Forgot your password?
typodupeerror
Google Government Privacy Your Rights Online

FTC Ends Probe of Google StreetView Privacy Breach 99

Posted by samzenpus
from the move-on-nothing-to-see-here dept.
GovTechGuy writes "The Federal Trade Commission (FTC) wrote to Google on Wednesday to end its probe into a major privacy breach in which the company collected and stored private user information, such as passwords and entire e-mails, without even realizing it after the search giant promised to improve its privacy practices."
This discussion has been archived. No new comments can be posted.

FTC Ends Probe of Google StreetView Privacy Breach

Comments Filter:
  • I'm sure that... (Score:5, Interesting)

    by Bill_the_Engineer (772575) on Wednesday October 27, 2010 @06:02PM (#34043332)
    I'm sure that Eric Schmidt being Barrack Obama's "informal" technology advisor had nothing to do with it.
    • by Microlith (54737) on Wednesday October 27, 2010 @06:13PM (#34043442)

      I know, it couldn't have anything to do that nothing transmitted in the clear over unregulated frequencies is considered secret in any way, and therefore Google arguably did nothing wrong whatsoever.

      It had to be political gaming by CEOs to protect them from Federal legal action for violating... what law again?

      • by bjourne (1034822)
        So anyone entering a password on a non-HTTPS encrypted page deserves to have their account details stolen?
        • by vegiVamp (518171)

          Deserves is a rather strong word; but if you additionally do so over a non-encrypted wireless link and then act surprised about it I *will* slap you, yes.

      • by mysidia (191772)

        what law again?

        Wiretap laws? The same ones you might violate running tcpdump on someone's network without permission, to capture e-mail contents?

      • by 91degrees (207121)
        Seems a bit of a stretch. By the same token I could place microphones absolutely everywhere and record everyone's conversations in parks, restaurants and other public places. Interception of electronic communication appears to be covered under the same laws as bugging private conversation under Title 18 of the US Code.
        • by GooberToo (74388)

          This is already commonly done by law enforcement as well as PIs. When you are in public space, you have absolutely not expectation of privacy - so says the law. The law is entirely on their side and completely supports exactly what you are advocating.

          laws as bugging private conversation

          Notice the key word there. Technically, you can not have a private conversation in a public space.

          Laws vary wildly from state to state. Just the same, generally, what I'm saying is accurate.

    • Re:I'm sure that... (Score:5, Informative)

      by wolrahnaes (632574) <sean@seanharloFREEBSDw.info minus bsd> on Wednesday October 27, 2010 @07:00PM (#34043908) Homepage Journal

      Or that there's no reason for a probe to ever have been started. They gathered data from open radio transmitters. There is absolutely ZERO privacy expectation for anything transmitted on open protocols in the clear, so I say tough shit to anyone whose "private" data was captured.

      If I strap a tape deck to my radio scanner and drive around recording whatever comes across am I violating the privacy of people who I pick up? Hell no. So why is it such a big deal for Google to do exactly the same with digital data rather than analog voice?

      It's already been stated that the reason the data was captured is that Google chose to do things "The Unix Way" and basically strap together a few common apps in their cars, including a packet capture tool. This makes sense since Wireshark (and assumedly all other software that relies on libpcap) can record signal strength with every packet received. Run that constantly and have something logging your GPS position regularly enough, then you can just feed the data in to a processing tool after the fact to go through and create a rough map of what WiFi BSSIDs are where (which is exactly what the data was gathered for, iPhones and Android phones among others can use the WiFi devices they see to get their location).

      There's no logical reason they should even have to change what they're doing, but since the majority of the world seems to not understand that they may as well be yelling their personal data in to a CB mic if they send it over unencrypted WiFi, they're changing their toolset anyways to please the public. As such, since there wasn't a problem in the first place and the activity people bitch about is stopping, there's no reason the FTC needs to do a damn thing. There are plenty of other real problems out there for them to deal with.

      • You make a good point, but you forget something: if that's what Google was collecting data for, there was no need to record the packets in the first place. All they needed was the GPS data, signal strength and BSSID involved. I'm not saying that they were planning to make improper use of the data, just that there was no need to record it in the first place if what you say is true.
        • by slimjim8094 (941042) <slashdot3NO@SPAMjustconnected.net> on Wednesday October 27, 2010 @10:41PM (#34045560)

          They were using Kismet, which by default captures all unencrypted packets it hears. They forgot to change the default - which, incidentally, is something the WiFi owners are guilty of as well.

          It would be different if they changed the configuration in order to capture packets, instead of simply forgot.

          • by 1800maxim (702377)
            First of all, why did they use Kismet? What connection does wireless network detection have with Google maps and Google street view?

