Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Google Privacy Australia Wireless Networking Your Rights Online

Google Found Guilty of Australian Privacy Breach 105

Posted by timothy
from the so-so-really-very-sorry dept.
schliz writes "The Australian Privacy Commissioner has found Google guilty of breaching the country's Privacy Act when it collected unsecured WiFi payload data with its Street View vehicles. While the Commissioner could not penalize the company, Google agreed to publish an apology on its Australian blog, and work more closely with her during the next three years. Globally, Google is said to have collected some 600 GB of data transmitted over public WiFi networks. In May, the company put its high-definition Australian Street View plans on hold to audit its processes."
This discussion has been archived. No new comments can be posted.

Google Found Guilty of Australian Privacy Breach

Comments Filter:
  • Mind Block (Score:5, Insightful)

    by Saeed al-Sahaf (665390) on Friday July 09, 2010 @11:11PM (#32857894) Homepage
    I really don't understand the issue: If you willingly radiate an unsecured Wi-Fi signal (or any type of signal), how can you claim a breach of "privacy"? *NOTHING* was "private"!
    • Private? (Score:3, Interesting)

      I agree to a point. If you don't secure your connection and get sniffed, it is your fault.

      The fact that Google snooped it does not make their actions any better. If they had snooped and only picked up SSID and Mac addresses, then that is one thing.

      This may have served an important purpose, it woke people up about security on WIFI connections.

      • Re:Private? (Score:5, Insightful)

        by Charliemopps (1157495) on Friday July 09, 2010 @11:26PM (#32857942)
        It's the equivalent of google putting a tape recorder in a public park in order to record bird songs and then some people happen to walk by talking about how they like to take it up the butt. Governments see google as an easy target. Simple as that. You are NOT safe on the internet. Suck it up. Your politicians, as usual, are lying to you.
        • Re:Private? (Score:4, Insightful)

          by Tharsman (1364603) on Friday July 09, 2010 @11:58PM (#32858050)

          It's the equivalent of google putting a tape recorder in a public park in order to record bird songs and then some people happen to walk by talking about how they like to take it up the butt.

          No, it's the equivalent of them driving with a huge audio amplifying system and recording private conversations just because you didnt bother to sound-proof your house. Any audio professional knows it's extremely easy to sound-proof your house, you saying you don't do this in yours? Then don't whine if some one records what you say in your house, you can't claim it's private if you don't use the technical tools available to you to protect it.

          Also, please do ignore the fact they didn't just connect to unsecured networks: they capture all data from these networks they could and saved it. Didnt they tell everyone they were just taking photos?

          • Re: (Score:3, Informative)

            by Darkness404 (1287218)

            Then don't whine if some one records what you say in your house, you can't claim it's private if you don't use the technical tools available to you to protect it.

            Soundproofing a house doesn't take 2 minutes and no extra material. If you could soundproof your house by flipping a switch, yeah, you would have some problems with it.

            But it isn't even like soundproofing your house, having an unsecured wi-fi connection is akin to standing near an open window with a megaphone having a conversation, something like soundproofing your house is if you use weak encryption or common passwords, things that Google didn't bother to crack (and if I recall correctly, they didn't

          • Re:Private? (Score:4, Insightful)

            by icebike (68054) on Saturday July 10, 2010 @04:14AM (#32858856)

            Also, please do ignore the fact they didn't just connect to unsecured networks: they capture all data from these networks they could and saved it. Didnt they tell everyone they were just taking photos?

            They did not connect to the networks.

            They did not capture all the data from these networks that they could.

            They drove by, captured a few microseconds of beacon data and random unencrypted packets. All they really wanted was the beacon data, to locate the wifi hotspot, but someone got sloppy in the packet filtration.

            There was no Connection to these networks. There was no expectation of privacy. Don't try to make more of it than it was.

            • Were you given the same evidence to consider as the Australian Government?

              Or are you just making blind assumptions about what you think happened vs what really happened according to the evidence provided by Google to the Australian Government?

              In other comments on this activity, it appears that you are wrong and that Google *did* actually connect to private (even if insecure) networks and *did* collect more than beacon data.

