Forgot your password?
typodupeerror
Google Privacy Your Rights Online

Report Finds Google Supervisors Knew About Wi-Fi Data Harvesting 197

Posted by samzenpus
from the who's-to-blame dept.
bonch writes "According to the FCC report, Google's collection of Street View data was not the unauthorized act of a rogue engineer, as Google had portrayed it, but an authorized program known to supervisors and at least seven other engineers. The original proposal contradicts Google's claim that there was no intent to gather payload data: 'We are logging user traffic along with sufficient data to precisely triangulate their position at a given time, along with information about what they were doing.'"
This discussion has been archived. No new comments can be posted.

Report Finds Google Supervisors Knew About Wi-Fi Data Harvesting

Comments Filter:
  • by DaScribbler (701492) on Sunday April 29, 2012 @08:28PM (#39840673)
    Is there a source to what is claimed in the article? I followed the links and find nothing to substantiate. Even the NYTimes links just references their own articles.
  • by Dyinobal (1427207) on Sunday April 29, 2012 @08:39PM (#39840749)
    What does this matter now at all? CISPA is going to get passed into law at this point. I could care less about Google being a bit sleazy with regards to user privacy at this point.
    • by artor3 (1344997)

      Even leaving aside Obama's veto threat, the bill was voted against by 75% of the Democrats in the House. If it gets a similar percentage in the Senate, they can filibuster it without any GOP crossovers.

      Your fatalism isn't doing anyone any good. Actually, that's not true, I'm sure the Republicans love it. When was the last time you called your congresscritters?

      • by b4dc0d3r (1268512)

        Why, I called them "Bastards" just this week. I call them something or other once a day and twice on Sunday.

        By the time they read their mail, however, their lobbyist already got to them in person, and convinced them to vote the other way. And the vote happened.

        I usually get a mail 4-6 weeks later explaining why their vote was the only option, in vagueries best left to poets and politicians.

      • by ukemike (956477)

        Even leaving aside Obama's veto threat,

        Obama threatened to veto the NDAA. It had the effect of calming the growing protest storm against the act. "No worries, Obama will save us. We can relax." When in fact his staff was negotiating the nastier more offensive version that he eventually signed.

        Don't trust him. He falls somewhere between Reagan and Bush1 on the political spectrum and gets called a socialist for being so far to the left of the Republi-fascist party. Our country has gone mad.

  • Looks like Google is trying the old "Teflon Soft-shoe" in an attempt to avoid charges, fines, and other 'business costs' associated with such snooping.
    Glad to see the Engineer they blamed didn't just roll over and play dead on this, or it would have been Quite Bad in the long run.

    So, where does that leave "War-Drivers" who specifically snoop out WiFi?

    • in the UK at least, they're already criminals (section 1 of the Computer Misuse Act 1990 makes it an offence to gather any data howsoever if unauthorised).

      • by stephanruby (542433) on Sunday April 29, 2012 @09:37PM (#39841053)

        in the UK at least, they're already criminals (section 1 of the Computer Misuse Act 1990 makes it an offence to gather any data howsoever if unauthorised).

        So if I post a blog in the UK for everyone to see, but I don't explicitly authorize anyone to view it (the authorization is just implicit), then the Googlebot would be committing a crime by going through it and indexing it? Is that what you're saying?

        • So if I post a blog in the UK for everyone to see, but I don't explicitly authorize anyone to view it (the authorization is just implicit), then the Googlebot would be committing a crime by going through it and indexing it? Is that what you're saying?

          Implicit authorisation = authorisation. No authorisation = no authorisation. Simple, isn't it? You have authorisation to read this post. You have no authorisation to record this post being sent wirelessly from my computer to my router, or being transmitted from my router to my ISP, and so on.

  • by elbonia (2452474) on Sunday April 29, 2012 @08:52PM (#39840819)
    Let's sum up the whole thing, "Google had not violated any laws". That's straight from the article and the FCC investigation report. Not one single law was broken, PERIOD. So how is this news? If the NYT really wants to do news about privacy rights why doesn't it put the bullshit CISPA on the front page instead of ignoring it.
    • by psydeshow (154300)

      Let's sum up the whole thing, "Google had not violated any laws". That's straight from the article and the FCC investigation report. Not one single law was broken, PERIOD. So how is this news? If the NYT really wants to do news about privacy rights why doesn't it put the bullshit CISPA on the front page instead of ignoring it.

