Google 'scanned private computer data while developing Street View'
A "significant number" of Irish businesses are likely to have had private computer data scanned by Google in 2009 as part of its nationwide Street View sweep, it has emerged.
On Friday, the data protection commissioner revealed that Google was still in possession of sensitive data gleaned from Irish households which it had previously claimed had been erased in 2010. The data includes records, address books, customer lists, sales data and other private information.
Yesterday, the deputy data protection commissioner Gary Smith also confirmed that businesses, as well as households, would have been subject to the same information gathering process.
"Any business premises which operated an unsecured wifi connection would have had a snapshot taken of its activities as the Google car passed by," said Gary Smith, the deputy data protection commissioner.
"While most businesses have since tightened up on unsecured wifi, back in 2009 when the operation took place, a significant number of businesses would have been unaware of the risks and would have operated unsecured networks."
While there are no figures on what percentage of Irish business networks are secured, an exercise conducted by software engineer Charlie von Metzradt in 2005 showed that four-out-of-10 wifi networks picked up in Dublin city centre were not secured.
In 2010, Google claimed to have unintentionally collected the private data by scanning unsecured wifi activity in 2009 as part of the Street View photography scheme in which camera mounted Google cars passed through almost all Irish streets to photograph them for online pictorial depiction -- the stated objective of the operation.
"Back in May 2010 when this first came to our attention, we accepted Google's claim that their software had scanned wifi activity in error, and within a few days we had got confirmation from Google and an independent third party that the data had been wiped. We thought the situation had been dealt with," says Mr Smith.
"However, on Friday we received a notification from Google that it had mistakenly retained some of the data. At the same time information has emerged from a federal investigation in the US that the gathering of this data might not have been as 'unintentional' as Google initially indicated and that the side effect (the scanning) and the privacy issues had certainly been flagged within Google in regard to Street View -- but it seems they were not addressed.
"We are both shocked and surprised about what we have found out and we have given Google until tomorrow to come up with some answers."
Similar controversies over Google's scanning activities under Street View have erupted in other countries including the US, the UK, Spain and Italy.
Paul Hearns, editor of 'Computerscope' magazine, says a surprising number of Irish businesses still operate unsecured wifi.
"It is not uncommon in the current climate for someone to go down to the shop and buy a rooter, come back and install it and then fail to encrypt it or change the password access."
"In the case of Ireland and the UK, it appears that Google accessed unsecured wifi networks only. In these cases information which is commonly available to employees would have been available to be scanned such as contact lists, public folders, address books, customer and order lists, that sort of thing."