Google Audits Street View Data Systems

schliz writes "Google's plans to upgrade to high-definition Street View in Australia are on hold until it completes a rigorous internal audit of the processes, it announced today. The company is currently being investigated by international regulators about possible privacy breaches when it became known that its Street View vehicles were capturing not only publicly available SSIDs and MAC addresses, but also samples of payload data transmitted over these networks."

this is gonna be interesting

[Tom]

I'm really looking forward to the comments. When BP lets the oil spill continue day after day, the /. crowd goes asking why we let them handle it at all, after all they're the ones responsible for the mess.

Now Google has a mess, and is doing an internal audit. I'm curious if we will apply the same reasoning, or a different standard. And what justifications we'll see for it.

Re:this is gonna be interesting

[shentino]

Simple.

We trust Google more than we do BP.

Personally, I think for a good reason too.

Re:this is gonna be interesting

Uh, maybe I don't understand how data works but ...

it seems to me that Google can tell someone to do "rm -rf /data/captured-info/" and the same on backups.

BP has a bit of a bigger problem.

Re:this is gonna be interesting

[asukasoryu]

I think the consequences are a little different. Google's data gathering isn't destroying the Earth.

Re:this is gonna be interesting

Perhaps you trust Google more than BP.

Don't apply that to everyone here.

Compared to Google, BP is the mom and pop grocery on the corner.

Re:this is gonna be interesting

I like apples and oranges.

One they can 'format C' the drives and the problem is solved in a day or so. The other will take 10-20 years of cleanup.

For Google though this could be a good thing. They can sometimes be overzealous in the drive to make all data searchable. Some data is not meant to be seen by others. If everyone played nice this wouldnt be a problem. But there are many out there looking to take advantage of any sort of data you 'leak'.

Perhaps they need to take a step back and ask 'would I want my data shown like this?' They need a few paranoids working for them. They may need to take on some rigor in the way they release 'applications'. Currently it seems like whichever group decides to put it up gets their way.

NOW on the other hand Google is only putting together something that anyone else *could* do. But they are doing it with a grand scale. For example If I wanted to 'snoop' on my neighbors wifi I wouldnt even need to leave my couch to do it and I can see at least 20 networks.

So they picked up some extra data. Wipe it and be done with it and apologize profusely...

With BP they can not just turn the thing off so they will take ages to fix it. Even if they could 'turn it off' they will be soaking up oil for many years to come. Then never mind the dozens of businesses and families lives that will be ruined over this. Yeah they are on a different scale.

The difference is like I stubbed my toe and I hacked it off with a chainsaw.

Re:this is gonna be interesting

[Lunix+Nutcase]

Compared to Google, BP is the mom and pop grocery on the corner.

In what world do you live in? BP is a $246 billion dollar global energy company. In comparison, Google is a dinky little $24 billion dollar company. Not to mention how BP has 4.5 times as many employees. One can go on and on about how your characterization is plainly wrong.

Re:this is gonna be interesting

[commodore64_love]

>>>Google's data gathering isn't destroying the Earth.

Neither will an oil spill destroy the Earth. In fact about the only thing that would destroy the earth is the sun going supersized, or a black hole skimming by & tearing the planet apart. The earth is hard to destroy..... even when an asteroid hit the planet, the earth continued merrily on and life recovered. Nothing mankind could do would destroy the earth.

Re:this is gonna be interesting

[Miros]

BP is handling the spill because the government does not have the technology/resources necessary to handle it better. Google is a totally different situation though. They are acting in an arena where there is little government oversight/regulation at present, so the responsibility falls entirely on them to "do the right thing" from a moral standpoint, and they appear to be failing, once again, to act in the public's best interests. It's my opinion that this is yet another example of why government oversight of privacy standards is not only a good idea, it's a necessity.

Re:this is gonna be interesting

[commodore64_love]

I don't trust EITHER of them.

I just trust the government(s) less (almost 100 million of its owncitizens killed in the last century). For example, I don't want the German or EU government demanding copies of Google's hard drives and peering through our private data. Who knows what they use it for? During WW2 data was used to imprison millions of Americans who had done nothing wrong.

Re:this is gonna be interesting

[Lunix+Nutcase]

Also to add, BP is consistently ranked as either the 4th or 5th largest company in the world. Google doesn't even rank in the top 100 (most recent rankings put them in the 150s).

Re:this is gonna be interesting

[symes]

I'm not sure if the same logic can be used across the situations BP and Google find themselves in. BP are in a difficult position, drilling for oil is risky and sometimes things go wrong and unpredictably so. That is the nature of the business. There are, of course, legitimate questions on what they could have done to prevent the accident but ultimately BP did not want this situation, it is bad for business. Google on the other hand created this issue, they actively ignored concerns over privacy and gave no one an opt out. Ultimately, Google seem to think that their bottom line is more important than users rights to privacy. BP have the expertise and equipment that give the best chances of stemming the flow of oil... others might be able to do something but I'd imagine, given the public outcry, BP are pretty focussed on getting this sorted out asap. Google, on the other hand, have acted unethically and an external organisation should therefore audit their processes - this is the only way an open and appropriate solution can be achieved and one that can be applied across the industry.

Re:this is gonna be interesting

[Miros]

I agree, the government should not be trusted with that kind of data, but how would you feel about government regulation and oversight of data collection and retention practices and policies?

Re:this is gonna be interesting

[ganktor]

Most definitely. I'm surprised you are the first to point that out. Also, how many in here can honestly say that they haven't tried wardriving?

Re:this is gonna be interesting

BP is a group of idiots with money.

Google is a group of geeks with money.

Re:this is gonna be interesting

[nedlohs]

I'm pretty sure if BP could put the oil pouring out of the well "on hold" while they did their "internal audit" no one would care.

Seriously, you can't see the difference between something that is outside the control of the company (BP haven't stopped the oil spilling even though they want to) and something that is (google has stopped collecting said data, for now anyway)?

But as I've said before BP is doing all the can to fix the problem, they are drilling a relief well. But people don't want to be told "there is nothing we can do except wait a few months while we drill" so they are trying ever more ludicrous ideas out. None of which they expect to work at all, it's just to satisfy the "you have to do something" crowd - though of course they might get lucky.

Re:this is gonna be interesting

[tagno25]

>>>Google's data gathering isn't destroying the Earth.

Neither will an oil spill destroy the Earth. In fact about the only thing that would destroy the earth is the sun going supersized, or a black hole skimming by & tearing the planet apart. The earth is hard to destroy..... even when an asteroid hit the planet, the earth continued merrily on and life recovered. Nothing mankind could do would destroy the earth.

Fine it can't destroy Earth, but it can destroy a large part of it's ecosystems.

Re:this is gonna be interesting

[Dexy]

But really, what has this story got to do with BP?

Re:this is gonna be interesting

[RoFLKOPTr]

I'm really looking forward to the comments. When BP lets the oil spill continue day after day, the /. crowd goes asking why we let them handle it at all, after all they're the ones responsible for the mess.

Now Google has a mess, and is doing an internal audit. I'm curious if we will apply the same reasoning, or a different standard. And what justifications we'll see for it.

I'm honestly shocked that you would be comparing Google's little accident to BP's massive catastrophe that could potentially have long-standing affect on the entire planet.

Re:this is gonna be interesting

[Ephemeriis]

I think the consequences are a little different. Google's data gathering isn't destroying the Earth.

Honestly, BP isn't going to destroy the Earth either.

Global Warming isn't going to destroy the Earth.

An all-out nuclear war probably wouldn't destroy the Earth.

It may make the Earth inhospitable to many known forms of life... But the planet would keep spinning on its merry way, and new forms of life would likely emerge.

Re:this is gonna be interesting

[LordLimecat]

I like how both your comment AND TFS imply that Google got "caught" doing something. You DO realize that they openly disclosed (without coercion or prompting) this whole wireless mess, right? How is disclosing a mistake to those affected, and then working towards a resolution "failing to do the right thing"? What steps would you propose they take?

Re:this is gonna be interesting

[commodore64_love]

Government regulatory agencies sound good in theory, but in reality they are often mere puppets of the corporations that bribe them, so they don't work.

