Judge OKs Wiretap Lawsuit Over Google Wi-Fi Sniffing

An anonymous reader writes "Last year Google found itself in hot water after admitting to accidentally collecting payload data from unsecured Wi-Fi networks. Their admission led to a number of investigations and complaints around the globe, and a U.S. District Court Judge has now denied Google's motion to dismiss a class-action lawsuit which alleges the search giant violated federal wiretapping laws. 'Judge James Ware drew a distinction in yesterday's ruling between merely accessing an open WiFi network and actually sniffing the individual packets on that network. In the first case, one is only jumping onto a network to send and receives one own communications; in the second case, one is looking into someone else's communications, and doing so in a way that requires nontrivial technical ability or software.'"

a shame

[alphatel]

Google will likely plead innocence, but it's hard to believe this megalith would do such a thing unwittingly.

Re:a shame

[secretcurse]

What did they do that's wrong? The dumbasses without encrypted networks were broadcasting their information out to a public road. The Google vehicles were in public when they received the plaintext information. If the people were outside screaming their online banking credentials out loud and Google happened to be driving a car with microphones recording ambient noise at the time, would that be illegal?

Re:

[Bob the Super Hamste]

I would think that this is similar to the "on the internet" or "with a computer" type of patents where because something that is analogous in the physical world, shouting your banking info, and would be laughed out of court gets treated differently because technology is involved. I do wonder if charges could be brought for wire taping in a two party state?

Re:

[black soap]

I would agree, except this broadcasting isn't obvious to most people the way some guy on a streetcorner yelling his credit card numbers would be. Remember the ruling on thermal imaging without a warrant?

Re:a shame

[tftp]

If the people were outside screaming their online banking credentials out loud and Google happened to be driving a car with microphones recording ambient noise at the time, would that be illegal?

IMO, it would be illegal if you use a high gain microphone and uncommon, expensive equipment. A packet sniffer, for most people, comes straight from spy stories, and it's not much different to placing alligator clips on phone wires. After all, we "broadcast" our phone conversations on public wires that aren't much protected.

The reason is that we deal in perception of privacy. There are no absolutes. However when two persons talk in the street, they believe to have privacy if there is nobody around close enough to overhear their conversation. It's common sense.

There is yet another note. "Broadcasting" means transmission that is intended for everyone to receive. Radio and TV stations broadcast. However cell phones don't broadcast - we say that they establish communication channels, point to point (from the handset to the base station.) Clearly intercepting that communication (however difficult today) would be wiretapping. But what's the difference between the cell phone that carries your protected oral speech and the email that carries your protected written speech? The encryption can't define that, otherwise it would be legal to break into unlocked homes.

Re:

[Tanman]

Even more than this, if you use a wireless phone then someone with simple radio equipment could easily listen in. Guess what? Still illegal.

What Google did is wrong. I wonder if they were also logging SSIDs for networks with SSID broadcast off? It's trivial to still obtain that SSID, but wouldn't that be circumvention of protection?

Re:a shame

[zill]

IMO, it would be illegal if you use a high gain microphone and uncommon, expensive equipment. A packet sniffer, for most people, comes straight from spy stories, and it's not much different to placing alligator clips on phone wires. After all, we "broadcast" our phone conversations on public wires that aren't much protected.

Phone lines aren't public. They're owned by the ISP. So using alligator clips on phone wires would constitute both b&e as well as destruction of property. Landlines aren't "broadcasted" in any sense of the word. Landline signal only travel in private spaces, therefore there is a reasonable expectation of privacy, unlike open WiFi which is broadcasted to the public space.

The reason is that we deal in perception of privacy. There are no absolutes. However when two persons talk in the street, they believe to have privacy if there is nobody around close enough to overhear their conversation. It's common sense.

When two people shout loudly to each other in the streets, they should have no reasonable expectation of privacy. That's exactly what open WiFi is.

Talking on the street the equivalent of encrypted WiFi, which doesn't apply to this case.

However cell phones don't broadcast - we say that they establish communication channels, point to point (from the handset to the base station.) Clearly intercepting that communication (however difficult today) would be wiretapping.

This is false. Cell phones broadcast unidirectionally on account of their antennae design. You can receive cell phone signals with a $100 scanner from radio shack. I'd hardly call that "uncommon, expensive equipment".

Decrypting those signals on the other hand, is much more difficult.

But what's the difference between the cell phone that carries your protected oral speech and the email that carries your protected written speech? The encryption can't define that, otherwise it would be legal to break into unlocked homes.