              If you have evidence that can show that Google did not collect personal data, b

              • Re: (Score:3, Insightful)

                by icebike (68054)

                Google has publicly stated that they did not connect. Its in their blog post months ago. Its the same thing they told governments around the world.

                Are you now claiming access to some other admission? If so lets see it. If not, just admit you made it up and we can be friends.

                They drove by at about 25 MPH. You really can't connect to a router that fast when the average router has a range of about a hundred feet thru walls.

            • by ZDRuX (1010435)
              I don't know why you're trying to mislead into believing Google did or did not steal any private information, but perhaps you simply have some insider information that The New York Times simply doesn't have and they got it all wrong?

              From Germany Asks Google to Surrender Private Data

              The German demand underscored the seriousness of the quandary Google now faced after its admission last Friday that it had stored the snippets of [b]Web sites and personal e-mail messages from people around the [i]world[/i
          • by sumdumass (711423)

            That would be a somewhat fit analogy if it wasn't for almost every operating system and wifi device warning you when you setup or connect to an open connection that all your communications can be listened to and it wasn't a secure setup.

            You see, if someone or something warned me that my conversations with you could be listened to by anyone with a big microphone, or perhaps a web browser with the capabilities of viewing this post/response, then I would in no way expect that communications to be private. and

        • Re: (Score:2, Informative)

          by matunos (1587263)

          Except in this case, it was apparently in violation of the law.

          • by icebike (68054)

            This is not at all clear.

            The opinion of a political appointee to public commission, does not a criminal make.

            She stated: "Australians should reasonably expect that private communications remain private".

            Totally neglecting the fact that the communications were NOT private because they were using unsecured wifi.

      • by Ihmhi (1206036)

        To me, this whole situational is analogous to claiming a breach of privacy over them collecting pictures which visibly show the numbers of houses.

        They collected the data, but they didn't put it out in the world, did they?

    • Re:Mind Block (Score:4, Insightful)

      by Animaether (411575) on Friday July 09, 2010 @11:37PM (#32857984) Journal

      In your black-and-white world, I'm sure that things work that way.

      In your world, you shouldn't complain about people taking pictures through your windows. You willingly radiate electromagnetic radiation - in the form of photons - so anything that can be seen through your windows is not private at all. Should have closed your curtains.

      In your world, you shouldn't complain about people using parabolic microphones to listen to your conversations with another person in your household. You willingly make the surfaces vibrate, so anything that an outsider manages to pick up is not private at all. Should have use 2-foot thick reinforced concrete and lined the inside with sound absorbing padding.

      In your world, you shouldn't complain if somebody goes through your trash and digs up everything from bills to medicine prescriptions. You willingly discarded it so callously, so it is not private at all. You should have incinerated it.

      In your world, you shouldn't complain if private security companies band together and employ facial recognition among other to track your movements wherever their services have coverage, selling this data to yet other companies. After all, you willingly set foot outside. You should have gotten a teleworking job and gotten your groceries home-delivered.

      Fortunately, in the real world, things aren't so black and white. Things are many shades of gray and probably all the colors of the rainbow, too. In the real world, we do define some rules, laws, that curtail these sorts of activities one way or another - generally in the interest of people's privacy.. even where in your world there would be none.
      It is in that real world that Australia has seen fit to set privacy laws (Privacy Act) under which Google's activities are a no-no.

      Whether or not those people should have known better, and should have secured their WiFi, or whether the people whose data has been collected even care that it occurred.. is a moot issue for the conclusion reached by the Australian privacy commissioner.

      • Re: (Score:2, Interesting)

        by vlueboy (1799360)

        Bravo.
        The single problem with google's invasion is that they go beyond *my product spec* and extend the 50meter range of your wireless to worldwide distances, even if it's just a few useful bits. All without permission. People get sued for ignoring re-broadcasting "laws" here in the states.

      • Re: (Score:3, Informative)

        by DarthBart (640519)

        In your black-and-white world, I'm sure that things work that way.

        In some cases, they do.

        In your world, you shouldn't complain if somebody goes through your trash and digs up everything from bills to medicine prescriptions. You willingly discarded it so callously, so it is not private at all. You should have incinerated it.

        Once it hits the curb for trash collection, it's fair game. Tons of legal precedents have been set for this. If I want to dispose of my accounting ledgers for my meth operation, I damn

        • Re:Mind Block (Score:5, Insightful)

          by Zironic (1112127) on Saturday July 10, 2010 @02:03AM (#32858540)

          It's about reasonable expectation of privacy, not what's technically possible. Did you know that in many parts of the world people leave their door unlocked yet still expect people to not walk in uninvited? While many Americans seem to have a very free for all wild west attitude to these sort of issues many other parts of the civilized world expect others to behave civilly.

          • It's about reasonable expectation of privacy

            Yes exactly, but many people, including you, seem to intrepret this incorrectly by substituting "ignorant of basic facts" for "reasonable". That is not what it is about. The "reasonable" is a test of the judgement of an ordinary person after they are informed of the facts, not a test of what facts an ordinary person knows.

            So would an ordinary person, after having learned all about how Wifi works - how an open Wifi access point allows anybody to see traffic and broadcasts it up to a hundred feet outside

            • by Zironic (1112127)

              The difficulty of the act is immaterial. It's easy to walk through an unlocked door, yet we still expect you not to do that. It's easy to photograph someone on their lawn while they're having sex, yet we expect you not to do that either. It's just common decency(which in some countries are enshrined in law).

          • I cannot understand the technogeek arrogance (and cultural ignorance) of "well you were using technology you don't understand so suck it and reap the consequences of your techno noobity."

            I'm in IT and I find that attitude worse than banal, and insulting to my profession which, in the end, is about *people* not computers. Otherwise what kind of society are we inventing all this crap for?

            By the same logic, people "intentionally" install viruses, so by definition viruses are ok and users have no cause for comp

      • Re: (Score:3, Insightful)

        by Darkness404 (1287218)
        All your examples though require extra materials and a lot of time. I don't know of a single wi-fi router, even the ancient ones that don't support at least -some- form of encryption. Yes, it might be terribly weak and can be compromised by a cracker in a matter of seconds, but then the Google "problem" would be moot.

        If I'm outside with a megaphone screaming a conversation from a driveway, can you really say that the conversation was private? Yet that is essentially what having an unencrypted wi-fi syst
    • Re: (Score:3, Insightful)

      by wisnoskij (1206448)

      Well it all depends on what senses you are using.
      for example Google could get some x-ray/heat vision gizmo that allowed then to track peoples actions in their homes or a sound amplifier to listen into someones home.
      While wireless receivers are a lot easier to buy, that does not mean they are fundamentally different.
      Not that I did not share your opinion as a gut instinct.

    • Re: (Score:2, Insightful)

      by dhavleak (912889)

      I really don't understand the issue: If you willingly radiate an unsecured Wi-Fi signal (or any type of signal), how can you claim a breach of "privacy"? *NOTHING* was "private"!

      I can't believe the number of times this inane justification is being used!

      If you use your computer on a wired LAN, anyone in the same collision domain can intercept everything you're sending and use a packet analyzer to reconstruct your traffic. Is it a privacy violation for them to do so -- yes! They need your express approval to do so.

      Even if you use your laptop on public encrypted WiFi, anyone connected to the same WiFi hotspot can intercept everything you're sending and use a packet analyzer to rec

      • by stoanhart (876182)
        Don't quote me on this, but I'm pretty sure a router uses a different encryption key for each client. I don't think fellow users of an encrypted hotspot can read your data.
      • by GooberToo (74388)

        If you use your computer on a wired LAN, anyone in the same collision domain can intercept everything you're sending and use a packet analyzer to reconstruct your traffic. Is it a privacy violation for them to do so -- yes! They need your express approval to do so.

        That, in part, is why everyone moved from hubs to switches ages ago. That's also why everyone has nice full duplex ethernet connections these days - switches.

        Regardless, none of this has anything to do with anything - including your semi-invalid WIFI example. Next you'll be yelling that everyone is violating TV and radio station's right to privacy when they turn on their radio or TV.

        So long as you are transmitting an RF signal in the clear (unencrypted) for all to receive, a reasonable right to privacy shou

    • If I connect my laptop to your Wifi network because you do not have a password, is that connection authorised without you saying I can do it?

      If I connect my laptop to your Wifi network because I know your network password (lets say I guess it), is that connection authorised without you saying I can do it?

      If I create a "guest" login on a web server that has no password and someone logs into it without my authorisiation, is that against the law or not?

      If that "guest" login also has "guest" as a password

    • by Meski (774546) *
      Sigh. Any other Aussies here prefer that they *didn't* put high def street view on hold?
  • Really gotta love stupid Australian laws and our legal system.

    Sir you have been found guilty of breaching the privacy of our citizens by listening to what they freely broadcast anyway. You are hereby ordered to pay the sum of a 250 word letter saying sorry. Atta boy there. [ruffles hair]
    • by Anonymous Coward

      To be fair, that sounds like pretty much what should be done in this case. Apologize and work better in the future so this sort of thing doesn't happen.

      • by gman003 (1693318)

        Isn't that what they did before the lawsuits? Hell, I doubt anyone would have known if they just wiped the files and forgot about it.

    • It would have looked so much better for them if they had issued an apology beforehand. A forced apology is not a sincere apology.
    • Re: (Score:2, Interesting)

      by ILuvRamen (1026668)
      okay, so walk around an entire city while detecting and recording all sound, digital transmissions in all forms, and all analog signals too. Yeah it's "public" because it's floating through the air but you're still just walking around, spying on random people and that's frowned upon legally in most countries. So any fraction of that like just recording open wifi data is also illegal. That's the logic behind it at least, it's still stupid.
      • by thegarbz (1787294)
        Ahh but walking around recording at random and spying are two different things. I would agree with you if Google parked their car across the road and sat there for a few hours, heck even a few minutes and recorded your stupidly open wifi traffic.

        But that's not the case. They were snooping as they were driving past, they may have recorded 600GB, but that's 600GB total from their entire world wide street view effort.

        Walking down the street and recording a single sentence of someone's loud conversatio
      • by HJED (1304957)
        It is more like walking around and writing down slogans on peoples t-shirts and accidentally overhearing a bit of peoples conversation whilst you are doing it. I wouldn't call that spying
    • There's still a possibility that Google could be found guilty of infringing telecommunication laws and there are penalties for that.
      • by icebike (68054)

        Google hasn't been "found guilty" of anything.

        A political appointee to a nothing commission made a pronouncement. Posturing. Grandstanding.

        She would never be so stupid as to bring formal charges in a court of law, because she would go down in smoking ruin.

        Australia finds it perfectly ok for their government to filter their entire network, but let some passing car pick up a packet on an unsecured wifi and they have conniptions. Daft.

        • Indeed - the fact that she is not taking it to court says that she knows they don't have a case but also that Google knows that the damage from just being contrite about this is far less then trying to defend themselves here. They really don't want this data at all, there is no business win for them in establishing that it is ok to collect it, in fact, the reverse is true. If they did successfully defend this it would just bring on a new bout of privacy legislation that might actually cripple them.

          So it

    • Australia should give Google a boot. Once through the gate.
  • granted it was questionable to log those packets, it was right they didn't get fined for what anyone with a laptop could do outside the local starbucks or cafe
  • Here's the question:

    Who else might be doing what Google has been found to be guilty of doing? You see, it does not require a lot of sophisticated equipment to pull it off.

    • With so many data collection points working for Google, that's roughly what, three days' worth of data collected? It might take lesser companies a couple weeks to collect that much.
    • by Techman83 (949264)
      Indeed, the only reason your wireless adapter in your device doesn't receive the data is because it _voluntarily_ checks whether it is destined for it or not.
      • by icebike (68054)

        Indeed, the only reason your wireless adapter in your device doesn't receive the data is because it _voluntarily_ checks whether it is destined for it or not.

        But it DOES receive the data. There is simply a gentleman's agreement to not read another's mail. So it discards it.

        Unless Little Joey fires up Airsnort.

