The British government's data-protection agency yesterday cleared Google of collecting "meaningful personal details" during the company's Street View wireless data breach earlier this year.
The Information Commissioner's Office (ICO) concluded Google's cars gathered only fragments and that this information could not be linked to identifiable individuals. In May, Google told Congress that, while its Street View cars collected publicly broadcast Wi-Fi network names and MAC addresses from Wi-Fi routers as the vehicles drove about taking photographs, they did not gather payload data and the information was collected by mistake.
"The information we saw does not include meaningful personal details that could be linked to an identifiable person," the ICO said in a statement. "There is also no evidence as yet that the data captured by Google has caused or could cause any individual detriment. Nevertheless, it was wrong to collect the information."
Google apologized after the breach was discovered.
"We welcome the news that the data protection authorities in the U.K. have found that the payload data contained no meaningful personal information," a Google spokesperson said in a statement. "As we said when we announced our mistake, we did not want and have never used any payload data in our products or services."
The British report likely will not affect investigations currently underway in Germany, the United States, France, and elsewhere.
"As we have only seen samples of the records collected in the U.K., we recognize that other data protection authorities conducting a detailed analysis of all the payload data collected in their jurisdictions may nevertheless find samples of information which can be linked to identifiable individuals," Britain's ICO said. "We will be alerting Privacy International and others who have complained to us of our position. The Information Commissioner is taking a responsible and proportionate approach to this case. However, we remain vigilant and will be reviewing any relevant findings and evidence from our international counterparts' investigations."
In June, Connecticut attorney general Richard Blumenthal kicked-off an investigation into Google on behalf of several states. More than 30 states participated in a conference call, although it was unclear how many were actually involved in the inquiry.
"My office will lead a multistate investigation -- expected to involve a significant number of states -- into Google's deeply disturbing invasion of personal privacy," Blumenthal said in a statement at the time. "Street View cannot mean Complete View -- invading home and business computer networks and vacuuming up personal information and communications."
Earlier that month, the French National Commission on Computing and Liberty (CNIL) released the findings of its Google Street View investigation which found that Google had captured e-mail account passwords as it grabbed data from unprotected Wi-Fi networks. However, Google said it had not captured any e-mail content.