The difference is the encryption. Breaking into homes is illegal because there are laws against it. Whether the home is locked or not is irrelevant. There's nothing illegal about receiving public broadcasts, otherwise I would be be jail for all those years of participating in ham radio.

Re:

[tftp]

Phone lines aren't public. They're owned by the ISP. So using alligator clips on phone wires would constitute both b&e as well as destruction of property.

If you are a ham you should know that a simple magnetic loop will pick up enough signal to decode conversations without physically connecting to the bundle. The phone sends something like 0 dBm on the wire into 600 Ohm, that's plenty of current. Does it make it legal to wiretap?

Cell phones broadcast unidirectionally on account of their antennae de

Re:

[zill]

Phone lines aren't public. They're owned by the ISP. So using alligator clips on phone wires would constitute both b&e as well as destruction of property.

If you are a ham you should know that a simple magnetic loop will pick up enough signal to decode conversations without physically connecting to the bundle. The phone sends something like 0 dBm on the wire into 600 Ohm, that's plenty of current. Does it make it legal to wiretap?

No, because privacy laws protect phone lines.

Someone using magnetic loops to intercept landlines would be guilty of the wiretapping laws.

Someone using alligator clips to intercept landlines would be guilty of breaking and destroying the phone company's property, as well as violating the wiretapping laws.

There are currently no laws against receiving public broadcasts.

Cell phones broadcast unidirectionally on account of their antennae design.

You are in danger of losing your geek card (if not the FCC license.) Cell phones' antennas are omnidirectional in the horizontal plane.

Sorry, that was a typo.

You can receive cell phone signals with a $100 scanner from radio shack.

The CDMA signal is DSSS, well below the noise floor of the receiver, You need to synchronize to the PRN code to pull it out. No $100 scanner from Radio Shack can do that.

DSSS is part of the encryption scheme. The PRN code is one of the secret keys. I specifically said de

Re:

[Hognoxious]

However when two persons talk in the street, they believe to have privacy if there is nobody around close enough to overhear their conversation.

Their belief is wrong. It'd be more accurate to say "if there is nobody around close enough to overhear their conversation that they can see"

Re:

[strength_of_10_men]

So by the judge's reasoning, ISPs can be sued if they use packet sniffing to detect usage for throttling or shaping?

And to the GGP, it's a civil suit, there is no pleading of innocence.

Re:

[tftp]

So by the judge's reasoning, ISPs can be sued if they use packet sniffing to detect usage for throttling or shaping?

It's more of a legal territory. However ISP should be allowed to look into packets as long as that is necessary for fulfilling their part of the contract. USPS is also allowed to look at the address of my mail to find out where to send it to. FedEx will ask me what is in the envelope that I address to a foreign destination because of customs. All these actions are needed.

However Google is

Re:

[tftp]

I could be mistaken, but it is legal to walk into unlocked homes so long as you have no intention of stealing or vandalizing the place.

I wouldn't recommend you to test this legal theory of yours. If you are lucky you will be arrested for trespassing. If you are not very lucky, your body will be collected by the coroner. Note that you, a 30 y/o man (for example) don't need to wield a weapon to constitute a clear threat to a 90 y/o woman who just happens to have a .357 in the drawer. Remember, if an old ma

Re:

[Sloppy]

If you are lucky you will be arrested for trespassing. If you are not very lucky, your body will be collected by the coroner.

If you arrest or shoot me in your home, one thing's for sure: I am never going to trust your party invitations again. No one else will, either.

The point being, the whole come-into-home analogy is bullshit. If one person is going to map receiving the signals as equivalent to entering, then it's no less crazy to map broadcast of the signals as equivalent to sending out invitations.

Re:

[Coren22]

Plywood AND drywall? Wow, in my days we didn't have plywood or drywall, damn whipper snappers.

Re:

[GooberToo]

I could be mistaken, but it is legal to walk into unlocked homes so long as you have no intention of stealing or vandalizing the place.

Maybe, maybe not, It depends on the particulars. It may be considered trespass if you were not invited, even if the door was left wide open. Simply entering a stranger's property, without an implicit understanding the public is invited (example, store front vs home) would be considered illegal.

Re:

[breakfastpirate]

I think a better analogy would be me shouting my banking information to some friend of mine over a random CB radio channel. There are IIRC 40 CB radio channels, so the chance that someone besides me and my friend are listening and are within range is remote, but still possible to do with a trivial amount of equipment and skill.

