Several Employees Knew About the Google Street View WiFi Public Data Snooping
The full FCC report shows that several people were aware or should have been aware of it
Google's WiFi snooping scandal, if you can call it that, doesn't want to go away. Though the whole thing was revealed some two years ago, Google is still dealing with criticism, though it seems, at least in part, rightfully so.The FCC concluded its investigation over the matter, the last government agency to look into the issue. It found that Google broke no laws via its actions, but it did fine the company $25,000 for interfering with the investigation, since the company refused to provide some information.
Still, you'd think that would be that, but the FCC report has now surfaced in its entirety, with only the names of the people involved redacted. Google itself released the document after the FCC concluded its investigation.
The document seems to back up Google's story, that a sole engineer was responsible for the mishap, but it also seems to deny it, depending on how you choose to view it.
The report shows that a single engineer, whose name was not unveiled, not even to the authorities, Google says that he invoked his 5th Amendment right, wrote the code that captured WiFi communications over open channels, i.e. from WiFi networks that did not use passwords, therefore no encryption.
That data is easily accessible to anyone willing to build tools to receive and capture it.
This happened in 2006, way before StreetView was rolled out. This corroborates the idea that the code was part of an experimental project, as Google said initially. However, the code ended up being used in Street View.
A document revealing that the code collected payload data from WiFi networks was forwarded to the Street View team. However, most of the people interviewed by the FCC said they had no recollection of the document. One said he did remember it, but not the part about gathering public data.
A senior manager at the company said he approved the document without actually reading it. The entire code was reviewed by one engineer, but it was a quality review and he says he did not realize the code would collect public data.
Still, one email suggests that at least one senior manager of the Street View project talked to the engineer who wrote the code about the payload data. The engineer also intended to have his work reviewed for "privacy considerations," but that never happened.
Even with all of this, the FCC found that Google broke no law. And the document, along with everything that came before it, suggests that Google did not have any evil motivation or even any motivation to collect that data.
Evil it may not be, but there is some level of incompetence in all of this, Google seems like a company that didn't really know what it was doing and where people weren't really sure what everyone else is doing and why.
Still, all of this dates back six years ago, after it revealed the WiFi mishap, Google implemented a more thorough and obligatory privacy review of all of its products and stricter internal policies.