By Sara Jerome - 06/21/10 08:14 PM EDT
Connecticut Attorney General Richard Blumenthal announced Monday he will head a multi-state investigation of a Google privacy breach, charging that the company’s response to authorities has been insufficient so far.
Google’s response “raises as many questions as it answers,” he said in a statement, calling on the company to “provide a complete and comprehensive explanation" for an act that "invaded home and business computer networks and vacuumed up personal information and communications.”
There is no word yet on which or how many states are involved, but Blumenthal indicated the number will be “significant.” Attorneys general from 30 states participated in a conference call on the topic this month.
Google has admitted it collected user information running over unlocked wireless networks and has apologized. It maintains the actions fell within legal bounds.
Blumenthal is not so sure. “Our investigation will consider whether laws may have been broken and whether changes to state and federal statutes may be necessary,” he said.
Google says the breach occurred while it was systematically collecting Wi-Fi network information and, due to a software error, wound up collecting data running over those networks, which could include private banking information, e-mails and passwords.
Blumenthal asked how “purportedly unauthorized code become part” of Google's system in the first place. He said he wants to know who put it there and whether there have been other instances where unauthorized code has captured consumer data. He also asked for information about which cities and towns have been affected in his state.
The data collection point was Google’s Street View vans, which take photographs for its mapping application.
“Street View cannot mean ‘complete view,’" Blumenthal said. “Google must come clean, explaining how and why it intercepted and saved private information broadcast over personal and business wireless networks.”
A Google spokesperson offered this comment in response to the new probe: "It was a mistake for us to include code in our software that collected payload data, but we don't believe we broke any U.S. laws. We're working with the relevant authorities to answer their questions and concerns."