Re:

[cdrguru]

Is your telephone (land line) encrypted? No? Well then it would be perfectly alright with you to set up a small coil to receive the "broadcast" from the wire wouldn't it? This could easily be used by law enforcement to monitor any telephone conversation without actually involving a physical "tap" anywhere. Sure, the "tap" would be more efficient and less subject to interference but they could skip the warrant by just using the laws of physics and getting near the wire.

Maybe with the right equipment (not

They have scads of money

[Shivetya]

that is what they have done wrong.

Re:

[cavreader]

They saved the information they collected and refused requests for outside overview on how the saved data was handled after capture.

Re:

[Coren22]

They accidentally saved the data, and when asked to share the data they refused, but in many cases they cooperated on the destruction of the data.

How Google was "unwitting"

[Sloppy]

It's not that they listened to the public broadcasts unwittingly, it's that they thought that if a router's owner elected to make their network available to the rest of the world, then it would be available to Google too. They unwittingly thought they were subject to the same reality as everyone else, regardless of their megalithic size which makes people fear and loath them.

People are apparently perfectly fine with showing their network traffic to their neighbors, and to any non-Google wardriver. There's

Ahhhh, I get it now

[cultiv8]

Tracking GPS is good [slashdot.org], sniffing wifi is bad.

Re:

[erroneus]

It's not WHAT they are doing, it's WHO is doing it that is at issue. Google is not law enforcement or government of any kind. And since they were not contracted by the government to do this and they have not collected data to offer to the government, it will not likely get a pass on this. On the other hand, if government thought for a moment that they could benefit from the information Google had collected, you can bet they would have gotten a pass on it just as Blackwater and other contractors got passe

Re:

[shentino]

Conveniently enough they told Google not to shred it.

Probably becuase it's a back door to get their grubby paws on it without the bother of a warrant. Just accuse Google of unlawful wiretaps and bam, free evidence.

Re:

[zill]

Big corporation and the government is the same entity. Film at 11.

Re:

[erroneus]

Yes, where have you been? The Bush and current president are both trampling the constitution -- the law above all other laws and supposedly the law that limits what they can do.

Fed. Wiretapping Laws? Really?

[milbournosphere]

Not even the government follows them. The hypocrisy here is ridiculous. I'd much rather have Google sniffing my SSID than the FBI making a phone call to $TELCO to get warrant-less access to phone records and wiretaps, in addition to the rest of their available tracking tech and methods. The fed should police up their own people and regulations before going after Google.

Re:

[maxume]

It's amazing how much misunderstanding this case engenders.

Google has been completely unapologetic for sniffing SSIDs. Some people are angry that they would so large scale data gathering, but they generally just think it is improper.

The real shit-fits are over the unencrypted wifi packets that Google wrote to disk while they were driving around sniffing SSIDs (Google did say "oops-sorry" about that activity).

Re:

[RockoW]

Moral of the story: Don't disclose small errors to the public. Many lawyers will see an opportunity to get their pockets filled.

Re:

[dnaumov]

It's amazing how much misunderstanding this case engenders.

Google has been completely unapologetic for sniffing SSIDs. Some people are angry that they would so large scale data gathering, but they generally just think it is improper.

Why the hell should they be apologetic for accessing public information? Leaving your WiFi network unsecured is not akin to leaving your door open, because entering an open door would still be illegal tresspassing, but if you set up a machine inside your house that yells whatever you are doing out all the way across the street via massive speakers, you really only have yourself to blame.

Re:

[maxume]

I didn't say they should apologize, but the commenter I replied to thought that the SSID sniffing was the issue.

I don't really see the need to make a bunch of inaccurate analogies about the wireless communications involved, wireless access points that actively exchange packets with any hardware that is in range are clearly not intended to be private (there is room to argue about the intent behind openly transmitting data, but any legal argument about protecting the privacy of unencrypted communications is g

Re:

[cavreader]

It was the storage of the captured data and what Google intended to do with it that spawned the enquiries. Sure you can collect information when people broadcast in the open but would it be OK for Google to us that captured data to sell or market without your approval? Google is marketing and advertising firm that just happens to use cool tech. The collect and sell personal data. How about people bitching and moaning about the opt-in and opt-out precedence when signing in to a site that collects information

Re:

[jhoger]

The distinction should be solely between encrypted and unencrypted traffic. Encrypted traffic presumes an expectation of privacy. Unencrypted *should* not.

Re:

[TheEyes]

How do you encrypt your voice? Your handwriting?