I'd rather see Google's corporate license revoked. Let them operate as a proprietorship whose owner(s) have full liability for his company's actions, and then I can sue the bastard in court for theft of my data. Or even better - boycott the company and drive them into bankruptcy (as happened to Circuit City).

Re:this is gonna be interesting

[Miros]

We don't know what prompted them to disclose the collection in the first place. Corporations have been "coming clean" on things that were on the verge of being exposed _forever_, there is nothing to suggest that such a thing did not happen here. They "failed to do the right thing" in collecting the information in the first place. Even if we take it to be an "accident" there still must have been employees who were aware of what was happening and chose to not act sooner. I don't know if you realize, they collected a pretty substantial amount of data in a pretty systematic way.

Re:this is gonna be interesting

[commodore64_love]

Large? The Gulf is actually quite small compared to the Earth. For example the animals living along Maine's coast have no clue there's an oil spill happening. Also let's not forget that prior to 1800, it was common for the Earth to "belch" oil all over the place, creating giant pools of oil both on land and in the ocean. On his journey to Philadelphia as first president, Washington had to detour around several tarpits (oil) to get there.

That was the natural state of the world, until man came along and cleaned it up. It helps if you study history instead of hyperbole.

Re:this is gonna be interesting

[Ephemeriis]

I'm really looking forward to the comments. When BP lets the oil spill continue day after day, the /. crowd goes asking why we let them handle it at all, after all they're the ones responsible for the mess.

The whole BP thing is simply a giant WTF.

I have a genuinely hard time wrapping my head around the fact that they're drilling in water this deep with absolutely no ability to deal with problems like this. They aren't just scrambling to deploy a fix, they're scrambling to come up with a fix.

It doesn't seem like BP should be willing to do something that risky without a disaster plan.

It doesn't seem like the Government should give them the go-ahead to do something that risky without a disaster plan.

It doesn't seem like stockholders should allow them to do something that risky without a disaster plan.

And yet, here we are.

Now Google has a mess, and is doing an internal audit. I'm curious if we will apply the same reasoning, or a different standard. And what justifications we'll see for it.

Google's mess isn't going to kill any wildlife or pollute any waterways. It's very unlikely to result in anybody losing their livelihood. They're also conducting the audit before going ahead, rather than after something has gone horribly wrong (at least with the HD thing in Australia).

Re:this is gonna be interesting

[Morty]

BP's oil spill has far greater scope and urgency:

* The oil spill is a regional environmental catastrophe. It has scope well outside of BP or even the oil industry as a whole -- it's impacting marshlands, seafood industry, tourism, and other industries. So far, this privacy issue seems to only be present within google.

* The oil spill is an emergency. We normally give companies a chance to "make it right". In the case of the oil spill, any unnecessary delay means definite short-term damage/impact to the environment, the seafood industry, and tourism, and possible long-term damage. We don't have time to take a wait-and-see attitude.

Normal legal processes have taken years to "fix" problems. That's fine for improperly gathering private data; not fine for an ongoing environmental catastrophe.

Re:this is gonna be interesting

[tagno25]

Last I heard the oil spill was about to hit the Atlantic ocean currents. (of course I may be wrong)

Re:this is gonna be interesting

[Rockoon]

This oil leak wont destroy "a large part of [the earths] ecosystem" tho.

I am amazed by the alarmism. 210,000 gallons per day isnt unprecedented. It will take 50 days to equal the amount spilled by Exxon's Valdez (over 10 million gallons) and while that had an environmental impact, it didn't destroy a large part of the earths ecosystem. In fact its effects were more or less localized and didnt destroy anything. Some animal populations in the area took a big hit, but we are not aware of even a single extinction caused by the disaster.

Yes it sucks that theres all that oil flooding into the gulf, but don't let emotions cloud your judgment. The chance of this destroying a large part of the ecosystem is very close to 0, so you are being intellectually dishonest with yourself and others when you make the claim.

Re:this is gonna be interesting

[Miros]

So you would argue that government regulation is completely useless in all instances? I'm no fan of the government either, it always screws everything up and is totally in the pocket of all of the various lobbyists. But at the same time, the incentives that exist for private corporations (and individuals) can lead them to do things that are just way not in the interests of the larger group. What do you do in those situations if not government regulation?

Re:this is gonna be interesting

[commodore64_love]

>>>t's my opinion that this is yet another example of why government oversight of privacy standards is not only a good idea, it's a necessity.

It's my opinion that this is yet another example of why government oversight of privacy standards is a BAD idea. Last time the US "overlooked" data they used it to imprison several million innocent Americans during WW2. Then they used it to do radioactivity experiments on blacks without their knowledge. Then they used the data to round-up Americans and throw them in Guantanamo Bay prison w/o trial. And so on.

Believe it or not, I trust Google more. Even if they do abuse the data, they don't own a police force to drag me off to jail or a laboratory

Re:this is gonna be interesting

[commodore64_love]

>>>Google seem to think that their bottom line is more important than users rights to privacy.

Bullshit. It was Google was *voluntarily* told the world what they had done, and were erasing the data. If they were as you described, the managers would have kept silent and just kept collecting.

Re:this is gonna be interesting

[Miros]

I couldn't agree with you more on all of your points here. But I think you're overlooking one of the mechanisms of regulation -- it is typically reactive. The examples you cite are of government misappropriation of the implicit trust that we are all forced to put in it (to keep us safe I guess). Typically regulation of the private sector comes in the wake of various abuses that are eventually found to cause unnecessary harm to the public (pollution is obviously the easiest example, there was a time that the government didn't care about it at all). Following that discovery, regulation was called for, and found to be quite effective at realigning the incentives of the private sector to avoid poisoning all of us.

Re:this is gonna be interesting

[Stick32]

I'm really looking forward to the comments. When BP lets the oil spill continue day after day, the /. crowd goes asking why we let them handle it at all, after all they're the ones responsible for the mess.

Now Google has a mess, and is doing an internal audit. I'm curious if we will apply the same reasoning, or a different standard. And what justifications we'll see for it.

One is a ongoing disaster of epic proportions that could and probably will devastate the local ecosystem, ruin the livelihood of thousands upon thousands of people, have a final price tag for cleanup that will end up in the billions, and have lasting economic and ecological that we'll feel for decades to come... The other a company was suspected of wrongdoing, admitted it, ceased doing it, and is setting up an audit to determine it's extent At worst the company may have gleaned a few scraps of useful and possibly damaging information from a couple thousand people worldwide that didn't have the sense to properly secure their own data...

A truly excellent comparison if I do say so [/sarcasm]

Re:this is gonna be interesting

[asukasoryu]

You're stretching my words. Surely you don't think I meant one oil leak is going to cause the apocalypse. Anyone who wasn't trying to be an ass would have read this as Google is not causing significant environmental impact with their data collection. The parent tried to imply how similar BP and Google's mistakes were. I was trying to say the impacts are very different. If Google deletes the information they collected (which was being freely transmitted), then all is well. BP's mess will be around for a while.

Re:this is gonna be interesting

[Morty]

As of this writing, BP's market cap is $129.89B, while google's is $149.69B. Even before the current mess, BP's stock was about 50% higher, which would have given it a market cap of about $195B; more than google, but still in the same league.

Links (will probably have different values by the time you view):

http://finance.yahoo.com/q?s=bp
http://finance.yahoo.com/q?s=goog

I think the comparison is unfair for other reasons, as I mentioned, but relative company size is not one of them.

Re:this is gonna be interesting

[commodore64_love]

Laws and Courts. The Laws make certain actions (like polluting water or stealing private data) illegal and the Courts enforce those laws via enacting punishment for the criminals.

Re:this is gonna be interesting

[asukasoryu]

The Gulf is actually quite small compared to the Earth

That's like saying you're town is quite small compared to the rest of the Earth. No harm in nuking it. The subjectivity of the word large is not important in the scheme of this conversation. This oil leak is not a natural occurrence. History does not change this fact.

Re:this is gonna be interesting

[Kaboom13]

Google's data mining is annoying at best, BP's oil spill is an environmental disaster that will harm millions of people (not to mention wildlife) in ways we can't even begin to calculate yet. Applying the same standard is stupid, because it implies the scale of the problem is in anyway similar. Furthermore, while it is fairly understandable to make mistakes in software systems that will at worst collect data about unencrypted wifi traffic, it is not understandable to make mistakes in a critical safety device that lives and the economic and environmental prosperity of an entire coastline depend on.

