March 29, 2024

Google Agrees to Allow Owners of Wi-Fi Routers to Opt Out of Database

BERLIN — Google, under pressure from privacy regulators in the Netherlands, said Tuesday that it had agreed to give people around the world the option of keeping the names and locations of their home or business Wi-Fi routers out of a company database.

Google uses the data to help pinpoint the location of cellphones and other mobile devices within broadcast range of the routers. That information is useful for weather and mapping services, among other things, and can allow Google to show relevant advertising for nearby businesses.

Under the agreement, which was announced by Google and the Dutch Data Protection Authority, owners of Wi-Fi routers can add “_nomap” to the end of a router’s name to tell Google that they do not want its information included.

If many people opt out of the registry, Google’s ability to offer location-based services could be compromised. The company would then have to use cell tower locations and the Global Positioning System to determine a phone’s location, which could result in less accuracy and greater use of battery power.

But while Google’s collection of Wi-Fi location data has been controversial in Europe, analysts in the United States were skeptical that many owners of routers would bother to remove them from the database.

“I think the Wi-Fi network operator would be more than happy to have it plotted,” said Chenxi Wang, principal analyst covering security at Forrester Research. “It doesn’t hurt them in any way.”

Jacob Kohnstamm, the chairman of the Dutch Data Protection Authority, called the agreement a positive step for consumer privacy.

“We all hope that with enforcement actions like these, the bigger firms will use privacy by design from the start so we don’t need to go into enforcement mode,” Mr. Kohnstamm said.

Google, the global search engine leader, was found to have illegally collected information about 3.6 million routers in the Netherlands from March 2008 through May 2010 as it compiled its Street View mapping service. It has said that it was using the information to help log the position of cellphones running its Android operating system.

Google had faced a fine of 1 million euros, or $1.4 million, from the Dutch agency for its illegal data collection. Mr. Kohnstamm said officials at the agency would independently verify whether Google keeps its promise to remove the data once a router owner uses the new opt-out procedure.

“Assuming Google follows through on its agreement, the fine will not be levied,” he said.

In a statement, Google said the Wi-Fi location data could not be used to identify individuals.

“Even though the wireless access point signals we use in our location services don’t identify people, we think we can go further in protecting people’s privacy,” Google said.

Peter Fleischer, Google’s global privacy counsel, wrote in a blog post that Google hoped other companies that log router locations would also use Google’s “_nomap” suffix as an opt-out mechanism.

Natalie Kerris, a spokeswoman for Apple, which collects similar data through its phones and other devices, declined to comment.

Google began advertising the details of the opt-out procedure in several Dutch newspapers and on its Web site. Mr. Kohnstamm said Google agreed to offer the option after it was requested by officials in the Netherlands and France, and several other European countries he declined to name.

The Netherlands has been one of Europe’s most aggressive enforcers of data protection laws, using sanctions and legislative action to tightly restrict how companies that do business on the Internet can collect and manipulate personal data.

Google ran afoul of data protection officials from Europe to Hong Kong when it acknowledged that its Street View mapping vehicles had collected private data from Wi-Fi routers as the cars were compiling panoramic maps. This went beyond logging the name and location of the routers to include data traveling over the networks. Google attributed the unlawful data collection to a programming error and apologized publicly.

The company, based in Mountain View, Calif., settled most of the complaints by privacy regulators by deleting the data, although prosecutors in Hamburg, Germany, are still weighing whether to bring criminal charges against Google.

Johannes Caspar, the Hamburg data protection supervisor whose inquiry brought Google’s Wi-Fi collection practices to light, said his office was awaiting a decision by criminal prosecutors before deciding whether to levy penalties.

Claire Cain Miller contributed reporting from San Francisco.

Article source: http://feeds.nytimes.com/click.phdo?i=f589ad9c1d30dec080153051dca72b4a