[JURIST] The French National Commission of Information Technology and Liberty (CNIL) [official website, in French] fined Google [corporate website] 100,000 euros (USD $141,300) on Monday for violating French data privacy laws [press release, in French] by capturing personal data through Google Street View cars, used for its Google Maps service. CNIL stated that Google was not responding to requests in a timely manner and has not stopped using the seized data. Google admitted [blog post] to the collection of e-mails, passwords and other data over unsecured WiFi networks, but maintained that it was a mistake and that it did not intend to include the code which captured payload data from unsecured WiFi networks. In response to the controversy, Google grounded its Street View cars. The company claims that it is currently seeking assistance in deleting the data, but CNIL found that the data collection was continuing through Google’s geolocation service Latitude.
In November, the UK Information Commissioner’s Office [official website] found that Google had committed a “significant breach” [JURIST report] of the Data Protection Act [text] and required that Google delete the payload data it collected in the UK and implement employee training on privacy principles, security awareness and the Data Protection Act. Other countries, including Canada, Australia and Spain [JURIST reports], have launched similar investigations into the privacy breach. The US Federal Trade Commission (FTC) [official website] ended its inquiry [JURIST report] into Google’s data collection through Street View cars after Google assured the FTC that it did not use any of the collected data and announced that it was committed to compliance with privacy laws [text], instituting new training on privacy principles and appointing a new director of privacy.