No, I don't think encryption should be the only measure of whether or not a communication should be considered "private" for the purposes of wiretapping/privacy laws; I also think that both intent and the nature of the technology should play a role. For example, a quiet whisper into someone else's ear can be private, but now a shout, because one is obviously meant to be private and the other is obviously meant to be a "broadcast". Similarly, a cell phone shoul

Re:

[hedwards]

The weather in Burma is quite warm this time of year.

Ah, but it isn't yet time for shorts.

Seems like it's not that hard to do.

Re:

[Agripa]

Encrypted traffic presumes an expectation of privacy.

Oddly enough for 4th amendment analysis encrypted traffic enjoys no increased expectation of privacy.

http://papers.ssrn.com/sol3/papers.cfm?abstract_id=927973 [ssrn.com]

Re:

[Riceballsan]

Actually there is where google and facebook vary, Google dosn't sell information to the highest bidder, unless you consider themselves the highest bidder always. Google isn't going to tell joe schmo marketer that you go through 10 rolls of toilet paper a day, google will tell toilet paper vendors "we know who use alot of toilet paper, pay us and we'll make sure they see your advertisements", they don't want to directly sell off your information that would be like selling the goose that lays the golden egg.

Importance of Judge's reasoning?

[LordLimecat]

even if unencrypted, data traveling over Wi-Fi networks is not considered "readily accessible to the general public," he found.

So for the legal buffs out there-- if google can demonstrate compellingly that that reasoning is wrong (in a way that a judge accepts), would google then have any leverage to again file for dismissal, since the reason their motion was overturned would have been removed?

I ask because one might be able to demonstrate that many laptops these days DO intercept unencrypted traffic in order to reveal "non-broadcasting" SSIDs-- in order to reveal their existence, packets must be "intercepted", and their target SSID / MAC shown. Further, as Im sure google will argue, software like Kismet, GrimWEPa, WiFite, Aircrack, et al very trivially and automatically begin gathering traffic; it takes no special expertise these days (after 10 years of progressively better WEP crackers) to do what it seems Google did.

Re:

[Local ID10T]

"nontrivial technical ability or software"

Just because the judge doesn't know how to do it, does not mean that it is not trivial, or that the software in question is not commonly, and legally, available for free.

Re:

[tftp]

Just because the judge doesn't know how to do it, does not mean that it is not trivial

IMO, it is nontrivial if the laptop doesn't come with that software.

But even setting technicalities aside, isn't it obvious that reading someone else's emails just might be wrong? If your coworker walks away from his desk, will you jump on the opportunity to go through his GMail account? It's not encrypted, and the access software is trivial (your eyes.)

Re:

[Kilz]

"If your coworker walks away from his desk, will you jump on the opportunity to go through his GMail account?"

No, because its on their machine and you would be "searching through what isnt clearly visible on someone elses property. But if they were reading it on an open radio transmitter and you heard them on your radio while searching through the stations there would be no problem.

Re:

[tftp]

No, because its on their machine and you would be "searching through what isnt clearly visible on someone elses property.

Let's make the test case even simpler then. He has his GMail in the browser, in full-screen mode. He walks away without locking the PC (trusting his fellow man.) Will you LOOK at his screen while he is away? The screen "broadcasts" photons for anyone to receive...

Re:

[LordLimecat]

IMO, it is nontrivial if the laptop doesn't come with that software.

That is my point--

• *Toshibas these days come with ConfigFree, which "sniffs" out non-broadcasting SSIDs
• *Laptops with Intel WiFi come with ProSet, which has similar functionality in its GUI
• *Dells have some ControlPoint garbage which does the same thing I think

Etc etc. My point was exactly that-- that many (most?) laptops these days have the functionality these days to "invade privacy" by sniffing out nonbroadcasting SSIDs and displaying the sniffed info. Necessarily, to get those hidden SSIDs, you must capt

Re:

[Score Whore]

How many of them come with high-gain antennas, more than 12db? Because the street-view cars weren't just out there rolling with POTS wifi gear. A normal person could reasonably put their AP in their house and expect that the signal isn't available in the street due to the power levels, distance and obstructions involved. All that changes when some wanker comes along with specialized gear.

Re:

[Hognoxious]

Put aside the technology for a moment. The difference is whether you have an expectation of privacy or not. If someone films you taking a dump in the street that's different to if you were in your own bathroom at home.

Re:

[AliasMarlowe]

"nontrivial technical ability or software"

Just because the judge doesn't know how to do it, does not mean that it is not trivial, or that the software in question is not commonly, and legally, available for free.

