Google has been criticised by the Privacy Commissioner for failing to destroy private information it collected from unsecured WiFi networks during its Street View filming in New Zealand, in what has been termed "a major breach of privacy".

In recent checks, Google found one disk that may still contain New Zealand and Australian information, along with disks relating to other countries, the commissioner said in a statement.

"These had been missed when Google responded to the original privacy investigations."

The commissioner's office has told Google to destroy the disk.


Google had earlier informed the commissioner that all the "payload" information - contents of communications crossing the WiFi networks - had been securely destroyed. The destruction was verified by an independent agency.

"It's very disappointing that this disk could be overlooked," said Assistant Commissioner Katrine Evans.

"Collecting the information in the first place was a major breach of privacy, and we made it plain as part of our original investigation that all the information should be destroyed.

"Fortunately, it appears very unlikely that the information on the disk has been accessed or used in any way. Google is willing to destroy the disk.

"We sincerely hope that this will be an end to what has been a long-running saga."

Google has already apologised over the privacy breach.

In 2010, it said the data gathering was inadvertent, and it was usual for cars filming for the controversial Street View service to collect other types of data from Wi-Fi networks in order to improve the service.

"As soon as we discovered our error, we grounded our Street View cars and began to work with the New Zealand Privacy Commissioner and others to discuss what happened,'' said Google's engineering and research senior vice president Alan Eustace.


"Our collection of payload data was a mistake for which we are sincerely sorry, and we'd like to apologise to all New Zealanders.

"We have removed all Wi-Fi reception equipment from our Street View cars so they will no longer collect any Wi-Fi data. While Wi-Fi network data like SSID information (the Wi-Fi network name) and MAC addresses (the unique number given to a device like a Wi-Fi router) are publicly broadcast and accessible to any Wi-Fi-enabled device (like laptops and mobile phones), some people felt we should have been more explicit about what we were collecting.''