Alan Eustace, senior vice president of engineering and research at Google, explained in a blog post that, while Google routinely collects wireless information such as network names, it has also been collecting payload data from open Wi-Fi points for the past four years.
"So how did this happen? Quite simply, it was a mistake. In 2006 an engineer working on an experimental Wi-Fi project wrote a piece of code that sampled all categories of publicly broadcast Wi-Fi data," he said. "A year later, when our mobile team started a project to collect basic Wi-Fi network data like SSID information and MAC addresses using Street View cars, they included that code in their software, although the project leaders did not want, and had no intention of using, payload data."
Eustace said that Google has shut down the Street View fleet until the company is sure that the software has been removed, and will bring in an independent third party to verify that the code has been expunged and fully deleted.
However, privacy watchdogs and consumer groups have pounced on the news as yet another example of Google's demonstrating a lack of concern for privacy.
"Google's computer engineers run amok, push the envelope and gather whatever data they can until their fingers are caught in the cookie jar," said John Simpson, consumer advocate with the Consumer Watchdog group. "Then a Google executive apologises, mouthing bafflegab about how privacy matters to the company."
Simpson added that Google's plan to have an unnamed third party study what went wrong, and to check that the improperly gathered private data has been eliminated, is inadequate. "That's like getting to pick the referees in a championship football game," he said.