      To be fair, the report accuses Google of potentially violating the Wiretap Act, but because Engineer Doe won't incriminate him- or herself there is no way to prove it.

  • Its Kismet. (Score:2, Insightful)

    by Anonymous Coward

    For those who don't know, the unmentioned program is Kismet [johnmeyer.net] So what if Google engineers knew about its capabilities to write pcap files? It's not an overwhelming amount of data for each Google car when compared to everything else it's collecting, and I wouldn't be surprised if it was simply left on, since I belive that's how kismet comes out of the box. The big point is Kismet also plots access point data in easily parsable formats along with signal strength, geographical coordinances, clients connected, o

    • by tftp (111690)

      It's not an overwhelming amount of data for each Google car when compared to everything else it's collecting, and I wouldn't be surprised if it was simply left on

      If I were in charge of outfitting StreetView cars, I'd load them with everything I could possibly lay my hands on. It costs a lot of money to send a car on a route. So if the car is going it should capture everything that is capturable - as long as that is legal and hopefully ethical.

      With this payload capture Google broke law in some countries

  • by Jerry (6400) on Sunday April 29, 2012 @09:50PM (#39841145)

    They spent a year and tens of thousands of dollars "investigating" Google and couldn't find any violations of the law, so the make a bogus claim that Google "didn't cooperate". Why should Google? What the Feds wanted was for Google to unilaterally admit to some crime.

    Those who claim Google was "stealing data" have no clue as to how wifi's work and what it takes to collect data with a "Street View" van. Mostly they are victims of Apple's and Microsoft's anti-Google FUD campaign, since they both collect the same kinds of data.

    Most wifis have a radius range of about 300 feet. Traveling at 25mph a van can pass through 600 feet in about 16 seconds. It takes several minutes to crack a WEP and even more for a WPA encrypted connection. The van won't have enough time to crack into secured access points. That leaves OPEN access points. How many packets could a van collect in 16 seconds for an 11Mb/S connection? About 10,600. A typical 1500 byte packet has a maximum of 842 bytes of payload, which would total to about 9 MB of data. That "data" will be HTML code, web page elements, LOTS of graphics and tons of trivia. It *might" contain pieces of someone's email. All from Joe and Sally Sixpack who don't have enough sense to, in affect, close their blinds when they undress for bed at night, or shout all of their telephone conversations, or leave their cars and houses unlocked and the windows down or open. So, what are folks to do when they pass by, plug their ears and close their eyes for 600 feet?

    Besides, ESSIDs can and often do change without notice, so they mean nothing. MAC addresses would identify hardware and Google could connect a MAC to an IP address, but gathering that information is not illegal. Besides, names, telephone numbers and house addresses have been linked together in phone books for a100 years. I can record your license plate number and look up your name and address in our state auto registration database after paying a registration fee of $50. Ditto for your house records: year it was built, how many times it was sold and for how much, the amount of taxes you payed and what is due, even a floor plan.

    IF you don't want someone eaves dropping in on your wifi traffic then use WPA and/or encrypt your email and connect only with https websites.

    • by igb (28052)

      All from Joe and Sally Sixpack who don't have enough sense to, in affect, close their blinds when they undress for bed at night, or shout all of their telephone conversations, or leave their cars and houses unlocked and the windows down or open. So, what are folks to do when they pass by, plug their ears and close their eyes for 600 feet?

      Real-world analogies are always suspect, but even if people are undressing with the curtains open, anyone who films them doing so does so at their legal peril in most ju

      • by zenyu (248067)

        The law regarding recording telephone conversations is more variable, but most jurisdictions have a "so long as one party consents" law, which in this case wouldn't be met. It doesn't matter, in UK law at least, whether the recording is done on the electrical or the acoustic side of the proceedings, and I'd be surprised if other legislation draws that distinction: recording phone calls with a sucker mic on the receiver is just as illegal as doing it electrically.

        This is the second time I've heard this abou

  • I don't think this specific event was really all that bad.

