Google came clean on its blog yesterday and admitted to accidentally collecting personal data while canvassing positioning data during Street View sweeps. The potentially damaging revelation came after the data protection authority (DPA) in Hamburg, Germany requested Google’s Street view data due to privacy concerns. An internal review of the collected data revealed that the software Google was using to compile and map SSID’s was also recording a portion of the of data that was being transmitted from those same Wi-Fi routers.
For those that unaware of the practice, Google Street View and other companies that provide Wi-Fi-based Location based services will travel around cities and towns collecting publicly broadcast SSID information. These SSIDs are then stored in a database with their associated GPS co-ordinates. This SSID-GPS information is then used in Wi-Fi triangulation. To slightly assuage fears of a widespread privacy breach, Google confirmed that the flaw only recorded personal data from open, non-password protected WiFi routers. Regardless of the extent of the breach, this could potentially explode in the face of Google and other similar mapping companies that collect public information from personal Wi-Fi routers.