U.S. Reps. John Barrow, GA-12, and Mike Rogers, MI-08, have sent a letter to the Federal Communications Commission (FCC) seeking a full investigation into Google's unauthorized collection of private consumer Wi-Fi communications through its Street View mapping program.
"After almost nine months since Google first admitted to collecting this data," the letter states, "we still don't have answers as to how this security breach was allowed to take place and how many Americans were affected, let alone a credible assurance that it won't happen again."
Google announced last May that the vehicles used to collect visual data for its Street View mapping program had gathered private communications from unsecured consumer Wi-Fi networks over a three year period.
Since then, investigations by officials overseas have revealed that these captured communications included hundreds of thousands of emails, email addresses, instant messages, URLs, usernames and passwords, names, residential telephone numbers and addresses, and in one case a list of the names of people suffering from certain medical conditions, along with their telephone numbers and addresses.
"As more and more personal information winds up on the Internet, we need to make sure that private data is as safe and secure as possible," said Congressman Barrow. "That means ensuring that the companies handling this information are responsible and accountable, and Google owes the folks who use their service an explanation of how this security breach was allowed to take place and what steps they are taking to ensure something like this never happens again."
"Google has played an enormous role in advancing the Internet as we know it today, but Americans have a right to know the relative facts of Google's Wi-Fi data collection activity known to U.S. consumers, regardless of whether the FCC finds a technical violation of the law," Congressman Rogers said. "Earlier letters and investigations have not resulted in any action, leaving American consumers with little information about Google's conduct."
February 14, 2011
Chairman Julius Genachowski
Federal Communications Commission
445 12th Street, SW
Washington, D.C. 20554
Dear Chairman Genachowski:
We write regarding the Federal Communication Commission's investigation into Google's collection of sensitive consumer data. Google has admitted on several occasions that it captured and stored email communications and passwords, while it was collecting 360-degree panoramic photographs for its Street View Service.
In May, Members of the Energy and Commerce Committee wrote to Federal Trade Commission (FTC) Chairman Liebowitz and also to Google's CEO Eric Schmidt, in an effort to obtain answers as to how this data breach occurred, who had access to the data, how many consumers might have been affected and among other things, what types of data were collected.
The FTC dropped its investigation in October 2010, without providing answers to these serious questions. We also understand that Google has refused to turn over the data it collected from consumers to State Attorneys General investigating the breach, prompting at least one State Attorney General to begin settlement discussions without having reviewed key information necessary to determine how many consumers may have been affected.
Consequently, nine months after Google first admitted to collecting this data, we still don't have answers as to how this privacy breach was allowed to take place and how many Americans were affected, let alone a credible assurance that it will not happen again. The lack of progress in this investigation is concerning, particularly in light of the progress made by authorities in other countries, such as South Korea, a country one-sixth the size of the U.S., where investigators have been able to review the data captures and identify hundreds of thousands of affected consumers.
A serious inquiry into this matter requires hearing from the engineer that Google claims is responsible for the data collecting activity. Google's Street View vehicles captured and stored over 600 gigabytes of data. It is difficult to understand how just one individual could have been responsible for a data collecting operation of this scale.
These and other questions warrant serious attention. We therefore urge the Commission to conduct a full investigation and to get the facts out to American consumers, whether it finds a technical violation of the law or not. We also invite the Commission to suggest whether legislation action is necessary to enable it to act appropriately in the future.
Thank you for your attention to this matter. We look forward to your response.