“On the information available I am satisfied that any collection of personal information would have breached the Australian Privacy Act.”
However, under the current Privacy Act, the Privacy Commissioner is unable to impose a sanction on an organisation where she has initiated the investigation.
Instead, the commissioner will accept an apology posted on the official Australian Google blog.
That doesn’t mean Google gets off scot free. The Australian Federal Police are still investigating the alleged privacy breaches and while Australian Privacy laws differ from those in many other international jurisidctions, there is now a precedent of an official government investigation confirming Google was in the wrong that the judiciary in those other jurisidictions can look to.
In making the findings from investigation public, Curtis said:
“Collecting personal information in these circumstances is a very serious matter. Australians should reasonably expect that private communications remain private.
“In response to our investigation, Google has provided me with written undertakings that it will:
- Publish an apology to Australians in Google’s official Australian blog (www.google-au.blogspot.com) for its collection of unsecured WiFi ‘payload’ data.
- Undertake to conduct a Privacy Impact Assessment (PIA) on any new Street View data collection activities in Australia that include personal information.
- Provide a copy of these PIAs to my Office.
- Regularly consult with the Australian Privacy Commissioner about personal data collection activities arising from significant product launches in Australia.
In his apology, Alan Eustace, Senior VP, Engineering & Research said:
“We want to reiterate to Australians that this was a mistake for which we are sincerely sorry. Maintaining people’s trust is crucial to everything we do and we have to earn that trust every single day. We are acutely aware that we failed badly here.”