            Second, if you think this was done in error, by mistake, I think you're pretty naive. It not only happened in the US, it also happened in Canada. The street view mapping process took several months.
            • by hoshino (790390)

              You are getting angry over something you did not even bother to understand. Google logs wireless access points with GPS data and signal strength in order to provide location-detection functions in Google Maps.

              How else do you think an iPod touch magically figures out its location without a GPS receiver?

              And Google is not even the first or only one to use Wi-Fi signals as a poor man's GPS. http://www.skyhookwireless.com/howitworks/ [skyhookwireless.com]

      • Re: (Score:1, Troll)

        by PietjeJantje (917584)
        Spammers gather email addresses from the open internet. According to your argument it is ok to spam millions of email addresses. Also, I could stand across the street and watch you leave the house and take notes. The government could also do this, watching thousands of civilians in a gigantic operation. According to your simple pro-google argumenation, this is ok. Why is it exactly you are defending an ad broker that needs more profit every year selling your private data to the highest bidder, and which wor
        • by Alrescha (50745)

          "Spammers gather email addresses from the open internet. According to your argument it is ok to spam millions of email addresses."

          Nope, Google didn't intend to collect this information, and didn't use it for anything.

          "Also, I could stand across the street and watch you leave the house and take notes."

          And it's perfectly legal for you to do so.

          A.

          • Re: (Score:1, Troll)

            by PietjeJantje (917584)
            You have problems understanding an argument. I recommend brain amputation, it can only get better.
        • by Goaway (82658)

          Spammers gather email addresses from the open internet. According to your argument it is ok to spam millions of email addresses.

          Well, that sure wins this week's prize for least well-constructed argument.

          • Re: (Score:1, Flamebait)

            by PietjeJantje (917584)
            Nope, you won it. Yours is infinitely less well-constructed.

            But carry on battling privacy for the sake of billionaires, without any argumentation at all. I suspect you are not a lobbyist, but just a mere complete and total idiot.
      • by 91degrees (207121)
        If I strap a tape deck to my radio scanner and drive around recording whatever comes across am I violating the privacy of people who I pick up?

        Yes.
  • All your Privacy is belong to Canada and the EU.

    Not in America, sadly.

    No rights for you!

    • Re: (Score:3, Funny)

      Here in Canada we saw one of the Google Cars parked outside a Tim Hortons for a really long time, turns out the winter months were so cold the fuel line froze up. We sent the Engineers back to the States telling them we'd drive it back once it warmed up, but we've actually set it up so we can recieve all the wireless traffic between Alaska and the rest of the states.

    • by FooAtWFU (699187) on Wednesday October 27, 2010 @06:25PM (#34043536) Homepage
      If suing Google after they collected the passwords you transmitted unencrypted over wireless networks is *really* your idea of "privacy" . . . you're going to be in a big surprise when someone less friendly than Google does the same thing.
      • Re: (Score:2, Insightful)

        by bonch (38532)

        This stupid argument gets brought up every single time by Google fans. Entering someone's home, even if the front door is unlocked, is still an act of trespassing.

        Why were they archiving that data in the first place? You really believe that it was just a big, dumb accident? This is Google we're talking about.

        • by wolrahnaes (632574) <sean@seanharloFREEBSDw.info minus bsd> on Wednesday October 27, 2010 @07:02PM (#34043940) Homepage Journal

          FUCK. It's not like entering someone's home, it's like turning to the same channel they're talking on on a CB. THEY ARE BROADCASTING IN THE CLEAR. THEY HAVE NO FUCKING PRIVACY!

          • FUCK. It's not like entering someone's home, it's like turning to the same channel they're talking on on a CB. THEY ARE BROADCASTING IN THE CLEAR. THEY HAVE NO FUCKING PRIVACY!

            Maybe not in America.

            But they do have the Right of Privacy as People in Canada. And in the EU.

            What is legal in one country may be an unconstitutional illegal act in another country.

            Try doing what you're talking about in Tianamin Square in China. You'll see that different countries have different rules - FAST.

            • Re: (Score:3, Interesting)

              by victorhooi (830021)

              heya,

              You're an idiot.

              Now, I know people in Canada like to trumpet about how WE'RE NOT THE US!!

              Lol, personally, here in Australia, I find it quite funny. And likewise, Europeans want nothing to do with those horrible Americans *eye rolls*. The fact that they're inward-looking and quite a bit xenophobic (disguised as nationalistic pride) has nothing to do with it.

              However, apply some logic here. The parent had it dead on. Whichever idiot used the "walk into somebody's home" argument is either technically incom

              • by qmaqdk (522323)

                ...And likewise, Europeans want nothing to do with those horrible Americans *eye rolls*. The fact that they're inward-looking and quite a bit xenophobic (disguised as nationalistic pride) has nothing to do with it.