Exactly. An analogy would be some people communicating via American Sign Language in a public place. Such a conversation would probably be meaningless to the judge and to the lawyers and to most observers. Indeed, many people might even consider it nontrivial to understand, requiring a certain degree of expertise.

However, nobody in their right mind would accuse a bystander who did understand it of illegally eavesdropping a public exchange using American Sign Language. Perhaps this is one line of reasonin

Nontrivial technical ability?

[whoda]

I don't know how to sniff or probe any sort of wireless network signal, but I bet with 5 minutes of searching I could have a program that would do it for me.

Re:

[tofubeer]

How long does it take you to type? :-) (I went with windows since that is non-technical :-)

https://encrypted.google.com/search?q=packet+sniffer+windows+wireless [google.com]

Re:

[hellkyng]

I'll save you 4 minutes and 55 seconds: www.wireshark.org And it runs on linux! The nontrivial technical ability probably refers to how you have to hit a button to start the thing running.

Non-trivial?

[chemicaldave]

in the second case, one is looking into someone else's communications, and doing so in a way that requires nontrivial technical ability or software.

Please, packet sniffing is trivial. Anyone with a cursory knowledge of networking can use Wireshark to investigate traffic. It becomes even more trivial given the availability of Wireshark in a GUI interface for almost all platforms.

Re:

[Talderas]

There exists only two barriers to how trivially easy it is to sniff wireless track.

#1 - The user must have a wireless nic.
#2 - The user must be aware of the software.

Re:

[chemicaldave]

I would hope being aware of the software does not count as being non-trivial.

Any way, here's an excellent Privacy International report examining the software google used, gslite. [googleusercontent.com]

Re:

[hedwards]

If you type "sniff wireless traffic" into duckduckgo, the first result is a tutorial related to, you guessed it, sniffing network traffic with wireshark. That's about as trivial as it gets.

Re:

[omnichad]

And patent it, while you're at it.

it was authorized by the WAP owners

[Anonymous Coward]

If you run an open WAP, you have authorized people to listen to the data going by.

If you do not want that, the protocol provides an official blessed way to say you want your data private.

You get to pick which one you want. Don't pick one and then bitch about your own choice. Punishing google for this WILL set a dangerous precident that will be used against all of us by big corporations in the future. We MUST maintain a world where we are free to listen to unencrypted signals going through our own property.
It's critical. The bigger issue here has nothing to do with google: it's about preserving our OWN freedom.

Re:

[chemicaldave]

Actually it does sound like it's about google. The court is siding with the plaintiffs claim that sniffing packets is non-trivial. I would be interested to know how their opinion would change if google showed how easy it is to sniff plaintext packet payloads. It appears that the court's decision is hinging on the triviality of such.

Re:

[zill]

I would love to be the expert witness who types in "apt-get install kismet", answer a few questions, and then receive a paycheck.

Re:

[chemicaldave]

Exactly. While Google did write custom software, the independent report states they do not believe the Kismet source was altered in anyway. The reason the software is custom is so they can marry the SSID and mac address to some GPS data.

Re:it was authorized by the WAP owners

[symes]

No - it is about reasonable expectations for privacy. To some extent we cannot expect absolute privacy with our neighbours, but we should expect that wholesale corporate intrusions to privacy are scorned upon. Could I, for example, point a higjhly sensitive microphone at someone's house, from a public street, and record their conversation? You could say that unencreypted data is public, but you could also argue that doing so violates the interlocutors expectations of privacy.

Re:

[jdgeorge]

The question you allude to is whether the expectation of privacy by the people running open wifi is "reasonable". For most people who understands the technology, it is NOT reasonable to expect that someone will not read unencrypted traffic broadcast in public. Whether that means that the court would find that the general public's expectation of privacy is not reasonable is unclear.

However, that is not what this suit is about. This is about money, and trying to do anything possible to damage Google's reputat

Re:

[hedwards]

Right, unlike giving a key to the neighbors for safe keeping or leaving your door open, a person that happens upon an open AP has no way of knowing that the user intends for it to be private. However, if I leave the door to my house unlocked, it's still trespassing to open the door without my permission and go inside.

Re:

[thegarbz]

The problem with a reasonable expectation is that the term "reasonable" varies with the person.

