More than 30 states are considering pooling resources to investigate whether Google Inc. illegally tapped private information from unsecured wireless networks while collecting photos and data for its popular Street View feature.
Connecticut Atty. Gen. Richard Blumenthal said Monday that he was leading the multi-state probe, which will also look at how personal information, including e-mails and passwords, were collected and why the data were retained.
"Street View cannot mean Complete View — invading home and business computer networks and vacuuming up personal information and communications," Blumenthal said in a statement. "Consumers have a right and a need to know what personal information — which could include e-mails, web browsing and passwords — Google may have collected, how and why."
Google's Street View has been under scrutiny since the Internet search giant acknowledged last month that it "inadvertently" collected data over unencrypted Wi-Fi networks in more than 30 countries for at least three years. The Mountain View, Calif., company said it has since disabled the function.
Several U.S. states have been individually looking into the case, which follows formal investigations in Germany and Australia.
In addition to determining whether Google broke any laws, the multi-state probe will also consider whether federal and state statutes need to be updated to prevent a similar occurrence.
Rob Enderle, a technology analyst, said the outcome of the investigation could have far-reaching implications for Internet privacy laws, especially in regard to protecting personal information that isn't secured.
"If you leave your car unlocked on a street where there are known burglars and they steal your stuff, their defense can't be you left your car unlocked," Enderle said. "They clearly knew what they were doing was wrong."
Google's Street View function, which launched in 2007, allowed Web users to see 360-degree snapshots of spots along many streets and roadways. It has since expanded to most major U.S. cities as well as dozens of cities in Europe, Africa, Asia and Australia.
Google gathers the vast collection of street photos by sending around fleets of cars equipped with panoramic cameras that capture the street layout by taking photos in every direction.
But what Google did not disclose to users was that its cars were also fitted with radio receivers meant to gather information about home and business Wi-Fi networks in the areas where the cars were traveling.
Because Wi-Fi networks tend to be static — like street names and ZIP Codes — they are useful for Google applications that need to triangulate the current location of mobile phones — as when Google Maps is helping a user determine driving directions.
However, along with the names of the Wi-Fi networks, Google was also collecting private information that was traveling across those networks — much of it from people who had failed to password-protect their personal networks.
In the three years that its fleet of cars has been roving the streets, Google says it has collected 600 gigabytes of unsecured data.
The company has apologized for collecting the private data, saying it failed to realize that its software was sniffing the data out of the air. Google maintains it has not used or analyzed the data for any of its products and has begun destroying the data in several countries where it was requested to do so.
"It was a mistake for us to include code in our software that collected payload data, but we believe we did nothing illegal. We're working with the relevant authorities to answer their questions and concerns," a Google representative said in a statement.
California's attorney general declined to say whether the state would be part of the multi-state investigation. Connecticut's Blumenthal also declined to comment on any discussions involving federal agencies.
"We expect additional states to commit in the coming days and weeks," Blumenthal said.
Times staff writer David Sarno contributed to this report.