Meanwhile, again on Friday, Facebook admitted uncovering a bug that ‘accidentally’ made private contact information of about 6 million users accessible to other Facebook users. However, Facebook’s own team did not spot the bug, but it was spotted by a person going through Facebook’s “white hat” hacker program.
In the Google case of accidentally collecting data of neighborhoods in U.K., Stephen Eckersley, Head of Enforcement of the ICO said, “Today’s enforcement notice strengthens the action already taken by our office, placing a legal requirement on Google to delete the remaining payload data identified last year within the next 35 days and immediately inform the ICO if any further disks are found … Failure to abide by the notice will be considered as contempt of court, which is a criminal offense.”
Between 2008 and 2010, Google’s Street View vehicles went beyond collecting 360-degree mapping images and also collected data from unencrypted wireless networks within range of the cars including emails, passwords and other electronic communication.
The case had been closed following in agreement between the ICO and Google in 2010, but reopened after the U.S. Federal Communications Commission released an April 2012 report showing that several employees and at least one senior manager were in the know of the “accidental” data gathering.
However, the ICO made it clear that “there was insufficient evidence to show that Google intended, on a corporate level, to collect personal data.”
Since the data continued to remain on disks, the ICO asked Google to delete it or face consequences.
In the Facebook bug case, Facebook informed that the bug had been fixed within a day and there is no proof of anyone exploiting the bug with malicious intention.