Google has started transferring the Street View Wi-Fi personal data it says it has mistakenly collected from open wireless networks. France says it’s the first country to receive the data and it has been investigating it for almost two weeks now. The French National Commission on Computing and Liberty (CNIL) says it has already discovered email fragments and passwords in the data it has examined so far.
The French data protection agency has been investigating the data it received on two hard drives and over a secure link to Google’s servers. The agency says it will take a while before it can go though all of it, but expects that, by September, it will be able to reach a conclusion on whether to seek charges in the case.
CNIL has said in its annual report that there are fragments of emails and even passwords in the data Google collected. It’s unclear as to what those passwords are from. The vast majority of websites and services that require a password as part of the login process do this over an encrypted connection. Google’s Street View cars didn’t collect any encrypted traffic and it would have been almost impossible to decode it even if it had.
It’s also telling that CNIL says it found only fragments of emails as it is in line with what Google has said so far. Considering the amount of data Google has collected over three years and from 30 countries, it is to be expected to contain some sensitive information even if, generally, the fragments it collected were small enough to be inconsequential.
Germany and Spain are said to have also requested the data for their countries, but France was the first to receive it. It’s unclear if the two countries have managed to get the data after June 4th, when it was handed over to France.
Previous coverage of the Google Wi-Fi Data Collection blunder: