back to article German watchdog whacks Google with PIDDLING FINE over Street View slurp

Google has been fined just €145,000 for the unauthorised, "negligent" slurp of payload data its fleet of Street View cars captured from unencrypted Wi-Fi networks in Hamburg, Germany. Regulatory offence proceedings were undertaken by the Hamburg data watchdog in November last year leading to a penalty being imposed on the ad …


This topic is closed for new posts.
  1. Ragarath

    They would be silly to do so.

    [i]Google said it would not dispute the fine.[/i]

    We did wrong, we know it, you can't touch us with these piddly fines. So yes of course we will not dispute it!

    With fines like these do you really think the data slurp was an accident?

    1. LarsG


      Must be smiling....

      The stuffed brown envelope must have been quite thick.

    2. James Hughes 1

      Re: They would be silly to do so.

      Yes, I do think it was an accident. Irrespective of the of the level of the fine.

  2. Anonymous Coward
    Anonymous Coward

    Federal trick missed

    No doubt there are good reasons why not, but shame they couldn't have been fined on a per Lander basis

    1. James 51

      Re: Federal trick missed

      When prosecutors do this in the US we cry foul about overreach. It would be double standards to ask for that here. Though one fine for every trip would seem a reasonable compromise.

    2. Radbruch1929

      Re: Federal trick missed

      @AC: Google Germany GmbH is registered in Hamburg. Therefore, Hamburg's ICO seems to have had jurisdiction.

      @James 51: A fine per trip was probably impossible as Hamburg's ICO investigated the case under negligence law. A mens rea offence would have been prosecuted by the prosecutor (who investigated but decided there was no case) and would have resulted in criminal liability. German negligence law usually requires several acts (such as several trips) to be tried as one case if the negligence that is the root cause had occured only once but permeated the other acts.

      The press release (pdf) is here:

  3. EddieD


    Slice by slice the companies pare away our protections, safe in the knowledge that when they breach the law, the fines that are imposed are not, by the size of the revenues of the company profits, in any way punitive.

  4. Longrod_von_Hugendong

    Moral of the story...

    Lock down your WiFi. I have no sympathy for idiots - and in this day and age ignorance is no excuse. Just try something with the revenue and customs, and use that excuse, see how far it gets you.

    As for the fine - its pathetic, why even bother. Well i do really know, large fines would put off companies from being in the country, so we can put up with some stuff for the money they bring into the country.

    1. Cliff

      Re: Moral of the story...

      Is locking down wifi really the issue? It's not like the car was wardialing AP's to try to use your piddly domestic bandwidth because Google can't afford their own.

    2. James 51

      Re: Moral of the story...

      If your modem and wifi enabled router are provided by your provider and by contract are not allowed to replace them, that's not an option.

    3. Raz

      Re: Moral of the story... @Longrod_von_Hugendong

      Do you believe Google and others like it bring money to Germany? Think again...

    4. petur

      Re: Moral of the story...

      Here in Belgium you get fined for leaving your car unlocked; if your home gets broken into because there was an upstairs window open AND there was a ladder left within reach, you get a 'told you so'...

      Leaving your network unprotected really is a stupid thing to do.

      1. Anonymous Coward
        Anonymous Coward

        Re: Moral of the story...

        Do women get blame if they get raped then?

    5. blcollier

      Re: Moral of the story...

      Agreed 100%; I'd agree 200%, if that wasn't such bad mathematics... Even routers supplied by ISPs are usually supplied with encryption already applied these days. That might not stop someone trying to defeat that encryption (they won't have to do much work - can you spell "database of default passwords"?) but it certainly would have stopped Google's accidental drive-by slurping. And if you're using a public or unencrypted WiFi hotspot then you should be well aware of the security risks involved - even *Windows* warns you about unencrypted networks, ffs...

      The fine is somewhat toothless, but I have utterly no sympathy for anyone who had sensitive data collected.

      @James 51

      Your provider gives you a WiFi router that doesn't let you add encryption? Man, I'd hate to sign up with those guys... Even Virgin's SuperSh*teHub - the biggest pile of dog turd masquerading as a router I've ever seen - lets you add WPA2 encryption.


      You're comparing accidental data collection to rape? Really? That's the stupidest thing I've ever read, and I read YouTube comments.

      I urge you all to downvote this retard as hard as you can.

      1. James 51

        Re: Moral of the story...

        My rotuer does have encryption turned on by default but I can't alter the secuirty settings or update the firmware. If those standards are found to have a flaw or more powerful CPUs and new hash tables make brute force attacks less unweildly I am not as protected as I should be. There is also a story on another el reg story a while ago about someone who put every security measure they could think of on their wi-fi router and had the SSID of Try to hack me. In the morning when he work up the SSID had been changed to challenge accepted. I don't know if that's true or not but it's still an interesting story.