Google is in the wrong, and so is BP. But to pretend that the seriousness of the way they are wrong is in the same ballpark is ridiculous, and therefore the expect the same reaction is ridiculous. If you do an employee background check, and one of your employees was fined for littering, the other convicted of theft, manslaughter, criminal negligence, bribing public officials, and destruction of property, you would react in different ways. Thats the difference in severity we are talking about.

Re:this is gonna be interesting

[commodore64_love]

>>>You're stretching my words

No. To Quote Obi-Wan Kenobi: "You did that to yourself." YOU chose the path of saying the earth would be destroyed by the Gulf spill - I did not do anything.

Re:this is gonna be interesting

[Miros]

The courts interpret and "discover" the law, they have no power to actually enforce any of it. But yeah, trivial technicalities aside, what is the difference between "laws and courts" and "government regulation?" They seem like one and the same to me.

Re:this is gonna be interesting

[asukasoryu]

I should have clarified: Google is not destroying part of the Earth with it's data collection. I don't know why everyone assumed I meant the whole Earth. Your post makes it sound like this oil leak is not worth mentioning. Large oil spills have happened before so this one is okay? I'd like to think this man-made disaster could be considered important without getting emotional. So you don't get alarmed unless the entire Earth is going to be destroyed?

Re:this is gonna be interesting

Gosh, if only the two incidents were utterly different in impact and actual damage caused then perhaps comparing the reactions like this would be ridiculous. Oh wait..

On the one hand - an oil spill going on for weeks now, threatening a large eco system and the livelyhood of thousands (if not tens of thousands) of people. With cleanup operations probably going on for many years to come. Damages unclear, but in the hundreds of millions if not several billions. And there is still no definite solution for the continued leaking in sight.

On the other hand - a (most likely) accidental collecting of potentially privacy sensitive data that people send out from their (unsecured? hello?) wifi networks. Which was halted as soon as it was discovered.

Re:this is gonna be interesting

[commodore64_love]

Nope. Although I did do war*dialing* back in the 80s (like in the movie WarGames). According to wikipedia, "The popularity of wardialing in 1980s and 1990s prompted some states to enact legislation prohibiting the use of a device to dial telephone numbers without the intent of communicating with a person," so I guess that makes me a criminal.

Of course wikipedia also claims the movie invented the term "wardial" but I suspect that term existed before the movie did.

I also suspect this is why my modem died an early death (the internal switch no longer hung-up the phone).

Re:this is gonna be interesting

How is that not government regulation? Who is passing the laws? ::shakes head::

Re:this is gonna be interesting

[Lunix+Nutcase]

Market cap is not synonymous with the size of a company. BP has 10x the yearly revenue and 4.5x as many employees as Google. It is the far larger company.

Re:this is gonna be interesting

[D+Ninja]

On his journey to Philadelphia as first president, Washington had to detour around several tarpits (oil) to get there.

Hey! Quit picking on New Jersey!

Re:this is gonna be interesting

But the planet would keep spinning on its merry way, and new forms of life would likely emerge.

A voice of reason calling out from the dark.

So many people are unbelievably arrogant, thinking that something humans can do will "kill" Earth, and that we're also the only things with the power to "save" it. Those same people are of the outspoken opinion that we're insignificant considering the earth's geological timeline; not created just a few thousand years ago.

You can't have it both ways, people. Are we all-powerful over the earth's fate, or merely a bug in comparison?

Re:this is gonna be interesting

BP can go bust and the world will continue to spin... however, what would happen with internet should google suddenly dissapear?

Re:this is gonna be interesting

Too much talk radio? Naaa...couldn't be.

Re:this is gonna be interesting

[kb_one]

You make a good point. It is important to consider that Google's motives may not be altruistic. Furthermore, you're right that in the past companies "come clean" only after it becomes clear that they have no choice.

However, I don't think it is fair to presume the guilt of Google simply because of the actions of other companies. There is no proof of anything here other than what is publicly known about the situation. In admitting we don't know what prompted the disclosure you must also admit finger pointing is baseless until we learn more about what happened. The systematic method of data collection doesn't even speak to guilt. Any sufficiently large and complex system could be difficult to audit especially on a global scale.

I think it is fair to say that it is at least possible that there were no evil intentions on Google's part. There is just as much evidence for this as any other conclusion at this point.

Re:this is gonna be interesting

[Miros]

Agreed. This could have been a simple failure of corporate oversight, but that doesn't make it acceptable.

Re:this is gonna be interesting

"I don't trust EITHER of them. I just trust the government(s) less"

This while a (democratic) government does formally have the obligation to look after the interests of the citizens, and corporations have no such obligation.

Re:this is gonna be interesting

[Daengbo]

Ummm... We'd all start using Bing?

Re:this is gonna be interesting

[Miros]

I have trouble giving them too much slack though. They collected 600GB of payload traffic, and did so over a span of years before they discovered this "error." (reference)

Re:this is gonna be interesting

Yeah, but in the mean time... I'd kinda like to live on it.

Re:this is gonna be interesting

[Daengbo]

So, if they admitted the oversight, tried to fix it, and audited their process so that it didn't happen again, would that be acceptable?

Re:this is gonna be interesting

[Chees0rz]

I'm really looking forward to the comments. When BP lets the oil spill continue day after day, the /. crowd goes asking why we let them handle it at all, after all they're the ones responsible for the mess.

Now Google has a mess, and is doing an internal audit. I'm curious if we will apply the same reasoning, or a different standard. And what justifications we'll see for it.

I'm willing to let Google hold the reins during this and let the Gov officials only monitor because when google sits on their thumbs, or their data, or plans for the best way to do this without affecting the bottom line, or save face, the problem isn't getting worse, or hurting wildlife, tourism, livelihoods, families, and various economies.

BP's interests only slow down the response effort and exacerbate the problem - the problem that has far reaching, immediate, effects.

Re:this is gonna be interesting

[Bakkster]

If it were a mistake, then they are not "failing to do the right thing", are they? They noticed the mistake and are taking measures to determine what happened. Until we know why this happened, and if any actual damage was done (such as data collected being used for illicit purposes) then they are doing just fine.

At some point mistakes have to be acceptable, otherwise nothing would ever get done for fear of failure. Unless you can say Google was reckless, malicious, or has a poor response once aware of their mistake, it's difficult to label this as unacceptable.

Re:this is gonna be interesting

[Miros]

Probably for most people, but it raises the stakes on their next privacy failure. If their current organizational structure, policies, and practices cannot prevent this kind of failure from happening or even detect it without outside pressure to look than it's entirely possible that such a problem will arise again in the future. If and when that happens, they probably wont be able to appease people as easily.

Re:this is gonna be interesting

[Miros]

When it comes to personal information people tend to be less tolerant of "mistakes" and "doing the right thing" means having as perfect a track record on that front as possible. Just as NASA has a "safety" culture which emphasizes the loss of life as completely unacceptable (and they have a pretty good track record on that) I think people have a similar expectation when it comes to companies like Google and their personal information. The fact that it was able to go on for years without being detected (and the detection was perhaps only prompted by the EU regulators asking a lot of questions) could be seen as problematic by some.

Re:this is gonna be interesting

[phantomcircuit]

I'd rather see Google's corporate license revoked. Let them operate as a proprietorship whose owner(s) have full liability for his company's actions

You are seriously arguing that a single person should be responsible for the actions of twenty thousand other people?

REALLY?

Re:this is gonna be interesting

[Bakkster]

The fact that it was able to go on for years without being detected (and the detection was perhaps only prompted by the EU regulators asking a lot of questions) could be seen as problematic by some.

Which would be recklessness. Otherwise, if they're following best practices (the crux of the issue), sometimes a mistake will happen and need to be accepted as unavoidable.

Re:this is gonna be interesting

[kb_one]

I think you're proving this was a large mistake, not that it was with malice.

600 GB is a lot of data. But I wonder how many terabytes of legitimate data has been collected over the same period of time? 600 GB littered over many terabytes of other data over a long period of time could be likened to a needle in a haystick.