                Now, should I just respond in kind by making up my own random "fact" about you personally or Australians in general? Or should I ask for a citation on the above?

                You choose, mate.

        • by mysidia (191772)

          This stupid argument gets brought up every single time by Google fans. Entering someone's home, even if the front door is unlocked, is still an act of trespassing.

          But taking pictures of you naked mowing your lawn in the front yard viewable from the street is not trespassing.

          If you don't want people going around with pictures, you really should cover up -- use encryption, and stop broadcasting uncoded materials with sensitive information, for the world to hear/see.

      • Re: (Score:3, Interesting)

        by WillAffleckUW (858324)

        See, in other countries - like say, Canada or the UK or the EU - corporations aren't People. And they have no rights.

  • Whoops! (Score:4, Insightful)

    by Mikkeles (698461) on Wednesday October 27, 2010 @06:11PM (#34043428)

    Gee, we got caught; better do it differently next time. (After all, there's no penalty).

    • Re: (Score:3, Informative)

      It's hard for there to be a penalty for something that isn't against the law.

      • Re: (Score:2, Troll)

        by bonch (38532)

        Actually, many local areas prohibit unauthorized access of computer networks. It's also unethical. However, I realize this is Slashdot where Google can do no wrong, even when their CEO comes right out and tells you not to give a shit about your privacy as an individual.

    • by DrYak (748999) on Wednesday October 27, 2010 @06:31PM (#34043598) Homepage

      Gee, we got caught; better do it differently next time.

      Well, the fact is, Google discovered the abnormal storage themselves. And reported it immediately.
      Storing that data was not their intention, only making a map of SSIDs.

      It's not like they where planning to keep this data and profit by re-selling it to marketeers (FaceBook, I'm looking at you !)

      I stay with my belief :
      - The clueless users who don't secure their network are the problem.
      - Even if Google did got punished, this won't suddenly make the clueless users less vulnerable to anyone with bad intentions.
      - And, if the next recording guy is a bad guy, it's very unlikely that he'll report himself. He'll just run away unnoticed with the data, and try to sell it.

      • by bonch (38532)

        It's not like they where planning to keep this data and profit by re-selling it to marketeers

        How do you know what Google was planning to do?

        - Even if Google did got punished, this won't suddenly make the clueless users less vulnerable to anyone with bad intentions.

        But it would discourage other more malicious parties from accessing networks for nefarious purposes, such as selling it to marketeers.

        Google we're talking about. They should receive some kind of punishment for "accidentally" collecting that data i

        • It's not like they where planning to keep this data and profit by re-selling it to marketeers

          How do you know what Google was planning to do?

          Well, you know, the fact that they didn't get caught trying to sell the data, but spontaneously announced it as soon as they noticed it. That might be a sign that selling wasn't their main target. I mean, normally I would expect a little bit more discretion from someone trying to sell shady data.

          - Even if Google did got punished, this won't suddenly make the clueless users less vulnerable to anyone with bad intentions.

          But it would discourage other more malicious parties from accessing networks for nefarious purposes, such as selling it to marketeers.

          Explain how ? The whole story caught up wind because Google openly admitted it as soon as they found the bug in their data-collecting setup. Had they kept the thing silent, nobody would have noticed. (Or at least no

      • by papasui (567265)
        You mean after being investigated in Germany for the same thing right?
    • by bonch (38532)

      No penalty because there's no outcry. People give Google a pass because Google gives them free email, a free search engine, and a free browser. It doesn't seem to occur to Google's fans that their search and advertising platforms are as closed source and proprietary as Windows, and that all the free services only exist to get people's personal data indexed.

      • Re:Whoops! (Score:5, Insightful)

        by Anonymous Psychopath (18031) on Wednesday October 27, 2010 @07:00PM (#34043918) Homepage

        No penalty because there's no outcry. People give Google a pass because Google gives them free email, a free search engine, and a free browser. It doesn't seem to occur to Google's fans that their search and advertising platforms are as closed source and proprietary as Windows, and that all the free services only exist to get people's personal data indexed.

        I'm pro-privacy, but this is silly. It's no secret that you pay for Google services by allowing them to target advertising at you. That's their business model and not only do they not make any attempt whatsoever to hide it, they point it out every time they have an earnings call.

        I fail to see why those shouting their secrets from a street corner have an expectation of privacy. We are responsible for our own privacy, not Google and not the government.

    • by ChilyWily (162187)

      That is precisely why my outrage is at the FTC Director. His response to this fiasco is completely outrageous. I'm generally opposed to cases where offenders 'settle' with the Government because it holds back regulation and stricter laws. In effect, corporations/people with deep pockets get away with a slap on their wrist. In this case, we did not even see that much resolve.