  5. Anonymous Coward
    Anonymous Coward

    German Watchdog Whacks Google

    In all these "privacy" discussions, why do UNREGULATED data aggregators (Choicepoint, Axciom) never get a mention? These companies house billions of records about individuals......and they have no responsibility at all to let anyone see if what they record is accurate. These are the companies who control the market for personal background checks.

    They are used by businesses, state and federal govenment.....and they never appear on the radar. Go figure.

    1. Dan Paul

      Re: German Watchdog Whacks Google

      I completely agree, upvote you and while we are at it; what about the credit rating agencies (Equifax, Experian, Transunion Etc) who have way more influence on our daily lives, have EVERY POSSIBLE piece of data available on you and are COMPLETLY UNREGULATED!

      1. Anonymous Coward
        Anonymous Coward

        Re: German Watchdog Whacks Google

        @Dan Paul

        doesn't the Fair and Accurate Credit Transactions Act of 2003 count?

        or Section 7 of the Data Protection Act 1998

        1. Anonymous Coward
          Anonymous Coward

          Re: German Watchdog Whacks Google

          So.....the Fair and Accurate Credit Transactions Act is about credit reporting IN THE USA. Choicepoint and Axciom are collecting and consolidating information from county property tax records, white pages and a million and one other sources....most of which have nothing to do with credit.

          The Data Protection Act 1998 IS UK LAW. Choicepoint and Axciom are US companies.

          ....what other laws might be more relevant?

  6. RISC OS

    145,000... looks like the googleplex will have to do without a snackbox for a week.

  7. RISC OS

    Google said it would not dispute the fine...

    ... beacause paying their lawyers to appeal would cost them more.

    1. Anonymous Coward
      Anonymous Coward

      Re: Google said it would not dispute the fine...

      .. because they were barely able to contain their laughter.

      And then people wonder why personal privacy has gone to hell. Personally, I would have looked at a route where I could levy that fine per instance.

      Having said that, those proposed changes in EU level fines explain why Google is lobbying like crazy in Brussels right now.

  8. Anonymous Coward
    Anonymous Coward

    our data

    We accept willingly in our society that people do harm to us and our brothers in the next street, village and town, yet any of these fines go into the coffers of the state to be pissed away on some fuel for a jet in Iraq or for a bacon sandwich at a government meeting.

    Data breach court cases should be like a class action suit in the US where every single person who's data was breached MUST be compensated individually and perhaps in person by the CEO of the company.

    The shear cost in administering this (and it should be fairly feasible) would be a deterrent.

    1. Gob Smacked

      Re: our data

      Ah, so that must be that $7 million Google had to cough up in the US ?

    2. Dan Paul

      Re: our data ( is not ours and hasn't been for a long time)

      First, there are almost no successful class action suits in the USA, AND if you used Google for any reason, you already gave away all your rights just by using their "services, products etc". In that case, Google could argue that there was no legal infraction as the individual uses Gmail or Android and had to allow them access to their personal data.

      This is true here in the USA and in the EU. So they "slurped" your data.... I rather have Google do that than someone wardriving my neighborhood.

    3. petur

      Re: our data (@jeremy 3)

      Class action eh? Please provide a bill to sum up your damages... Good luck.

      What happened is they logged too much data, found out about it themselves, reported this to the authorities themselves and offered to wipe all data immediately unless investigators wanted to have a look at it.

      Nothing happened to 'your data' - the mere seconds of data would have been unusable even if they would have done this on purpose - so I can't imagine anyone have suffered from what happened.

      Yes they should get fined for carelessness, which is exactly what's happening.

    4. tom dial Silver badge

      Re: our data

      Typically, the only real winners in U. S. class action lawsuits are the opposing attorneys. The individual members of the plaintiff class tend to be rewarded with coupons or amounts of money that barely buy a breakfast in a greasy spoon. How desirable is that, really? In the case of the class affected by Google's data snatch it is doubtful if any member was damaged in a measurable way, and they gave away the data anyhow. Some did so because they were too ignorant to prevent it. Others simply do not care. I have an acquaintance who offers an open "guest" SSID and also continues to run his main wifi without encryption.

  9. SteveK


    So, this was just Hamburg? By accepting the fine surely that's setting a dangerous precedent now for every other town and city in Europe to fine them a similar amount? It may be small, but scaled up to those numbers could still be quite costly.

  10. Serge 2

    That fine should have a few more zeros and be across whole Europe. Then on to credit rating cretins.

  11. Pascal Monett Silver badge

    So, if I understand correctly

    "one of the most serious cases of violation of data protection regulations" is only worth a piddling €150K fine ?

    No wonder multinational companies do what they like. It's not like they have much to be scared of. The only real goof is the court of public opinion, and Google has manipulated that like a charm (yes it did, it's only us geeks who are all up in arms about this - Joe Public has already forgotten even hearing about it).

This topic is closed for new posts.

Other stories you might like

Biting the hand that feeds IT © 1998–2022