Google tries to explain Street View 'mistake'

"I think it's in Google’s interest to help people find and manage the information they want to find and manage and to do it in a way that continues to respect people's expectations of trust and privacy and security," says Peter Fleisher, Google Global Privacy Counsel. "The idea that the goal is somehow to always expand the information, to always do those things and disregard users privacy, is completely wrong."

Fleisher is forced to defend Google's reputation on privacy which has been left in tatters in the wake of the Street View Wi-fi data snooping fiasco.

Speaking here in Jerusalem yesterday at an OECD conference on the evolving role of individual privacy, Fleisher insists that invading individuals' privacy makes no commercial sense. "We operate in an environment that has to assume user trust, or they'll stop using your services," he said - assuming you get caught, of course.

Fleisher insists that the Street View fiasco in which Google somehow collected hundreds -if not thousands - of Gigabytes of personal data from unsecured wireless networks around the globe using its Street View vehicles was a "mistake".

Referring to a recent blog post, Fleisher said: "We wanted this to be transparent as we have all along in this mistake. When we first discovered that the Street View cars that were collecting Wi-fi addresses for geo-location purposes - which is the legitimate purpose that we strongly believe in - were also outfitted to collect fragmentary payload data - I say fragmentary because the cars were on the move and constantly changing wi-fi channels - we posted on the blog right away and told the world about it. We said we'd done an internal audit and this is what we found. It was a mistake... we we're mortified."

When we challenged Fleisher over Google's openness suggesting that the firm had originally said there was no chance of any payload data being collected by the Street View cars, Fleisher was adamant. "We never said that," he said. "We've been very clear."

However, in our view the firm has been less than clear. In fact, Google originally said in an official blog post that, although "Google did collect publicly broadcast SSID information (the wireless network name) and MAC addresses (the unique number given to a device like a router) using Street View cars, we did not collect payload data (information sent over the network)." That post has since been mysteriously deleted.

Somewhat later - on June 9th - the outfit confirmed that it had in fact collected payload data. However, it seems that Eric Schmidt already had an inkling that this might be that case, as he said on June 3rd that Google's Street View cars may have collected such personal data as bank account details.

This came after Google initially refused to hand over the information it had collected to German data protection officials in Hamburg who had demanded to see what the Street View cars were really up to.

We asked Fleisher how it is possible that Google managed to collect and store some 800GB of data it didn't know it was collecting and storing.

"We are a large organisation," he said. "We have 20,000 employees. The software was written by one person and the software code was written by one engineer as part of what we call a 20 per cent project and then it got picked up and the code got re-used as part of a broader and different project, namely Street View.

"And because the fragmentary payload data was only a tiny percentage of the whole data - these cars are going up streets taking pictures of the houses and all - and because it was always in machine-readable format only - so if anybody looked at it they wouldn't know what it was and because the broader team had no idea that this was were being done. Because of all these things nobody knew it was there - other than the original source of this.

"So the question of, can you ensure that in an organisation of 20,000 people someone doesn't make a mistake now, right? You can never ensure it. You can minimise the the odds of something like that happening again."

Google's Deputy General Counsel Nicole Wong chipped in: "The code was used together with a commercially-available radio antenna that changes channels five times per second. If you actually wanted to surveil someone's home and the data coming out of it, this is not the way you would choose to do it. this is probably the most ineffective way of trying to do something like that."

Google had earlier said it had launched an investigation into work of the engineer, responsible for writing the code in the first place. Wong refused to comment on what the result of the investigation was, insisting that it was a private matter.

And privacy is obviously paramount for Google.