You are right, pointing a highly directional microphone at my house would be a violation of my reasonable expectation of privacy. Our local courts have held up that charge against paparazzi with 500mm lenses 100m away from celebrities homes. On the flip side if I am shouting and you're using a standard microphone to record the conversation it can not be held as a reasonable expectation of privacy, and to draw a co

Re:

[cdrguru]

Land line telephone lines can be "sniffed" with the use of a pickup coil that you can get for $7.99 at Radio Shack. [radioshack.com] Wow, they used to be a lot cheaper. Anyway, this will enable the user to receive "broadcast" telephone conversations with just about anything that can be used as an amplifier. It does not require any sort of technical ability and the tools are commonly available.

So it would be legal in your opinion to listen to or record such conversations as long as it was done without actually connecting

Re:

[vlueboy]

Punishing google for this WILL set a dangerous precident that will be used against all of us by big corporations in the future.

So be it!

You're arguing for the LEGAL SUPPORT of a case that hasn't happened, instead of looking at the one that has already HAPPENED, and which already made *whole countries* cringe.

The case you're forgetting is more dangerous yet, because google ALREADY got our data, and is *setting precedent too* when they win: encouraging other companies to bend us over and pick at data that very few people are aware is leaking is worse than having to watch for what we can or cannot collect.

We have already seen that mo

Users are not stupid

[cheeks5965]

Before the "people with unprotected networks are stupid and deserve what they get" meme develops, I wanted to get a few thoughts out there. First, there are many good and valid reasons for leaving a wifi network unpassworded. For example a coffee shop may have an open network which users join, then the users info gets sniffed. Second, the google sniffing is more intrusive than a reasonable person would expect. Lets say a guy was using a telescope to spy on you through your window to watch the email you're typing. You could say the user is stupid to not pull the shades on his window, but I would say the guy is being extraordinarily creepy even if what he's doing is legal.

Re:

[zill]

Lets say a guy was using a telescope to spy on you through your window to watch the email you're typing. You could say the user is stupid to not pull the shades on his window, but I would say the guy is being extraordinarily creepy even if what he's doing is legal.

That's actually illegal.

Photographing other people's houses is legal because it's not an invasive act. Peeping inside with a telephoto lens is illegal because that's inherently and intentionally invasive.

Re:

[zill]

I totally agree on the EM leakage part. Using highly sensitive equipment to sniff EM leaks should be a crime.

But open WAP isn't leakage. You're intentionally broadcasting it to the public.

The difference is that one requires thousands of dollars worth of specialized equipment, and the other one the equipment comes standard with every laptop on the self. If you criminalize the latter, then you will also criminalize everyone that has kismet or wireshark installed on their laptop.

Re:

[cdrguru]

In many jurisdictions it is not legal to point a telescope below a certain angle. I know New York City has such laws and they aren't the only ones.

Re:

[hedwards]

If you're doing that properly, it's an open AP that only allows a connection to their website via SSL, and any traffic elsewhere gets tunneled to the router. Just because most coffee shops don't bother to hire a consultant to do it correctly does not make it a reasonable way of doing it.

Re:

[thegarbz]

There is a "reasonable expectation" in privacy laws in most legal systems. It is illegal to use a telescope to spy on your neighbors through a window. It is not illegal to do the same thing with a cell phone from their street.

Ultimately the question that needs to be asked is, do people who spew unencrypted data out into the public airwaves have a reasonable expectation of privacy? Google's recording method may have been sophisticated, but their equipment was not. They were using standard off the shelf omni

What about 2 party states?

[Bob the Super Hamste]

I wonder how this would go over in states with wire taping laws that require consent from both parties? If I were going to fight this that would be how I would do it since it seems this ruling is based on lack of technical knowledge, not following the law. As a previous poster mentioned what is different between this and shouting your banking info in a public area and having Google record it?

Note: I don't agree with 2 party consent laws for recording conversations, but that is a different issue.

Re:What about 2 party states?

[tftp]

I wonder how this would go over in states with wire taping laws that require consent from both parties?

The process would be the same as for one-party consent because neither party here was aware of the wiretapping. Google is not a party to the conversation.

As a previous poster mentioned what is different between this and shouting your banking info in a public area and having Google record it?

You can shout your banking information in the middle of a desert and expect to be safe. However Google broke your expectation, however incorrect it was in the first place. Unbeknownst to you, Google buried microphones in the sand, for no reason other than to intercept whatever visitors to the desert might be saying.

