There's a very good article at The Register (I know, a lot of people here consider it a tabloid but the author is Alexander Hanff of Privacy International) explaining why it is almost impossible for Google not to have planned the storage and processing of the unencrypted data. It's here
Their argument boils down to
- They have software-building experience and processes and therefore it's not possible the code that stores/parses the unencrypted data is rogue code.
- They actually stored the data, they were not just processing it for location purposes then discarding it (as confirmed by the french agency in charge of privacy that obtained a portion of the data (article here
). It's doubtful they exploited the passwords they found, though.
So they broke the law by retaining private data and they planned on doing it (their code development processes surely would have picked up the code doing the storing before production if this code was not wanted) thereby proving intent.
I don't think (as the author does) that they intended to use the code for location-based advertising, but nonetheless Google must respond of its actions before the justice of the offended countries.