The Hamburg Commissioner for Data Protection and Freedom of Information has issued a fine of €145,000 to Google for illegally accessing and recording data from unencrypted Wi-Fi networks. Regulators called the company’s acts “one of the most serious cases of violation of data protection” in German history. It was discovered that between 2008 and 2010, Google accessed insecure Wi-Fi networks with its Street View vehicles and illegally downloaded large quantities of personal data including emails, passwords and photos. The company has admitted wrongdoing and has since deleted the data from its servers. Regulators still aren’t satisfied, however.
Despite such a serious violation, the fine of €145,000, or roughly $189,000, isn’t going to break the bank for Google and represents less than 0.005% of the company’s $3.90 billion profit in its most recently reported quarter. Commissioner Johannes Caspar has voiced his concern about the current state of fines relating to data rule violation, which only carry a maximum of €150,000.
“As long as violations of data protection laws are punishable by discount rates, the enforcement of data protection laws in a digital world with its high potential for abuse will be all but impossible,” he said. “The regulation currently being discussed in the context of the future European General Data Protection Regulation, whereby a maximum fine of 2% of a company’s annual turnover is provided for, would, on the other hand, enable violations of data protection laws to be punished in a manner that would be felt economically.”