You're right that Google should not be given much slack. I think all signs point to this being an honest mistake that should never be repeated rather than anything more sinister. It may soon be proved otherwise, but right now that is just conjecture.

Re:this is gonna be interesting

[Seraphim1982]

During WW2 data was used to imprison millions of Americans who had done nothing wrong.

What millions would those be?

Re:this is gonna be interesting

[Miros]

Could the same logic be applied to BP and the oil spill? sometimes mistakes will happen and they need to be accepted as unavoidable?

Re:this is gonna be interesting

The fact that Google came forth with this information willingly and detailed the steps it was going to take to solve the problem (instead of telling nobody and just deleting the data) earns them lots and lots of points.

Re:this is gonna be interesting

[Bakkster]

Could the same logic be applied to BP and the oil spill? sometimes mistakes will happen and they need to be accepted as unavoidable?

If they followed best practices without cutting corners, then I wouldn't lay the blame on BP. I would instead lay it upon the entire petrolium industry and regulatory bodies for allowing such drilling without proper safeguards in place, and in water too deep to effectively counter a blowout. We need to wait for investigations to be completed before we decide which is to blame: those who designed faulty best-practices, or BP for not following them. Maybe both? It seems both BP cut corners which caused the issue, and regulatory bodies allowed drilling at a depth where it takes more than a month to seal a gusher.

In other words: if the best practices were 99.999% safe and BP followed them precisely, then I accept that shit happens (at least, the initial blow-out, not the protracted month of failed attempts to seal the well). IMO, it's ridiculous to excessively punish someone for the bad luck of being in that 0.001%. I'd only have chance to blame. It's when safety isn't taken seriously enough (2% chance of a gusher and you have 200 wells, meaning you can expect 4 gushers, for example) that I feel blame is justified.

Re:this is gonna be interesting

[natehoy]

We appear to have, and further appear to be successfully wielding, the power to make the Earth incompatible with the current population levels of many species, including homo sapiens. Fortunately, these sorts of things have a way of sorting themselves out.

If (as global warming proponents propose is happening) the atmosphere warms up, the oceans will rise, we'll lose some waterfront land, we'll have significant pollution problems from the now-submerged structures along the fishing coastlines, we'll lose arable land and fresh water to drought and to saltwater incursion, storms will become stronger and more frequent disrupting food production in the arable land we have, and we'll reach the point where we cannot raise/harvest enough calories to keep the current population above the starvation line. The system will then inevitably adjust itself. After the Food/Water Wars, the population of humans will probably be smaller by about an order of magnitude or so, and we may have lost most of the technology we enjoy today, and many of the species we know today will be gone, but the Earth will do just fine with the species that survive.

We can't kill Earth, but we can significantly change it from the form we enjoy it in today. We're doing a marvelous job of that, in the name of economic expediency. The Piper's gonna come knocking, and he's gonna want to be paid. Someday.

I just hope he waits until long after I'm dead.

Re:this is gonna be interesting

[Miros]

I couldn't agree more. I only wish that similar regulatory agencies and certified industry best practices existed to protect user privacy.

Re:this is gonna be interesting

[treeves]

Sure enough. One question though: why is the larger company automatically less trustworthy?
How big is Blackwater? More trustworthy than BP? Is Walmart (higher revenue, market cap, and # employees) less trustworthy than BP? Why?

As an aside, I find it interesting that people like to see small businesses succeed, but then when they do, which means they get bigger, then for some reason, people don't like them anymore. What is the threshold above which companies are no longer the good guys? I'd really like to to understand why people think the ways they do about the size and success of companies. It seems like we value success up until the point where it is achieved, then we distrust it.

Re:this is gonna be interesting

[Rockoon]

Your post makes it sound like this oil leak is not worth mentioning.

Then you failed to read it without bringing along your alarmist emotion.

Re:this is gonna be interesting

[commodore64_love]

Is is easier to bribe a single agency (example: EPA) then to bribe the ~10,000 courts that are spread across this continent. By creating the regulatory agency you merely make the corporations' job easier - locate the EPA Chair and grease his palm.

Re:this is gonna be interesting

[commodore64_love]

Sure why not? Then when in the 1970s Ford experienced exploding Pintos, we could have drug the Ford Owner and his top-level managers into court for Manslaughter. In my humble opinion, it's what they deserved for knowingly deciding to let people die, rather than fix the flaw.

Instead they just got a fine, which didn't hurt them at all. Not justice.

Re:this is gonna be interesting

[commodore64_love]

The millions of natural-born Americans who were thrown-in "relocation camps" because they looked Japanese, or had German-sounding names.

Re:this is gonna be interesting

[commodore64_love]

>>>This oil leak is not a natural occurrence.

It's an underground reservoir with a "hole" in it, due to excessive internal pressure.. That type of stuff happens a lot during Earth's history. Why do you think we find mastodons and other preserved animals in oil pits? Because they got trapped by naturally leaking oil.

Re:this is gonna be interesting

[Tom]

The incidents are dramatically different.

But the incidents weren't the point at all.

The point was whether we think it's ok to let the one who made the mess be the one in charge of fixing things. It may work if your kid makes a mess in the kitchen, but is it the right approach to a corporate fuckup? Corporations aren't kids, and the main reason for the kitchen cleanup is pedagogic.

Re:this is gonna be interesting

[Tom]

No comparison of seriousness was made in my original post, only a comparison of methods.

I don't think that seriousness is a proper metric to apply when deciding which method to apply. Not only is it highly subjective, it also changes over time. There's also the question of where to draw the line on scale that isn't well-defined.

Re:this is gonna be interesting

[Tom]

First good point I found in the replies. Yes, urgency sounds like a good reason. If the catastrophe is still ongoing, then someone needs to step in immediately to make it stop.

Re:this is gonna be interesting

[Tom]

You can become unshocked. I wasn't comparing the two events, only the reactions of the /. crowd to the way the corporations involved are allowed to deal with it. So two layers of indirection removed from the actual event.

Re:this is gonna be interesting

[Tom]

BP are in a difficult position, drilling for oil is risky and sometimes things go wrong and unpredictably so. That is the nature of the business.

Which means that you have to have a plan for something going wrong before you start doing things. This is not exactly experimental new technology we're talking about, the event space of "unpredictably" is fairly small.

ultimately BP did not want this situation, it is bad for business.

Apparently, they didn't not want it badly enough. I work in the security industry, I know the "tradeoffs" that management is making constantly. Sometimes it is reasonable (spend $1000 to cover a $100 risk? makes no sense), most of the time, especially with unlikely but catastrophic events, it is pure gut decision making. Management regularily risks the company on that kind of risks, because the math is not intuitive anymore.

The real problem, however, is the second part of your sentence. Yes, it is bad for business. WHAT THE FUCK??? Bad for business? Try talking to the dead fish and birds about "business". Try talking to the fishermen about "bad for business". This goes way beyond business, and that's why a business perspective is not the right way to approach it and that's why a non-business entity should've stepped in on day one and said "we're taking over, you are now under our command, and if you so much as hesitate in doing exactly what we tell you, we'll disband you and spend whatever we can get for the remains to clean this mess up."

Ultimately, Google seem to think that their bottom line is more important than users rights to privacy.

Exactly, and that is why while the actual incidents are very different, the reactions can be compared. We, as society, have found it acceptable to take a business approach to issues that go beyond business.

BP have the expertise and equipment that give the best chances of stemming the flow of oil...

It totally agree they have the ressources and knowledge. But they shouldn't have been left in charge. Their ressources and knowledge should have been put under government control with the clear instruction to put everything they have towards ending that spill, and if someone so much as mentions the word "cost", he'd be made personally liable for it all.

Again, same with Google, I agree with your reasoning there.

Re:this is gonna be interesting

[Tom]

You DO realize that they openly disclosed (without coercion or prompting) this whole wireless mess, right?

No, they didn't. They only found it out after prompting by the German privacy authorities.

Yes, they didn't try to hide it, some credit for not being outright evil. But it's simply false to facts that they found out on their own and then disclosed without prompting. They were prompted first and then found out.

Re:this is gonna be interesting

[Tom]

I'm pretty sure if BP could put the oil pouring out of the well "on hold" while they did their "internal audit" no one would care.

