Google has been fined 145,000 euros (£125,000) by German data regulators for illegally recording information from unsecured wi-fi networks.
The country's data chief called it "one of the biggest known data protection violations in history".
But the regulator admitted the amount was "totally inadequate" as a deterrent to the company.
The search giant said it unintentionally collected data including emails, passwords and photos.
Google has said it never intended to store the personal data, which had been captured in 2008-10, while the company gathered material for its Street View service.
The information has since been deleted, the data protection agency said.
Under European regulations, the maximum fine for an accidental violation is 150,000 euros - but data protection supervisor Johannes Caspar called for that amount to be increased in future.
In a statement, the regulators said: "Among the information gathered in the drive-bys were significant amounts of personal data of varying quality. For example, emails, passwords, photos and chat protocols were collected."
Google's executive chairman Eric Schmidt told the BBC that the violation came from "the actions of a single individual that were not authorised by the executives".
"Google of course is not perfect. In that particular case we actually disclosed it immediately and there were in fact no privacy violations.
"But it shows how seriously we take privacy and how important privacy is to everybody."