In a legal settlement with attorneys general in 38 states, the Internet giant also agreed to ramp up employee training about data privacy and back a nationwide campaign to teach people about securing wireless networks.
Word that vehicles snapping panoramic photos in neighborhoods for Street View images in Google’s online maps were grabbing data from unsecured hotspots triggered investigations in at least a dozen countries, according to the Electronic Privacy Information Center (EPIC).
At least nine countries have found Google violated local laws, said EPIC.
In the settlement announced on Tuesday, Google again promised that email, passwords, web histories and other data captured by Street View vehicles in the United States between 2008 and 2010 will be destroyed.
“This settlement addresses privacy issues and protects the rights of people whose information was collected without their permission,” New York Attorney General Eric Schneiderman said in a statement.
“Consumers have a right to protect their vital personal and financial information from improper and unwanted use by corporations like Google.”
Google has since stopped collecting the data and has agreed not to do so without consent, the statement said.
“We work hard to get privacy right at Google,” the California-based Internet giant said in an email response to an AFP inquiry.
“But in this case we didn’t, which is why we quickly tightened up our systems to address the issue. The project leaders never wanted this data, and didn’t use it or even look at it.”
Nonprofit group Consumer Watchdog dismissed the fine and conditions in the agreement as insignificant for the multi-billion-dollar company.
“The $7 million penalty is pocket change for Google,” said Consumer Watchdog privacy project director John Simpson.
“Asking Google to educate consumers about privacy is like asking the fox to teach the chickens how to ensure the security of their coop.”
A Federal Communications Commission investigation of Street View ended in May of last year.
The bureau concluded that it could not accuse Google of breaking US law but wanted the company penalized for not cooperating quickly enough.
Google agreed to pay a $25,000 penalty demanded by the FCC but maintained that fault for delay in the probe rested with the federal agency and not the Internet firm.
The FCC began the investigation in late 2010 after Google announced that Street View cars taking photographs of cities in more than 30 countries had inadvertently gathered data sent over unsecured Wi-Fi systems.
The Federal Trade Commission and US Justice Department had already opened and closed Street View investigations.
Information sucked up by passing Street View cars included passwords, emails, and other data that was being transmitted wirelessly over unprotected routers, according to the FCC.
Google has since stopped the collection of Wi-Fi data, used to provide location-based services such as driving directions in Google Maps and other products, by Street View cars.
Street View, which was launched in 2006, lets users view panoramic street scenes on Google Maps and take a virtual “walk” through cities such as New York, Paris or Hong Kong.