Excellent point. Thanks.

Re:this is gonna be interesting

[Tom]

Lots of people would lose their gmail, and we'd have to switch to a different search engine. My guess is three weeks until the hole has been filled by competitors.

You were saying?

Re:this is gonna be interesting

[Tom]

What is the threshold above which companies are no longer the good guys?

When they are large enough that they are not players in the game anymore, but can change the rules. We don't like people changing the rules, and especially not when they're at the same time playing the game. No matter the intentions, it always smells like doing it in your favor.

Re:this is gonna be interesting

[Miros]

But that doesn't make sense. People bribe regulators so that they look the other way when inspecting for compliance, which happens long before they would ever enter a court room.

Re:this is gonna be interesting

Funnily enough someone is going to lose their livelihood over the Google fiasco. Apparently some foolish woman is suing Google and *in her legal filing* has stated that she has to do certain things for work that require a secure connection. She's blaming Google for scanning her *unsecured wireless network* essentially. If her employer finds out and reads the brief she'll be out the door faster than you can turn around.

Privacy breeches? Sign me up!

[kyz]

I'm also interested in privacy galoshes, privacy longjohns and privacy jodhpurs

Re:Privacy breeches? Sign me up!

[Em+Emalb]

Personally, I draw the line at privacy jorts though.

Re:Privacy breeches? Sign me up!

[cbiltcliffe]

I don't know about the galoshes, but since the rest keep my junk covered, they'd definitely qualify for the "privacy" label. :)

Re:Privacy breeches? Sign me up!

Privacy thong.

I just blew your mind!

Re:Privacy breeches? Sign me up!

[Megane]

I was wondering about privacy trousers myself.

Re:Privacy breeches? Sign me up!

[psmears]

I'm also interested in privacy galoshes, privacy longjohns and privacy jodhpurs

Another member of the tinfoil trouser brigade?

Re:Privacy breeches? Sign me up!

They just mean they were caught with their breeches down...

Re:Privacy breeches? Sign me up!

Note to the editors: the link should ready 'privacy breaches.'

Looks like we caught them with their pants down.

"Publicly Available"

[dward90]

While I'm not an expert on security or privacy, it seems to me like "publicly available" should mean that they didn't gather any data that citizens weren't openly broadcasting anyway. From an ethical perspective, it's shaky at best, but it's probably a huge difference legally.

I'm not endorsing Google's collection, but aren't people who openly broadcast their data be at least *a little* at fault here?

Re:"Publicly Available"

[Em+Emalb]

Yes, people should definitely secure their communications.

That said, just because someone leaves their door open, doesn't mean Google should waltz right in.

Re:"Publicly Available"

[cbiltcliffe]

Google didn't just "waltz right in."

They collected it by accident, and when they realized they had it, they publicly stated that they had the information, and were purging it.

They didn't need to say anything, because nobody knew they had it until they announced it. But in the spirit of openness, they stated what had happened, how it had happened, and their proposed remedy for the situation.

The fact that various regulators are getting pissy about it isn't their fault.

Re:"Publicly Available"

[papasui]

**Cough**Bullshit**Cough** There's plenty of wifi scanners available that only collect SSID and mac addresses. They don't necessarily sniff the data and record it. Google or the company they contract made a decision to gather this data, the only accident was getting caught.

Re:"Publicly Available"

[HungryHobo]

and if someone publishes a web page you shouldn't be able to just waltz right in and view whatever's on it!

If someone watches you walk around naked while you're in the bathroom that's a violation of your privacy.
If someone watches you walk around naked in the middle of the street then they have done nothing to violate your privacy.

people shouldn't be required to secure their communications *effectively* but some kind of symbolic security should be required to expect any kind of privacy.

Re:"Publicly Available"

[ATestR]

Look at it another way. If there was a company - call it "Gaggle" - that drove up and down the streets and roads of the world making sound recordings to present a "Street Sounds" feature to their new mapping program. Would there be such a fuss if they recorded the voices of two people shouting across the street at each other? Its about the same thing.

Re:"Publicly Available"

[Em+Emalb]

They collected it by accident, and when they realized they had it, they publicly stated that they had the information, and were purging it.

I apologize in advance for excessive use of quotes. Yeah, because as a part of the mapping process, they "just left on" the "part" that scans for wifi networks and mac addresses, oh and don't worry about that "sample" of traffic we took as well, we made it "disappear".

I'm sorry, I simply do not trust any company with any of my data. It's a necessary evil that I have to give up as much information as I do "voluntarily" to get services and goods. I wish there was a better way, one that doesn't require us to all jump through ridiculous hoops to secure our identities.

Re:"Publicly Available"

[Rayonic]

The best analogy would be if the Street View cars had microphones to record... I dunno, traffic noise level, and they accidentally recorded you and your wife having a shouting match out in your yard. All recorded from public property (the street), and all quite legal.

If it's not legal, then all those TV shows, filmmakers, and news gatherers who like wander around with a camcorder are in trouble.

Re:"Publicly Available"

[commodore64_love]

Walk through the door? More like you were standing inside your house and yelling, "My name is ___ and my password is ____ and I'm visiting the following sites: (insert list)." The neighbors are not to blame if they can hear your loud mouth, and neither are any passersby.

Re:"Publicly Available"

And it seems that there are people doing just *that*!! http://www.thesmalls.com/StreetSounds/

OMG! I feel so violated now

Re:"Publicly Available"

[Miros]

You are suggesting that in the entire chain of people who were attached to that project, who knew the processes and methods that were employed, nobody noticed that they were "accidentally" collecting data? Either it was not an accident, or a whole lot of people at Google are completely OK with looking the other way when it comes to accidental user privacy errors. I don't know about you, but I think the latter of those two may actually be worse.

Re:"Publicly Available"

[Miros]

This is assuming that most common users understand that their networks are not properly secured and are making a conscious and informed decision to share their data with anyone in range of their network. That is a stupid assumption from a societal standpoint. A good parallel would probably be analog cell phones, which could be monitored using specialized radio scanners, which were then made effectively illegal to prevent eavesdropping. The argument you just made could have been applied to that same situation: obviously the people understand that their cell phones are not secured, and therefore consent to anyone listening in if they want to. No sir, I don't believe I would like to live in your world.

Re:"Publicly Available"

[Miros]

The people shouting *know* that other people can hear them.

Re:"Publicly Available"

[papasui]

They didn't offer it up, they got caught in Germany. It's spin that they are being the 'good guy' and offering it up in other countries. http://news.bbc.co.uk/2/hi/technology/8684110.stm And also, as a company that data would be deemed a record and needs to be treated in compliance. http://en.wikipedia.org/wiki/Records_management

Re:"Publicly Available"

[Em+Emalb]

No, that is not an accurate analogy at all.

People understand that if they leave their doors open and have an argument, that people outside the door can hear them having said argument. However, do the people outside the door have the right to record said argument? It's a grey area, it isn't clear cut at all in my opinion.

I could sniff traffic on the 10 unsecured wifi networks in and around the building I am in, but that doesn't mean I have the right to keep that traffic, or go through it for information so I can sell services to the people using those networks does it?

That's the thing here...there is absolutely no reason AT ALL in my opinion why google, or the company(ies) they used to do the street view should have done ANYTHING AT ALL with wifi networks, macs and data. What the hell does that have to do with mapping streets?

Nothing. Nothing at all. That's why it's a bad thing. If I freely offer to give you directions to the gas station down the street, and then record the make, model, license plate and VIN number of your car without your knowledge would you have an issue with that? That information is available, right? But most would consider it an invasion of privacy. Could I? Sure. Should I? Absolutely not, in my opinion.

Re:"Publicly Available"

[cynyr]

Ignorance is no excuse, "Sorry officer, i didn't know that driving under the influence of alcohol was a crime here, it's not in Uzbekistan"... Same thing here, "I didn't know leaving my AP unencrypted would let everyone see my LOLCATS!".

From everything I have heard about this incident, they only collected from open APs, they did not in fact break any encryption. So as far as i'm concerned the data was "public" with all intentions of it being that way, like painting your name, SS, and DoB on your garage door, and then bitching that your identity was stolen, you made no attempt at all.

