Australian Privacy Commissioner, Karen Curtis, found that Google has breached the country’s privacy act when it collected unsecured Wi-Fi data using its Street View vehicles.”Collecting personal information in these circumstances is a very serious matter. Australians should reasonably expect that private communications remain private,” said Curtis.
“In response to our investigation, Google has provided me with written undertakings that it will: Publish an apology to Australians in Google’s official Australian blog (www.google-au.blogspot.com) for its collection of unsecured WiFi ‘payload’ data; Undertake to conduct a Privacy Impact Assessment (PIA) on any new Street View data collection activities in Australia that include personal information; Provide a copy of these PIAs to my Office; and regularly consult with the Australian Privacy Commissioner about personal data collection activities arising from significant product launches in Australia.”
“These steps will ensure Google’s future products have privacy protections built in rather than bolted on. Google’s undertakings will last for three years. These undertakings will be reviewed following any reforms to the Privacy Act,” added Curtis.
“Under the current Privacy Act, I am unable to impose a sanction on an organisation when I have initiated the investigation. My role is to work with the organisation to ensure ongoing compliance and best privacy practice.”
“Other privacy authorities and law enforcement agencies may still be investigating the collection of WiFi ‘payload’ data by Google. In view of those ongoing investigations I do not propose to comment in more detail,” continued Curtis.
“I would like to thank my international counterparts in New Zealand, Canada and Hong Kong, who worked with my Office in examining this matter. I also acknowledge the cooperation offered by Google throughout my investigation,” concluded Curtis.