Google Street View WiFi: Inadvertent Over-Collection of Data

Google’s Street View uses information gathered by specially outfitted cars to produce extremely detailed maps of city streets around the world. Along with street photography tied to GPS tracked data, the Google Street View cars were also recording WiFi signals. The growing database of the location of the world’s wireless networks aided mobile phones in determining their position faster than a GPS satellite fix alone could provide.

However, the Street View cars were not just mapping out the location of the WiFi networks but actually recording and storing snippets of network traffic. Any time the WiFi antennas on the Street View cars picked up unsecured WiFi traffic, individual 802.11x Ethernet frames were captured. These recorded frames included not just the headers that specified the name or SSID of the network (which was all the information Google needed to map the network), but also the full contents of that frame, meaning any and all data being transmitted. Depending on how the users accessed the Internet, this may have included things like passwords and full email messages.

Google became aware ...