‘Mortified,’ is the expression coming from Google in their public acknowledgement of the excess of WiFi information collected by its globe trotting Street View cars.
Last Friday, Alan Eustace, senior vice president of engineering, posted a blog apologising for the emails, URLs and passwords that had been picked up, and he also explained that the ‘fragmentary’ data would be deleted ‘as soon as possible.’
Google have always said the data collection was a ‘mistake,’ somehow one engineer sidestepped project leaders and added the code to the cars. In May, Eustace, again in a blog, contradicted previous stories and finally revealed the (unsecured) data collection.
There have been investigations around the world, seven completed, and more pending – some concluding that Google have violated local laws.
The latest blog post explains Google’s new internal policies following the scandal. Alma Whitten, previously “our engineering lead on privacy for the last two years” is now director of privacy for engineering and product management. “Her focus will be to ensure that we build effective privacy controls into our products and internal practices.”
Privacy training is to be increased, with a “focus on the responsible collection, use and handling of data.” A new information security awareness program for all employees, and, also, engineering project leaders will document details that, “record how user data is handled and will be reviewed regularly by managers, as well as by an independent internal audit team.”
The deletions were put on hold (if not already completed) after complaints from an independent UK-based watchdog. Google is currently working with the authorities (presumably worldwide) to find the best way forward. Surely, the sooner they clear the slate the better.