We are supposed to be secure in our communication. Written laws don't cover all the ways of communication, and they don't cover all the ways of being secure. It's for a qualified human (known as judge) to decide. The judge have decided based on common sense, not on technicalities. But geeks like to ride on technicalities; if something was technically possible for an attacker to do, then it's OK. Obviously that's not so; almost every door lock can be picked, but it doesn't make it legal to go around and pick locks - even if you only look inside. House windows are transparent, but it doesn't make it legal or moral to go around and peek into windows.

Nontrivial?

[cpu6502]

>>>"one is looking into someone else's communications, and doing so in a way that requires nontrivial technical ability or software.'"

All it takes is a $50 wifi receiver.
God judges are freaking stupid.

Re:

[EkriirkE]

$50?? What, does monster cable sell Wifi adapters now?

Courtroom is indeed filled with idiots.

Let me get this out of the way

[slimjim8094]

Radio broadcasts have, to my knowledge, *never* been considered private information. Anybody who wants to keep it private must encrypt it, with some extremely specific exceptions (you can't sell a scanner that can access unencrypted cellphone frequencies, for example).

So here's what I can't figure out. Let's say I use a small FRS (unlicensed) handheld radio to communicate with my friends on a hiking trail. There is absolutely no expectation of privacy, either on my part or by the government. And there shoul

Re:

[EkriirkE]

For this reason alone, I always VPN to my home router when connecting to open networks. I can't find the article right now, but I believe the FCC already states radio waves are free to receive, but circumvention of protections is illegal. Put your protections on (encryption)! And isn't the 2.4GHz band free-to-use? i.e. no real regulation of proper usage beyond power level? Just like RC toys...

If I flash my passwords plaintext in morse code using a light, and someone records it - even inadvertently,

Re:

[slimjim8094]

It's open for unregulated usage, but there are HAM bands available in there. See, for example, the "hinternet": http://en.wikipedia.org/wiki/Hinternet [wikipedia.org] . My license actually allows me to set up my G router with 1.5kW of power (up from the 90mW or so stock), though I wouldn't do that because I'd rather not show up on the screens of laptops in a 150 mile radius - aside from the fact that it wouldn't work because they couldn't talk back.

Also, it'd probably be bad for the chips - though Part 15 says it's not my

Re:

[tftp]

The question is, is unencrypted data a "private conversation"? I think the answer is a clear "no"

It is a clear "no" as long as you don't object to me listening to your conversations within your own home using this here high gain microphones and laser pickups of vibration of glass in your windows.

However if you don't like my plan then the answer to the original question must be a clear "yes."

Re:

[Jerry]

Your analogy is not comparable.
My voice to your ear is comparable to my wireless to your wifi receiver.

Re:

[tftp]

My voice to your ear is comparable to my wireless to your wifi receiver.

That would be true only if a standard notebook with a standard WiFi card comes with a packet sniffer that runs by default, dumps all the packets into a popup window, and is hard to stop. That's how our ears work.

If I want to listen to your in-house conversations I need an extension of my hearing abilities. If I want to listen to your in-house network I need an extension of my WiFi receiving abilities. In both cases the necessary ex

Re:

[EkriirkE]

Wow, horrible analogy. Wifi is more like your neighbors shouting their secrets with all the windows and doors open, but you've tuned their voices (SSID) out. But if you paid attention (tuned into their channel/SSID), you can hear everything.

Your analogy might have worked if WAP's came standard with very low power, directional antennas as did the client devices, and the signals were too weak to penetrate walls.

Re:

[EkriirkE]

...If walls are good enough as a symbolic privacy shield for your speech, they should be good enough for the radio as well.

Sure, if your walls were Faraday cages. Solid matter blocks sound waves as ferrous matter blocks RF.
If I could use that logic, then my neighbors should have no problem with me watching hardcore porn, full volume, in the front room with the windows wide open and I blatantly masturbating naked right there. Because its within my walls. Never mind that my walls have spots where another form of electromagnetic energy (light) can escape (windows).

Re:

[Jerry]

"The question is, is unencrypted data a "private conversation"? I think the answer is a clear "no" ...

I agree. The signal that radiates from my open wireless router is not "private" because anyone can receive the signal if they are within range. Not having chosen WEP or WPA2 encryption I am deliberately using an "open mic". Not only can anyone receive the radio signal, once the my laptop wifi chip transmits the get or post data to my wireless router, it sends that data over copper wire or glass fiber t

Re:

[zill]

Well said.

I just like point out a small error: hooking up TNC to FRS radio is illegal under the FCC rules. FRS cannot be used to transmit data except using FCC certified transmitters.

Re:

[Bill_the_Engineer]

You are confusing broadcasting with communications.

