[JURIST] Australian Privacy Commissioner Karen Curtis [official profile] on Friday concluded an investigation [press release] into Google’s collection and storage of private data [JURIST news archive] over unsecured wireless networks, determining that the company’s actions violated the Australia Privacy Act [government backgrounder]. Google [corporate website] confirmed in June that it had been inadvertently collecting and storing data obtained from streetscape pictures [press release] on unsecured wireless networks. In response to the investigation, Google has agreed to publish an apology on its official Australian blog [text], conduct a privacy impact assessment (PIA) on any new Street View data collection activities in Australia that include personal information and regularly consult with the privacy commissioner about personal data collection activities arising from significant product launches in Australia. Since the privacy commissioner initiated the investigation, sanctions cannot be issued against Google, but Curtis will continue to monitor Google’s activities and ensure compliance to the nation’s privacy laws. Google is also facing an ongoing investigation [JURIST report] by the Australian Federal Police (AFP) [official website] into possible breaches of the nation’s Telecommunications Interception Act [text], which prevents people from accessing electronic communications other than for authorized purposes. Google claims that the data collection was a mistake and was the result of the inclusion of an unintended piece of coding in the Street View software.
Several investigations have recently been launched into Google’s unencrypted data collections to determine whether the Internet giant’s practices have violated privacy laws. Last month, UK the Metropolitan Police [official website] initiated an investigation [JURIST report] in response to a complaint filed [JURIST reports] by Privacy International (PI) [advocacy website], which claims that the information gathered in an independent audit [text, PDF] published by Google earlier this month proves that company’s interception of unencrypted data was not inadvertent [JURIST report] and should lead to prosecution. Earlier that week Connecticut Attorney General Richard Blumenthal [official profile] announced that he will lead a multistate investigation [JURIST report] against Google and requested additional detailed information from the company on its data harvesting procedures. Additionally, Canada launched an investigation [JURIST report] in June to determine whether Google has violated the country’s Personal Information Protection and Electronic Documents Act [text, PDF], which applies to private organizations that collect, use or disclose personal information in the course of commercial activities. Belgium, the Czech Republic, France, Germany, Italy, Spain and Switzerland have also asked Google to retain data collected in those respective nations.
Opinions expressed in JURIST Commentary are the sole responsibility of the author and do not necessarily reflect the views of JURIST's editors, staff, donors or the University of Pittsburgh.