Re:"Publicly Available"

[cynyr]

operating a radio transmitter should mean you know this. If not you should consult with people that know this stuff, much like you do with a mechanic, or plumber. Ignorance isn't an excuse, to use an analogy i used earlier on this topic;

"Sorry officer, i didn't know that driving under the influence of alcohol was a crime here, it's not in Uzbekistan"

you still get your nights accommodations for free.

Re:"Publicly Available"

[Richard_at_work]

And according to another story on Slashdot today, an employer visiting an employees public Facebook page is a violation of your privacy. Its amazing how many double standards there are.

Re:"Publicly Available"

[Ephemeriis]

Yes, people should definitely secure their communications.

That said, just because someone leaves their door open, doesn't mean Google should waltz right in.

Nobody waltzed right in... Google drove by on the street and collected what it could see from the road.

If you leave your front door open and stand in the hallway naked, you can't complain too much about Google snapping a picture of you.

Re:"Publicly Available"

[LordLimecat]

If the story had been "google accidentally gathers SSIDs and mac addresses", I would have been alongside you saying "baloney"... mapping that stuff out is exactly the sort of thing Google is into. But sniffing data in a way that is guarenteed to cause legal issues, and THEN announcing it to the world? Google is much more savvy than that, I dont buy that it was intentional.

Re:"Publicly Available"

[Miros]

This isn't a legal issue (yet) it's an ethical one. So fine, as you have pointed out, many of the people who had their data collected may have been ignorant of the fact that their data could be gathered by any passers by. Does that mean that they wanted that data to be shared and disclosed? Obviously not, it may even suggest that many of them, if not ignorant, would have chosen to protect that information (as you pointed out with your SS, DoB Garage Door analogy, that's information that you would obviously want to protect, therefore your WiFi traffic is something that you believe any reasonable person would also want to protect). So, now knowing that many of those people out there would not want you to gather their data, but are ignorant of the fact that you can get it, and there are no legal obstacles to you doing so, you just go ahead and do it because you benefit from something that they would perceive as a harm? I'm sorry, in my book that's just wrong.

Re:"Publicly Available"

[LordLimecat]

So you maintain that Google intentionally did some legally questionable sniffing, just so they could announce it to everyone (and delete the data)? Riiiiight....

Re:"Publicly Available"

[LordLimecat]

I dont work at a big company, but do managers always know the inner details of the settings used in the programs their employees use? Do CEOs know about compiler options used by their devs?

Re:"Publicly Available"

[Ephemeriis]

The people shouting *know* that other people can hear them.

And people communicating on a CB know that other people can hear them.

And people communicating with an unencrypted wireless device should know that other people can hear them.

The fact that they're ignorant doesn't really make it my fault that I overheard their conversation.

Re:"Publicly Available"

[HungryHobo]

the little lock symbol you see when connecting to a secure wireless is a clue as is it's conspicuous lack.

In your world cheap walkie talkies would be illegal because someone might be using a pair and be too stupid to understand that anyone else with a similar walkie talkie could be listening in.

with the old phones you had no real options.
the devices couldn't be used otherwise.

Wireless routers with the exception of stunningly ancient ones have a handy little dropdown menue where you can select an open or secure setup.

And to add the icing to the cake the "specialized radio scanners" in your example were unusual equipment.
My cell phone can listen in to nearby open wireless networks just like pretty much any 10 dollar wireless card in any bog standard laptop.

You have as much privacy on an open wireless network as you have when using a childs toy walkie talkie.
if someone else picks up the signal its your own damned fault.

it's not someone spying on you through a peep-hole in your wall.
it's you freely choosing to broadcast a live feed of yourself to everyone out on the street.

being too ignorant to realize it doesn't give you the right to brand everyone you broadcast too a peeping tom.

Re:"Publicly Available"

[Miros]

You're again countering a moral argument with a legal argument. However, what is legal and what is right are not one and the same.

Re:"Publicly Available"

[LordLimecat]

In the world I live in, it is called irresponsible (and illegal) to purchase and drive a car with neither the training nor knowhow to drive one. Why is hooking up a wireless router any different-- just because our culture has decided to promote irresponsible and reckless behavior?

Re:"Publicly Available"

[rotide]

If you don't want other people to have your data, don't broadcast it with zero encryption. You can't sit there and yell at the top of your lungs all day long and then get mad when someone hears and/or records what you're saying.

Re:"Publicly Available"

[HungryHobo]

where did anyone say they have no right to view a public profile?
firing someone for a trivial offhand joke on a public facebook page on the other hand is a different matter.

Re:"Publicly Available"

[nedlohs]

So you know their claim that they reused some software from another google project without noticing it recorded more than what they actually cared about is false?

And you know that the programmer who did so either didn't realize at all or didn't just think "who cares if it wastes resources grabbing that stuff it's minuscule and we can just not use it" and just used it without mentioning it to anyone?

Are you omniscient? Or do you just spend your life spying on google?

Re:"Publicly Available"

[ljw1004]

"Realized they had it"?? They're like the kid who only "realizes" his hand is in the cookie jar after his mother catches him.

Re:"Publicly Available"

Isn't it the same thing as capturing data sent out by radio stations unencrypted? For example, satellite TV that is unencrypted can be received by anyone and nobody really complains. If it is encrypted though, you are supposed to pay for it. This data was being broadcast unencrypted and although it is by low power transmitters, someone other than the intended party receiving it isn't that unexpected. I think the surprising thing here is the SCALE of it.

Re:"Publicly Available"

[Miros]

No, they don't, which is exactly my point. In order to have an organization that could do something like protect the privacy of the users/customers/public effectively the culture of the corporation has to promote accountability and responsibility all the way down to the lowest levels. People on the bottom, the ones who actually do the acting on the part of the organization, have to have been given a good understanding of what management thinks is valuable from a moral standpoint and encouraged to act on that understanding. What we have here is possibly a failure of that system, which means that this may be an anomaly only in that it was detected not in that it occurred. That would be bad.

Re:"Publicly Available"

[rotide]

If you buy radio equipment you should also *know* that other people can pick up the signals as well. If you don't want other people listening in on your data, simply "whisper" by using encryption.

Ignorance is no excuse. RTFM when you purchase your radio transmitter (read: WAP/Wireless Router). Don't just bitch that you had no idea what security was and everyone listening is wrong for doing so.

Re:"Publicly Available"

[skywire]

Precisely. That is why it is the perfect analogy. Just as a person shouting from a window has no reasonable expectation that passersby will somehow "shut their ears", neither does a person broadcasting unencrypted information have a reasonable expectation that the public will not receive that. This is not just a legal technicality; it is practical reality.

Re:"Publicly Available"

[jbezorg]

Yes, people should definitely secure their communications.

That said, just because someone leaves their door open, doesn't mean Google should waltz right in.

On the opposite side though, they are broadcasting that information to the public in clear form.

To use another analogy:

What if the noisy neighbor got into shouting matches with another tenant in their apartment and you, unfortunately, became aware of some very personal details? Are you to blame for having those very personal details burned into your memory? Are you to blame for having ears and not being deaf?

If you actually did sneak into their house and listened while they had a private conversation, then yes. you would be right but this is more along the lines of a noisy neighbor.

Re:"Publicly Available"

[elewton]

You can kill someone with the car quite easily, but would have try quite hard to harm someone by not encrypting your network.

Re:"Publicly Available"

[Miros]

It's not a legal argument, it's a moral argument. The fact that the person you're snooping may or may not know that they can be snooped does not make it right for you to do so.

Re:"Publicly Available"

[houghi]

There are very different ideas on what privacy is. For one it is everything that is not happening in public. For me it is everything that is happening to me as a person, including walking in a public place.

If you see me, I have no issue with it. However if you record it, then I have. If I do something stupid in a public place some 100 (or perhaps 1000) people might see it. They might even tell others that they saw this person doing some weird stuff. And that will be the end of it.

Record it and put it on a website and everybody, including people who were not there, will be able to see it and it will be haunting me till the end of my life.

See it as a personal copyright, if you will, where I have the right to either opensource or close source my personal image or give it any license I want. That would mean that you would need the consent of each person involved. Great.

