SAN FRANCISCO — Google Inc. is tightening its privacy leash on employees in an effort to ensure they don’t intrude on people while the Internet search leader collects and stores information about its users.

Besides promoting longtime employee Alma Whitten to be its director of privacy, Google said Friday that it will require all 23,000 of its employees to undergo privacy training. The company also is introducing more checks aimed at ensuring workers are obeying the rules.

Additional Photos

A Google mapping car records street views in Berlin. The use of such vehicles to also log locations of Wi-Fi networks has sparked privacy concerns. 2008 Associated Press file

Google’s tougher privacy measures appear to be a response to recent breaches that have raised questions about the company’s internal controls and policies.

In the most glaring example that indicated the company didn’t have a good grasp on what its workers were doing, Google acknowledged in May that one of its engineers had created a program that vacuumed up potentially sensitive personal information, including e-mails and passwords, from unsecured wireless networks while Google cars cruised neighborhoods around the world. The vehicles were dispatched primarily to take photos for Google’s online mapping service, but they also carried equipment to log the location of Wi-Fi networks.

The incident, which some critics have derisively labeled as “Wi-Spy,” was caused by “an engineer’s careless error as well as a lack of controls to ensure that necessary procedures to protect privacy were followed,” Canada Privacy Commissioner Jennifer Stoddart concluded in a report this week.

Several other countries have skewered Google for scooping up 600 gigabytes of data – equivalent to about six floors of an academic library – from Wi-Fi systems for more than two years before detecting a problem five months ago in response to an inquiry from regulators in Germany.

Google initially said it had captured only fragments of people’s online activities, but Canada’s investigation determined that entire e-mails, passwords and website addresses had been obtained and stored. In confirming Canada’s findings Friday, Google said it wants to delete all the Wi-Fi data remaining on its computers as quickly as possible, but must hold on to most of the information while authorities in different countries conduct their own investigations.

So far, Google has purged the Wi-Fi data it got in Ireland, Austria, Denmark and Hong Kong after gaining clearance from regulators in those countries. It still has the data from more than 20 other countries, including the United States, where a coalition of state attorneys generals has been looking into the breach.

“We are mortified by what happened, but confident that these changes to our processes and structure will significantly improve our internal privacy and security practices for the benefit of all our users,” Alan Eustace, Google’s head of engineering, wrote in a Friday blog post.

Google’s privacy safeguards appeared to be suspect once again after the Gawker blog reported that an engineer in its Kirkland, Wash., office had been using the privileges of his job to spy on the online accounts of four minors. Prompted by that report, Google last month acknowledged that it had fired the engineer for violating its privacy policies.

Maintaining the public’s trust is critical to Google because the success of its search engine and part of its long-term business plans hinge in part on its ability to build databases about its users’ preferences. Among other things, Google believes the information helps it deliver better search results than its rivals and sell more of the ads that generate virtually all the company’s revenue.

Related Stories