      Yet, who is going to hold Mr. FTC Director accountable? The behavior he displays is one of complete detachment from safeguarding the ev

  • to date (Score:3, Insightful)

    by nimbius (983462) on Wednesday October 27, 2010 @06:23PM (#34043522) Homepage
    i have yet to see any corporation with a major internet presence or market segment come close to following or guaranteeing their privacy policies with complete certitude. Companies from AT&T to Facebook to Chase never see a punishment for these leaks, or rather if Google does it would be an exception to the longstanding rule of american internet commerce.

    outrage does nothing. Users should take this revelation as an opportunity to improve their general knowledge of internet security.
    • Companies from AT&T to Facebook to Chase never see a punishment for these leaks

      That's because those companies are data aggregation partners of the federal government and other entities.

    • Re: (Score:3, Informative)

      by VGPowerlord (621254)

      i have yet to see any corporation with a major internet presence or market segment come close to following or guaranteeing their privacy policies with complete certitude.

      Google's Privacy Policy has nothing to do with this, unless you're implying that Google got everyone in major rural areas to somehow agree to said policy before Google drove out in their Streetview cars.

  • David Vladeck, director of the FTC consumer protection bureau, said the agency will end its inquiry because Google has promised to improve its privacy practices.

    Is this promise legally binding? What kind of 'improvement' can the average person expect? What if a person who wants to collect similar information just shows up in front of people's home and the offices of [insert big corporation name here] and tries the same thing. Is the Law the same? Me thinks FTC Director needs to be made accountable.

  • without even realizing it

    Google sniffing out all this stuff by accident? ! **sneeze** bullshit !

    Would it be an accident, it'd even be scarier. It'd mean that the search giant don't know what they're doing.

    • by Anonymous Psychopath (18031) on Wednesday October 27, 2010 @07:08PM (#34044016) Homepage

      without even realizing it

      Google sniffing out all this stuff by accident? ! **sneeze** bullshit !

      Would it be an accident, it'd even be scarier. It'd mean that the search giant don't know what they're doing.

      I don't think you've ever used a sniffer. Google drove around with a wireless sniffer that recorded traffic to a log file. The guys in the van would upload all their logs to a central location where they were parsed to build a database of access point SSIDs and MAC addresses for geolocation. The problem is a sniffer dump contains a lot of raw packet data, more than just the information they needed, because that's what a sniffer is supposed to do; capture all the traffic it finds.

      • My point exactly. You seem to know what you're talking about. So did Google. So it is reasonable to assume that they knew that

        A sniffer dump contains a lot of raw packet data.

        and that

        [it] captures all the traffic it finds

        • Re: (Score:1, Insightful)

          by Anonymous Coward

          My point exactly. You seem to know what you're talking about. So did Google. So it is reasonable to assume that they knew that

          A sniffer dump contains a lot of raw packet data.

          and that

          [it] captures all the traffic it finds

          It's a reasonable assumption, but that doesn't indicate any intention to purposefully capture the extra data. It's more likely an engineer didn't anticipate or fully consider the consequences. Maybe they thought the chances of someone using unencrypted passwords over unencrypted wifi while the Google car happened to be driving past and in range were so remote that it didn't bear further examination (clearly if this was the case, they were wrong).

          This isn't directed to you personally, but Slashdot is a stran

          • by ericlj (81729)

            That argument would be a lot more persuasive if they didn't have code that parsed out the "accidentally" captured information and stored it. They knew exactly what they were doing.

            See this: http://www.theregister.co.uk/2010/06/04/schmidt_wifi/

            Of course, you probably believe that rogue engineers were able to plant code into the Google black helicopter fleet.

  • StreetView snapped a pic of the FTC chairman standing outside of a strip club, smoking reefer and kicking a puppy.

    Probe ended.
  • I can't believe their Street View team managed to get that van onto a private beach! So awesome! Google will stop at nothing to collect data!
  • I want to get the pricing on purchasing the geographicly broken down list of WiFi routers in the US. Now that this information is available, I am sure it is for sale.

    So then we can see if Belkin, DLink or Netgear has a bigger presence in Tampa, FL.

    Why would anyone want this data? Well, it might come in handy if you have found a backdoor into DLink routers. Or, if you are associated with a retailer that is about to offer a big discount on Netgear routers only to find out that they aren't very popular in y

  • by mgiuca (1040724) on Thursday October 28, 2010 @01:08AM (#34046272)

    Well I for one am glad this is over and Google understands what it did is wrong and nobody will try something like this again.

    I'm glad this issue got some public attention, and everyone learned a valuable lesson (which should already have been obvious): reading other people's wi-fi is wrong.

    Now I can go back to setting my router to no encryption and be safe in the knowledge that nobody will read the passwords and bank details I will inevitably send in the clear.

For every bloke who makes his mark, there's half a dozen waiting to rub it out. -- Andy Capp

Working...