of browsing or communication data. Google says that this happened because its Street View cars were constantly moving when collecting data and were changing channels (your Wi-Fi signal is broadcast on an over-the-air channel) about five times per second.

When did Google start collecting Wi-Fi data?

Google says the code that inadvertently collected Wi-Fi data was created in 2006 and used in the Street View project a year later. Google Street View first launched on Google Maps in late May 2007. It’s not clear whether Google’s Wi-Fi snooping began when Google first sent its Google Street View cars into the streets or whether this code was added to the project soon after.

If Google has been collecting this data since 2007, why are we only finding out about it now?

Google says it did not realize what was going on with its data collection practices until German authorities told the search giant they wanted to audit Google’s Street View Wi-Fi data collection practices. Google says the request from German authorities sparked an internal review which uncovered the problem. Google grounded its Street View cars once it discovered the Wi-Fi data collection issue, and says it will no longer have its Street View fleet collect Wi-Fi data.

What is Google doing with the Wi-Fi data it does have?

Google says it has stored all the snooped data on separate hard drives that are not connected to the rest of Google’s network, essentially locking the data down. The company says it has asked a third-party to investigate its Wi-Fi privacy lapse, determine how it happened, and confirm that Wi-Fi packet data has been permanently deleted.

What about Google’s warning about protecting your Wi-Fi network?

Google should never have been collecting the data packets transmitted across open Wi-Fi networks, and it is a smart enough company that it should have caught this mistake much earlier. However, the search giant definitely has a point about protecting your Wi-Fi router. Not only is an open Wi-Fi signal an invitation to your neighbors to snag some free Internet access, but it exposes your computer to any number of security intrusions, including identity theft. So make sure you password-protect your Wi-Fi router to keep unwanted guests, hackers, and drive-by googlers off your network.

Connect with Ian on Twitter (@ianpaul )