Re:"Publicly Available"

[HungryHobo]

If I freely offer to give you directions to the gas station down the street, and then record the make, model, license plate and VIN number of your car without your knowledge would you have an issue with that? That information is available, right? But most would consider it an invasion of privacy.

the only person I know who I'm sure would consider your example a "violation of privacy" is also a diagnosed paranoid schizophrenic.

the the make, model, license plate and VIN number of your car which you are driving on the public street is not private information.

Re:"Publicly Available"

[Miros]

You also don't have a choice when it comes to overhearing someone's conversation. It's a little different if you go through the effort of sniffing traffic from someone's open WiFi. Again, the issue here is not a legal issue, google didn't do anything illegal, it's an ethical question. Is it right to eavesdrop on someone's network traffic, particularly if there is a good chance that they don't even know it's possible? I feel like most people's gut reaction to that is a resounding "no."

Re:"Publicly Available"

[Miros]

"shutting your ears" requires making a conscious decision to wear ear muffs or something. Capturing someone else's WiFi traffic is not something that you just involuntarily do when you are within range, you have to make a decision to sniff the traffic. It's entirely different. And no, the issue is not a legal one. What google did was not illegal. It's a moral/ethical issue: was what they did wrong?

Re:"Publicly Available"

[HungryHobo]

in other words whatever you think is wrong is wrong and no consistent or solid justification is needed.
If you don't like it then it's wrong and should be punished!

Re:"Publicly Available"

[Em+Emalb]

Really? So you have no problems posting the make, model, license plate # and vin number of your car on this forum then?

After all, it's not an invasion of privacy for any of us to do so, is it?

I mean, no one could do anything with that data, right?

The issue as I see it is that google had NO reason at all to do this while they were "mapping" streets. None. There was no need for it.

Slashdot is so hypocritical. On the one hand, privacy concerns abound over sites like facebook and twitter, etc., but if Google does something morally questionable, well, that information is freely available, so it's no big deal.

Bullshit. Frankly, you have no idea what google was going to do with that data. If they hadn't been called in it, you wouldn't have even known they had it. That doesn't bother you? Because it bothers the hell out of me.

PS, I'm a network and security guy. It's my job to be paranoid. I'd suggest a lot more people should be paranoid, because we're headed down a long and slippery slope.

Re:"Publicly Available"

[Miros]

That's a pretty limited perspective I think. There are commonly held moral beliefs many of which have been codified and studied in depth by academics and practitioners in a variety of disciplines. I think in this case I don't need to justify my claim that this is a moral issue. It's obviously a big deal for people and a burning question as to the acceptability of what Google did. Their actions were not in any way illegal, but even they appear to believe that it was a serious serious breach (cue internal audit). So fine, justification of the claim that it's a moral issue: this entire Slashdot discussion.

Re:"Publicly Available"

[Em+Emalb]

No, I maintain that they did what they did thinking they wouldn't get caught. When they got caught, they acted like it was an error.

This blind faith in a huge organization is scary.

Does google have a good track record when it comes to privacy? Google Docs, Buzz, etc would indicate no.

So far, I don't believe they've done anything with that data, but the opportunity, if they wish to do so, is there.

And that's not a good thing, IMO.

Re:"Publicly Available"

[HungryHobo]

On a related note how do you know I actually intended to share anything on an FTP server I set up?
it's quite easy to share folders you didn't intend to share so by that logic browsing any open FTP directory is immoral until you contact the owner, double check with them that they only shared what they intended to share.

Re:"Publicly Available"

[Ephemeriis]

You also don't have a choice when it comes to overhearing someone's conversation.

Nor do you have a choice when it comes to overhearing someone's wifi traffic. Normally, when you're intentionally trying to talk to someone else, that's considered noise. It's other traffic cluttering up the spectrum, getting in the way of what you're trying to do. It's always there. If you're listening to wifi traffic, you'll hear it.

It's a little different if you go through the effort of sniffing traffic from someone's open WiFi.

No it isn't.

There's no effort involved, they're simply capturing packets of traffic, not h4x0r1ng teh interwebs.

If I'm conducting an interview with someone in a public place, recording the conversation, and somebody behind me shouts something, it will be recorded. I'm not going to any special effort to listen in on their conversation... It's just background noise... But it is being recorded anyway. And they probably don't know I'm recording it. If it was something embarrassing, and it wound up as public knowledge, they might be upset. But if they shouted it out in a public place it isn't really my fault it got recorded, is it?

Is it right to eavesdrop on someone's network traffic, particularly if there is a good chance that they don't even know it's possible?

Again, nobody is going to any special effort to eavesdrop on anything. They're just capturing traffic as it flies by.

As far as people not knowing it is possible... Why is their ignorance Google's problem?

You aren't forced to install a wireless router in your house. You have to go out and buy one. Isn't it your responsibility to make sure the device is being operated correctly/safely?

Re:"Publicly Available"

[Miros]

If it were likely that the vast majority of anonymous FTPs were configured that way accidentally or out of ignorance, employed by a huge portion of all internet users, and by default contained detailed logs of all activity that people engaged in that involved a network connection: then yeah, I would agree with you. Fortunately this is not the case in reality.

Re:"Publicly Available"

[I)_MaLaClYpSe_(I]

Just as a person shouting from a window has no reasonable expectation that passersby will somehow "shut their ears" [...]

Just as I should have a reasonable expectation that it will not be recorded and that such a recording would be published without my consent by a passersby when I talk to a friend on the open street, I should have a reasonable expectation that no large corporation is peeking over my fence into my garden or sniffing my WLAN traffic in order to publish/sell/give away that data.

Re:"Publicly Available"

I agree and disagree. Yes they don't understand. But it's their own fault. I own a computer repair shop. EVERY person that comes in here knows that some wireless access points require a password and some don't. Common sense should follow. When you buy a router it comes with a CD that walks you through setting up the security. All they have to do is follow the instructions. They don't. It's by their own choice. If they see any words they don't understand they just say screw it and try to see what happens if they just plug it in.. wow it works.. then leave it just like that. You could put giant signs on it saying people can listen to your thoughts if you don't add a password and they will just skip over it when they see TCP/IP in a sentence. Look how many people get eaten by bears/lions with big ass signs that say "Don't get out of your car!" and "Don't feed the bears".. I am not sure where I am going with this rant maybe just venting.

Re:"Publicly Available"

[HungryHobo]

Oh I do care a little about linking my online anon pseudonyms to my actual identity since I take (minor) measures to avoid strong links.

But I have no problem posting that info online.
hell if selling a car online it would be a given that that info would go up.
because it is not private information.

you seem to love the uncertainty line *YOU HAVE NOOOOOOO IDEA WHAT EVIL PLANS THEY WERE HATCHING!!!!111!!!!* but can you actually think of any serious malicious uses because I can't really see google having an interest in stealing peoples forum logins.

Hell the simplest way I can think of to grab the wireless ID's to build a map vs time would be to throw up cain and able or similar in logging mode and record the timestamps for each network which would probably also capture packets off open wireless networks.

There's sensible paranoid and then there's insane paranoid.
sensible paranoid means encrypting data and being sensible with security.
insane paranoid is ranting about anyone who looks at you funny in the street because looking at your face is a violation of your privacy.

Personally I don't give a shit about facebook and twitter because I actually care about my privacy a little and simply don't use them.

Re:"Publicly Available"

[Miros]

Nor do you have a choice when it comes to overhearing someone's wifi traffic. Normally, when you're intentionally trying to talk to someone else, that's considered noise. It's other traffic cluttering up the spectrum, getting in the way of what you're trying to do. It's always there. If you're listening to wifi traffic, you'll hear it.

Exactly, if you're listening and deliberately capturing the traffic. Your NIC is not in promiscuous mode by default, your OS is not logging the packets the card receives to a file somewhere.

There's no effort involved, they're simply capturing packets of traffic, not h4x0r1ng teh interwebs.

I'm sorry, what percentage of the general public do you think casually sniffs their neighbor's WiFi traffic, or would even know the basic principals involved in the process if you stopped them on the street and asked them? No, it's not "h3x0r1ng teh interwebs" but it's not taking out the trash either.

As far as people not knowing it is possible... Why is their ignorance Google's problem?

