WASHINGTON (Reuters) - Connecticut’s attorney general will lead a multi-state probe of whether Google Inc broke the law when it siphoned personal data off wireless networks around the world, which the Internet search leader has said was inadvertent.
Attorney General Richard Blumenthal said on Monday more than 30 states participated in a recent conference call on the issue. He said consumers have a right to know what information was collected, and whether U.S. states need to alter procedures to guard against such leaks in future.
Google’s shares slid 2.29 percent to close at $488.56 on Monday.
In May, Google said its cars photographing streets around the world have for years accidentally collected personal data — which a security expert said at the time could have included email messages and passwords — sent by consumers over wireless networks.
“My office will lead a multi-state investigation — expected to involve a significant number of states — into Google’s deeply disturbing invasion of personal privacy,” Blumenthal said in a statement.
“Consumers have a right and a need to know what personal information — which could include emails, Web browsing and passwords — Google may have collected, how and why.”
Blumenthal said Google has cooperated but “its response so far raises as many questions as it answers.”
“Our investigation will consider whether laws may have been broken and whether changes to state and federal statutes may be necessary,” he said.
Illinois Attorney General Lisa Madigan said last week that she had opened an investigation into whether Google collected personal information about Illinois residents. Michigan Attorney General Mike Cox requested information from Google last week about the interceptions.
News of the Blumenthal-led probe marked the latest development in a privacy controversy surrounding Google. The company already faces an informal investigation over the matter by the U.S. Federal Trade Commission, a variety of probes overseas, and class action lawsuits.
Google has said the data were accidentally collected by “Street View” cars, well known for crisscrossing the globe and taking panoramic pictures of city streets, which the company displays in its online maps product.
“It was a mistake for us to include code in our software that collected payload data, but we believe we did nothing illegal. We’re working with the relevant authorities to answer their questions and concerns,” Google spokeswoman Christine Chen said in an email.
The company says it uses the location of Wi-Fi networks to enhance location-based services on smartphones.
It first revealed that Street View cars were collecting wireless data in April, but said that no personal data were involved. But after an audit requested by Germany, Google acknowledged in May that it had been mistakenly collecting samples of “payload data.”
Blumenthal also released a letter sent to Google in mid-June asking for more details of the data collection. He had written to Google previously and the giant Internet search and advertising company had responded.
In the second letter, Blumenthal asked the company when it realized that its Street View cars had collected “payload data,” who audited or analyzed the Street View data collection program, and whether information was ever extracted from the payload data.
He also asked what precautions Google takes to ensure that its engineers do not insert code into Google products, and which engineer or engineers inserted the payload data code into the Street View cars’ collection devices.
Reporting by Diane Bartz; Editing by Tim Dobbyn, Gerald E. McCormick and Bernard Orr