Raleigh, N.C. — Google won't collect unauthorized data from unsecured wireless networks while taking photographs for its Street View service and will destroy data already collected, according to an agreement with 39 states, North Carolina Attorney General Roy Cooper said Tuesday.
Google Street View is an online service that provides street-level photos of locations around the world. The images are photographed by cars that travel on public streets.
Between 2008 and March 2010, cars taking Street View photographs were equipped with antennae and software that Google acknowledged collected network identification information for use in future geo-location services. Google also collected and stored data frames and other “payload data” being transmitted over those unsecured business and personal wireless networks without authorization.
“In an age where more information than ever before is available at our fingertips, companies have got to take protecting personal privacy more seriously,” Cooper said in a statement. “Just because it’s technologically possible to gather certain data doesn’t make it right.”
Under terms of the agreement, the unauthorized data collected will be destroyed. Google also agreed that the payload data hasn't been and won't be used in any product or service or disclosed to a third party.
Google will also pay $7 million to the states, including $151,024.02 to North Carolina.
While Google represented it was unaware the payload data was being collected, the agreement it signed with the states Tuesday acknowledges the information may have included URLs of requested web pages, partial or complete email communications and any confidential or private information being transmitted to or from the network user while the Street View cars were driving by.
Google has since disabled or removed the equipment and software used to collect the payload data from its Street View vehicles and agreed not to collect any additional information without notice and consent.
Other key elements of the agreement require Google to run an employee training program about privacy and confidentiality of user data for at least 10 years. It must also conduct a public service advertising campaign to help educate consumers about steps they can take to better secure their personal information while using wireless networks.