    What's really troubling, though, is the attitude towards the users' data. And it's not a single "rogue" guy; he talked to other people, even asking a member of the Search team if it could be useful - why didn't he or she report it? Are they really that numb towards protecting people's privacy? Consented data mining is one thing, but this was wardriving!

    I'm still a Google fan - they make a bunch of things that I really like - but I think this just str

    • by Todd Knarr (15451)

      What's really troubling, though, is the attitude towards the users' data.

      The attitude towards people's data troubles me, too. The attitude that people should be entitled to any expectation of privacy for data they broadcast over the equivalent of a loudspeaker, for instance. If you have any intention of the data being private, broadcasting it to anyone listening within a block's radius is the last thing you'd be doing. And if you had to do it, you'd use encryption to insure anyone hearing it wouldn't be a

      • No.

        I never said people should be entitled to any expectation of privacy for data they broadcast. What Google did was legal and should be legal.

        But none of that excuses their attitude. We know people broadcast their data mostly because their ignorant about the system, and Google essentially took advantage of their ignorance, which is always a shitty thing to do regardless of whether you have the right to do it or not.

        Should people protect their data? Yes. Are they to blame if it gets sniffed? Absolutely. But

  • Was google harvesting unencrypted wifi traffic? Probably... so what? Who has unencrypted wifi? Even the local coffee shop that gives wifi away for free still encrypts their wifi. They just tell everyone the password.

    The moral of the story is encrypt your wifi... also, zip up your fly before you go out in the morning... and bring an umbrella if it's raining.

    You know... basic words to the wise... like don't go swimming in sewage. Did google spy on idiots? Probably. But who cares? What exactly are we trying to

  • by peppepz (1311345) on Monday April 30, 2012 @05:26AM (#39843045)
    Rogue engineer? Evil managers? Who cares who is the culprit in this particular case? The plausibility of both cases is just evidence of the real basic problem: a centralised database of public (or less public) information about every single individual in the planet should not exist in the first place.There's no problem if somebody comes under my house and snoops on my unencrypted wifi traffic. There's a problem if a single entity collects all unencrypted traffic from all the streets of the world. There's a huge problem if the same entity also collects all mac addresses, street addresses, personal names, phone numbers, web history of the same people, analyses all of them to dig for those people's problems, opinions, tastes, aspirations, and the only warranty of privacy they give is "hey, we promise that we won't ever misuse that data".
  • by Kartu (1490911) on Monday April 30, 2012 @06:48AM (#39843299)
    "Google announced that WiFi data collected in the Netherlands will be deleted. This move is being made at the behest of the Dutch Data Protection Authority, who gave an order earlier this year that all WiFi data was to be deleted." http://tech.slashdot.org/story/12/04/29/2229225/report-finds-google-supervisors-knew-about-wi-fi-data-harvesting [slashdot.org] And one more thing, lets not mix "google claims it had no intent to use that data" and "google had no intent to use that data" please.
  • by psydeshow (154300) on Monday April 30, 2012 @03:24PM (#39848925) Homepage

    Consider the humble wiretap: telephone conversations are unencrypted communications over semi-public networks, and yet unsophisticated callers presume them to be private. So there is a body of law designed to protect the privacy of our phone calls.

    Yes, the neighborhood utility guy could tap the lines and listen in. But no company or enforcement agency could do so on a large scale without causing a huge scandal.

    As tech-minded people, we all know that what happens on unecrypted wi-fi (and plain-text internet connections) is subject to interception by war-drivers, ISPs, and government-operated listening posts. And so it's hard to have any sympathy for folks who used unencrypted wi-fi and got caught by Street View's packet capture. But that doesn't mean it should be legal for organizations or governments to listen in. Just because they can, doesn't mean they should.

    From the report, we know that Google started doing this in 2008, which *is* pretty late in the game for unencrypted wi-fi. Nevertheless, there was a time (say 2003ish) when it was fashionable to have unencrypted wi-fi. Not only did this ease compatibility problems, it made it easy for friends, family, and other visitors to get online quickly. It was also seen as an altruistic way to give internet to the masses. This started changing in the middle of the decade, but for whatever reasons there were clearly still quite a few unencrypted networks for gslite to sniff in 2008-2010.

White dwarf seeks red giant for binary relationship.

Working...