Broadcasting is when a radio station is sending a signal with the expectation that it will be listened to by more than one individuals. These are always one way communications (eg. Radio Transmitter Tower broadcasts to your FM receiver in your car). There is generally no expectation of privacy with broadcasts, since that isn't the way it's suppose to work.

Communications is when a when more than one radio transmitter/receiver stations are engaged in two-wa

Re:

[slimjim8094]

Yes, I actually just found that particular portion of Part 15. I must admit there is more of a case here than I'd given credit for. But I argue that the lack of encryption, combined with the ease of encryption, should be seen as deliberate rather than an omission, making the conversation not private.

Re:

[Bill_the_Engineer]

But I argue that the lack of encryption, combined with the ease of encryption, should be seen as deliberate rather than an omission, making the conversation not private.

Thankfully the law doesn't work this way. An unwelcomed individual walks into your front door that you accidentally left unlocked is still unlawful entry.

Re:

[slimjim8094]

Walking into an open shop is not trespassing, because there's an expectation that it's public. If it's locked, the intention is clear. A private dwelling with an open door is still widely considered private despite the door. Open WiFi is - I argue - the same thing as an open shop, as evidenced by how the average nontechnical person views it. An average person would never think it was OK to walk into a random house, but many people use open WiFi if it's available with only a vague - if any - idea that it's b

Re:

[Bill_the_Engineer]

Open WiFi is - I argue - the same thing as an open shop, as evidenced by how the average nontechnical person views it. An average person would never think it was OK to walk into a random house, but many people use open WiFi if it's available with only a vague - if any - idea that it's bad.

Sorry but that is a pretty weak example, and it seems to contradict your argument. Ignorance based on public perception is not a very good defense, nor does it invalidate the actual written law.

To take your hypothesis a

Re:

[Hognoxious]

It does rather depend on the definition of "private".

Re:

[Bill_the_Engineer]

As a ham you should be aware that your transmissions are not covered by part 15 rule above. You are running a licensed station that must operate within the Part 97 rules. You should know this because you took the exam. Part 97 also covers what you can rebroadcast and the expectation of privacy (ie. none). In fact the use of encryption is prohibited if its sole purpose is to obscure the meaning of the transmission. The interpretation of the encryption prohibition is still a hotly debated issue. Lately I've s

fear

[Khashishi]

Google should just say they were tracking people in the interest of national security, and then everything will become just fine.

Horsepucky

[blair1q]

Collecting data from packets is trivial. All you have to do is get a symbol lock and record all the bytes without looking for headers at all.

If you're recording bytes, you have to go way, way, way out of your way to not record the payloads. It would be like making a sound recording of a crowd without recording anything recognizable in the voices nearest you. It would be like recording a video without recording the faces of people walking towards you. It would be like buying the newspaper but not getting

Q: Why has AT&T not been held to this?

[sl4shd0rk]

http://www.eff.org/cases/att [eff.org]

Re:

[hedwards]

The lawsuit has just been filed and the judge has allowed it, we won't know until the conclusion of the proceedings whether it would have applied to AT&T. If Google wins the suit then it's a moot point as far as AT&T goes.

Selfish-Interest groups/people see Golden Goose...

[Jerry]

and want to pluck it by using bogus claims.

The wireless routers that Joe and Sally Sixpack use have a maximum range of about 300 feet. The Google vans taking the photographs and scanning and logging the ESSIDs are usually traveling at 30 mph, or 44 feet per second. It would take a van only seven seconds to drive completely through any given wireless router. There is no known tool which can hack into a WEP or WPA2 protected wireless in 7 seconds. Seven seconds is barely enough time for a scanner to r

admission

[jamesh]

after admitting to accidentally collecting payload data from unsecured Wi-Fi networks

So had they not admitted to it they might not be in the mess they are in now? Seems like there's a lesson to be learned here.

And if they are found out they can just apologise. "I'm really really sorry. That I got caught".

Re:

[EkriirkE]

Its not even so much as sniffing, but not ignoring them. Sniffing implies hunting for something. (Unencrypted) WiFi is thrown in your face and your adapter has to block what it doesn't want. All you have to do is be promiscuous (this is what they call it) - not care what goes in.

Re:

[zill]

Actually in the US the entire radio spectrum is owned by the public.

FCC leases some spectrum out through the public auction of licenses. So while cell providers has the right to use these frequencies through their licenses, ownership of those frequencies still belongs to the people.

Corporations cannot own our airwaves.

Well, not yet at least.