    • by icebike (68054)

      Here's the question:

      Who else might be doing what Google has been found to be guilty of doing? You see, it does not require a lot of sophisticated equipment to pull it off.

      Who?

      Why the Australian Government, that's who.

  • by Techman83 (949264) on Saturday July 10, 2010 @12:13AM (#32858132)
    It's not ok for google to inadvertadly [blogspot.com] capture minute packets of useless information, but it's ok for the government to direct ISPs to intercept data illegally [zdnet.com.au].

    The Australian Labor party have time and time again broken their promises [abc.net.au], Barging ahead with Policies [libertus.net] that their citizens do no want [ninemsn.com.au] and completely fucking up things they tried to achieve [dennisjensen.com.au]

    The only reason Google are in hot water is because they stood up [guardian.co.uk] to Senator Conroy and he got upset [canberratimes.com.au] about it.

    I for one will be making my vote count this year and I urge all fellow Australian slashdotters to do the same.
    • Well of course, after all Google is an evil corporation and your government is there to help you! Because Google is a corporation they must be evil right? And because a government is "democratically" elected it is utopian!
    • Re: (Score:3, Insightful)

      by houghi (78078)

      It's not ok for google to inadvertadly capture minute packets of useless information, but it's ok for the government to direct ISPs to intercept data illegally.

      Why is it that people keep thinking that this is something between Google and some Government? This about your privacy. That means BOTH can be wrong.

      • by Techman83 (949264)

        Why is it that people keep thinking that this is something between Google and some Government? This about your privacy. That means BOTH can be wrong.

        Because this is something between the government and Google, although that's not the point I was making. The government were actively directing the ISPs in the trial to intercept peoples data. Google inadvertently captured a few packets of data that was actively being _broadcast_ in an unencrypted format. The only reason that my laptop isn't currently capturing my neighbors unencrypted wireless packets is that by default wireless cards are set to ignore everything that isn't addressed to them.

        The point

  • This is absolutely astounding. OK, when I heard we were "investigating" Google I thought "well to me as an IT person, that seems pointless, but I guess it's a moral and legal issue and something should be done to set an example". Had I known that we had absolutely no power whatsoever to penalize them in ANY WAY, I would not have been happy about pissing taxpayer's funds down the drain for the sake of an _apology_ ... on a _blog_ ! I don't know how much we spent on this "investigation", but clearly, every
  • As I've said many times in the past, Google has done absolutely nothing wrong. People are 100% free to collect any and ALL insecure, unencrypted wireless data that I send out any time. That's just the way it is. All of this makes me SO mad...governments going after Google for nothing! It's absurd. They want to do this just so that people can continue living in ignorance of how exposed they are? It's pathetic...and as others have pointed out, a huge waste of taxpayer money. Google has nothing to apolo

    • Yes they did. What they did wrong was not delete the data before they announced they intercepted it.

      • by icebike (68054)

        What they did wrong was not delete the data before they announced they intercepted it.

        Exactly so.

        They are incurring the wrath because the did the RIGHT THING, by admitting their mistake.

        No one else will ever do that again. They will just purge it.
        Fess up if anybody asks, and say they destroyed it as soon as they realized their error. Case closed.

        No good deed goes unpunished.

  • > The Australian Privacy Commissioner has found Google guilty of breaching the country's Privacy Act when it collected unsecured WiFi payload data with its Street View vehicles.

    The Australian Privacy Act is weak and ineffectual. I looked into it and discovered if you make a complaint against an organisation, the worst the commissioner can do is make a non-binding determination which has no legal or financial penalties against the violator. And they can keep doing what they're doing. You have no recourse.

  • Um, anyone remember the last time [wikipedia.org] Australia asked for an Apology?

  • I thought it was "Privacy Beach" and street view cars collected photos of hot topless women.
    Damn.

  • I'm curious to see what parts of the Privacy Act they actually broke. As much as the technology part of it makes sense (if it's unencrypted it's your fault), can we really argue properly either way without knowing exactly how Google was determined to be in error?

Our policy is, when in doubt, do the right thing. -- Roy L. Ash, ex-president, Litton Industries

Working...