Troubling Finds in South Korean Police Investigation of Google Street View WiFi Data

  A Google Street View car
Google's Street View WiFi fiasco continues as police authorities in South Korea found that the company broke telecommunication laws in the country. The investigation is not over and it is unclear if there are plans to prosecute the company or any of its employees.

Google's Street View WiFi fiasco continues as police authorities in South Korea found that the company broke telecommunication laws in the country. The investigation is not over and it is unclear if there are plans to prosecute the company or any of its employees.

The South Korean police raided Google offices in the country, a few months after the company revealed that it had collected payload data with its Street View cars.

The police confiscated tens of hard drives from the local headquarters. Analysis of the hard drives, apparently, showed that Google collected private data such as emails or chats while roaming South Korean streets.

This is in line with the findings of several other investigations and Google admitted as much a few months ago.

The South Korean Cyber Terror Response Center, which handled the investigation said it analyzed the contents of 79 hard drives and is working on an additional 145 which were received at a later date having already left the country.

Apparently, the data from the drives seized so far revealed that Google collected all manner of private information. It's unclear though what exactly was the data doing on those drives in the first place.

One explanation is that the drives come directly from the Street View cars, but even so, there shouldn't have been any sort of WiFi data on those drives by the time the South Korean police seized them.

Google initially said that the data collected from all over the world was transferred to a few hard drives at its main headquarters in the US and that it was not accessible in any way to employees or available over the network infrastructure.

Several officials from countries investigating the matter had access to the data and concluded that there were emails, passwords and other sensitive data among it.

However, there were not supposed to be any other copies by the time the South Korean police raided Google's offices. The Street View cars had been grounded and their drives, which collected the data while driving, removed.

According to reports, the police had to break the encryption on the hard drives, which took several months, after which the incriminating data was found. What's more, the Korean authorities claimed that they were the first to find evidence of this kind of data.

But the fact that Google did collect private data and not just snippets, as it first indicated, has been known for months and was first uncovered by the French authorities.

Since then, Google also said that, based on those investigations, it was apparent that complete pieces of private data were stored. Google has claimed that only a couple of its employees ever accessed any of the payload data and it never did a full review of what it had collected.

Responding to the latest report from the South Korean police, Google only provided the boilerplate response, that it has been cooperating fully with the authorities.

"As soon as we realized what had happened, we stopped collecting all Wi-Fi data from our Street View cars and immediately informed the authorities," a Google Korea spokesperson said.

"We have been cooperating with the Korean Communications Commission and the police, and will continue to do so," the spokesperson added.

But if this is really the case, why did the authorities need to break the encryption in the first place and why didn't Google provide the keys? What's more, Google allowed authorities access to the data in some countries and, according to the police, it voluntarily provided some 145 hard drives.

We should know more once the South Korean investigation is concluded, but, for now, the reports are rather conflicting.

Comments