Privacy regulators in Germany have fined Google for illegally recording signals from Wifi networks while it was taking photographs for its Street View service.
Google's roving Street View vans picked up large amounts of personal data such as e-mails, passwords, photos and online chat protocols, said the commissioner for data protection and freedom of information in Hamburg city state, Johannes Caspar.
Caspar fined Google 145,000 euros ($189,700), close to the maximum of 150,000 euros allowed under his mandate but a drop in the ocean for the top search engine provider, which has a stock market value of around $260 billion.
"Cases like this make it clear that the sanctions provided for by the Federal Data Protection Act are totally inadequate for the punishment of such serious breaches of data protection," the commissioner said in a statement.
Google said it would not appeal the fine.
The history of the Nazi Gestapo and East Germany's Stasi secret police has left many Germans especially wary of invasions of privacy.
Google said it received more than 244,000 requests two years ago for it to delete their homes from Street View, which allows users to take virtual "walks" along streets using their computers.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Caspar said Google had confirmed that from 2008 until 2010 it not only took pictures of houses for Street View but also scanned wireless networks within range and stored the data.
Google has deleted the data it collected, the regulator said in its statement.
"This is one of the most serious cases of violation of data protection regulations that have come to light so far," Caspar said.
He said Google had told him it had never intended to store personal data.
"But the fact that this nevertheless happened over such a long period of time, and to the wide extent we have established, allows for only one conclusion: that the company's internal control mechanisms failed seriously," said Caspar.
Google's global privacy counsel, Peter Fleischer, said in a statement that the project leaders never wanted the collected data, that they did not use it or even look at it.
"We work hard to get privacy right at Google," he said. "But in this case we didn't, which is why we quickly tightened up our systems to address the issue."
Last year, Caspar investigated Facebook's policies on retaining and deleting data and the level of control users have over their information. The probe was closed this year after Facebook changed its policies.
ITPro is a global business technology website providing the latest news, analysis, and business insight for IT decision-makers. Whether it's cyber security, cloud computing, IT infrastructure, or business strategy, we aim to equip leaders with the data they need to make informed IT investments.
For regular updates delivered to your inbox and social feeds, be sure to sign up to our daily newsletter and follow on us LinkedIn and Twitter.