Google’s Street View breaches Privacy Act

An investigation by the Australian Privacy Commissioner has found that Google’s collection of unsecured Wi-Fi payload data (and within that data, personal information) breached the Privacy Act 1988.

Google first announced on 14 May 2010 that, contrary to its earlier statements, its Street View cars had been collecting payload data from unsecured Wi-Fi networks. Once it became aware of its collection, Google grounded the Street View cars and segregated the data on its network. None of the data has been used in any Google products.

As a consequence of the Australian investigation, Google has provided an undertaking to the Privacy Commissioner that it will:

  • publish an apology on its official blog;
  • conduct a Privacy Impact Assessment (PIA) on any new Street View data collection activities that may include personal information;
  • provide a copy of any PIA to the Commissioner; and
  • regularly consult with the Commission.

Notwithstanding the general furore created by Google’s admission, it would seem that the collection of the data was inadvertent and none it has been used maliciously. At least, that’s if we believe Google (and we have no reason not to). This is reflected in the relatively minor action taken by the Privacy Commissioner when much harsher actions were available to her.

For assistance with privacy matters, please contact Certus Legal Group.