Google’s Street View goof sees biggest fine yet (but regulators wanted more)
Germany privacy regulators have fined Google €145,000 ($189,000) for its Street View cars inadvertently harvesting WiFi network data, in what was described as “one of the biggest data protection rules violations known.” The penalty is nearly the biggest amount permitted for negligent data rule contravention in Germany, and comfortably exceeds a €100,000 fine imposed in France two years ago. However, if regulators had their way [pdf link], Germany’s Data Protection and Freedom of Information commission says, Google would be fined far more.
The decision by German regulators to punish Google’s inadvertent data-gathering is the latest in a string of fines the search giant has been hit with. Between 2008 and 2010, the company admitted, its fleet of camera-toting Street View cars accidentally collected and stored wireless network information including emails, passwords, photos, and more.
Google maintains that it was an accidental goof, with global privacy counsel Peter Fleischer saying that the collection was not intended, that the data was unwanted, and that the Street View team did not look through it. However, privacy groups in Europe decided to re-open their investigations last year, after it was revealed that the engineer responsible for programming the systems knew what would be collected.
According to Hamburg data regulator Johannes Caspar, “internal control mechanisms must have severely failed” and made Google’s actions, in his view, one of the largest violations to-date. In fact, he argues that current limits on data protection failures should be considerably higher. “As long as violations of data protection laws are punishable by discount rates, the enforcement of data protection laws in a digital world with its high potential for abuse will be all but impossible” Caspar suggests.
New regulations could make the sting far greater in the future, however. One possibility being discussed by European policy makers is that the maximum should be based on a company’s total annual turnover, with calls for a 2-percent cap. Based on Google’s 2012 total revenues of more than $50bn, that could have meant a potential fine of one billion dollars, had the search giant been penalized under the proposed limits.
Google maintains that it was an accidental goof, with global privacy counsel Peter Fleischer saying that the collection was not intended, that the data was unwanted, and that the Street View team did not look through it. However, privacy groups in Europe decided to re-open their investigations last year, after it was revealed that the engineer responsible for programming the systems knew what would be collected.
According to Hamburg data regulator Johannes Caspar, “internal control mechanisms must have severely failed” and made Google’s actions, in his view, one of the largest violations to-date. In fact, he argues that current limits on data protection failures should be considerably higher. “As long as violations of data protection laws are punishable by discount rates, the enforcement of data protection laws in a digital world with its high potential for abuse will be all but impossible” Caspar suggests.
New regulations could make the sting far greater in the future, however. One possibility being discussed by European policy makers is that the maximum should be based on a company’s total annual turnover, with calls for a 2-percent cap. Based on Google’s 2012 total revenues of more than $50bn, that could have meant a potential fine of one billion dollars, had the search giant been penalized under the proposed limits.
Report by :
Chris Davies
0 comments:
Post a Comment