Because it rubs people the wrong way when they find out about it later. It's an ethical/privacy gray area at best and Google should have practices and policies in place which prevent this type of thing from happening if they expect the public to trust their handling of private information. Yeah, the privacy interests of Google's users is their problem, particularly if their uses are not well educated in ways that their information could be surreptitiousness acquired.

Re:"Publicly Available"

[HungryHobo]

The vast majority of people I know who run open wireless networks are fully aware they're open- coffee shop owners, or techies who think it will give them an excuse when they're caught torrenting stuff.

detailed logs?
since when were google pulling the logs off the routers?

Re:"Publicly Available"

[Em+Emalb]

I wish someone with mods points would mod this post up for you. A lot of people on here are not alarmed that this didn't come to light until German authorities audited what information they were actually recording.

I find it frightening that people genuinely believe that google hasn't done anything wrong here.

Re:"Publicly Available"

[Miros]

Uhm, "Logs" in this case would be the equivalent of sniffed payload packets, which are way worse than router logs from a privacy standpoint. And I don't think any part of this discussion has anything to do with open public WiFi hotspots.

Re:"Publicly Available"

[SCHecklerX]

brb. Reading the letters in your mailbox. It wasn't locked or anything, and it's right out there for the public to access, so it's cool.

Re:"Publicly Available"

[HungryHobo]

So to protect yourself from your own potential stupidity cameras and video recorders would be effectively illegal in public for anyone who can't afford a legal team.

Great.

Re:"Publicly Available"

[HungryHobo]

This is all about open public WiFi hotspots because that's what you create when you set your wireless network to "open".

Re:"Publicly Available"

[HockeyPuck]

If "Gaggle" used highly sensitive microphones and could record a normal conversation inside your house or in your backyard from the street, would that be a breach of privacy? Should be expected that you need the proverbial "Cone of Silence" because someone might be walking/driving down the street with a sensitive microphone?

Re:"Publicly Available"

[DerekLyons]

Google didn't just "waltz right in." They collected it by accident

Yeah, kinda like the shoplifter who claims the items "just happened" to fall into his pockets.
 
Seriously, you don't "accidentally" write a function into code and a spot to store the data collected by the that code into a database specification, run that code, collected the data in a local database, upload the local database into a master database... etc... etc...
 
There may or may not have been malice, but it wasn't an accident.

Re:"Publicly Available"

[Miros]

[...]coffee shop owners[...]

So now, logically, everybody with a open AP is a coffee shop owner?

Re:"Publicly Available"

[HungryHobo]

Ah so anything people make a fuss about is immoral.
gotcha.

Re:"Publicly Available"

[Miros]

Well, if it's perfectly legal but it pisses people off than yeah, you're probably stepping on some toes.

Re:"Publicly Available"

[HungryHobo]

nowhere did I employ penguin logic.

If you create an open wifi hotspot then you create an open wifi hotspot.
seems pretty logical.

Re:"Publicly Available"

[Em+Emalb]

Actually, what I said was "Google had no reason to do this". There was absolutely no reason for them to map SIDS and mac addresses and take snippets of data while they were mapping streets.

All that information has nothing at all to do with the project they were working on.

I suspect that if this company doing this were not named Google but instead Microsoft that this forum would jump all over them for it.

The double-standard is amazing here.

Re:"Publicly Available"

[HungryHobo]

I can see a pretty simple use for it.
If I'm traveling with my laptop it would be kinda handy to be able to pinpoint where I am without GPS.
I'm sitting in range of an open wi-fi. I want to know where I am?

hit google and it pinpoints where I am based on the wireless networks around me.

seems like a something useful to be able to do.

Re:"Publicly Available"

[HungryHobo]

Also you keep going on and on and on and on and on.... and on and on about this "double standard".

Here's the big secret: There's more than one person on slashdot.
My opinions can differ from the twits complaining about their tweets and facebook profiles being datamined.

You know how I avoid those problems?
I don't use twitter,facebook or open my wifi network.
it's amazingly easy.

Re:"Publicly Available"

[Miros]

But that doesn't require capturing payload data.

Re:"Publicly Available"

[HungryHobo]

it doesn't yet the simplest and easiest way I can think of to capture that useful data with a simple laptop would be to set some program like cain listening in promiscuous mode and later match the SSID/timestamps with where I was at the time to build a map of network hotspots.
Such an approach would also probably log the whole packets even if I'm not interested in them in the slightest.

cutting out the contents of the packets out would likely be more complex and would require some dev work.

Re:"Publicly Available"

How do you collect ANYTHING 'by accident'. did someone at Google say "Hey, let's put these SSID and MAC sniffers in our trucks for storage, and incidentally turn them on just to make sure they still work"?

Collection implies they specifically setup equipment to receive this information.

And why were they interested in SSID and MAC information anyway? What has that got to do with Street view?

instead of stating what happened or how it happened, i want to know WHY it happened.

Re:"Publicly Available"

[Miros]

Which is obviously well beyond Google. No this is a case where it is helpful to have done a little bit of reading

In 2006 an engineer working on an experimental WiFi project wrote a piece of code that sampled all categories of publicly broadcast WiFi data. A year later, when our mobile team started a project to collect basic WiFi network data like SSID information and MAC addresses using Google's Street View cars, they included that code in their software

(cite)
Here they were using a tool developed internally which collected the data by design. They then (by accident or process failure, same thing really) did not adjust the software to not capture the payload data. In any event, if additional work would have been required to protect users privacy (as they have emphasized they really want to do, and take very seriously, and themselves believe they failed to do here) than they should have done it and in this case failed to do so.

Re:"Publicly Available"

[vlueboy]

I'm not endorsing Google's collection, but aren't people who openly broadcast their data be at least *a little* at fault here?

No. I would be "a little at fault" if I use apps to willingly disclose my static IP and MAC on a forum. By default we expect the broadcast signal to cease to exist beyond reasonable ranges. The problem at hand is that at least 1 in 2 /. geeks doesn't even know about AP Geomapping sites like wigle. Suddenly my witty AP name is accessible to anyone who knows where I live. Lack of knowledge means potential for misuse, even if a name isn't particulary helpful to most people today. The stakes always change when your joke is visible at a global scale, as shown by public outcry over Facebook's recent default privacy blunders.

Remember how Windows 2000 users we not at fault for buying a system lacking a firewall out of the box. Microsoft itself was at fault, but only technically because they stood idle while Blaster and other worms took advantage of open ports in our baby internet days. John Q. Public cannot be "at fault" for the openness of access points. De-facto policies are at a sweet spot without hiding the AP name; not all people who use or buy a wireless router can grok the why or how "hidden wireless" works. They just want to pay for their new "phone/internet bundle service thing" and plug and play their equipment. The past 5 years have already brought us WAP encryption-on-first-run wizards.

Router makers will have a big problem with user feedback if their wizards hide AP names on the very same day of purchase. Brand new customers are savvy enough to use WPA keys. They aren't savvy to "find" and troubleshoot a "hidden by default" AP from their iPod, phone, PSP or laptop. Most buyers will return units that they can't connect to, ignoring how it would be "more secure." Blame the industry, because you can't solve social problems without more technology these days.

Re:"Publicly Available"

[Daengbo]

You do realize that they didn't get caught, right? They volunteered this information. They "got caught" scanning SSIDs and MACs, but that was part of a publicly announced project which lots of people already knew about. The other (likely useless) data was collected during this project. Use the wrong (or no) filter on Kismet, and you'll have this problem, too.

As to your issue with Google Docs "privacy," I'd like to know what your problem is. There was a big deal made out of people not knowing they were publishing stuff when they clicked "Make available to others without signing in," but that's about it. Just about everyone with a brain understood what that phrase meant. Google people are smart. They weren't trying to trick anyone there. They just didn't think to look from the viewpoint of idiots who can't understand past the actual words used.

Re:"Publicly Available"

[Shadowhawk]

Except that people's expectations are different. The average person knows that when they shout on a public street, others can hear you. On the other hand, the average person would expect that their data transmissions are private. I know the difference may not be a legal standard, but people's expectations about privacy, however unrealistic, cannot be simply dismissed.

Mind you, I'm not saying you're wrong, but people's feelings make this issue somewhat more complex.

Re:"Publicly Available"

[Daengbo]

A non-exhaustive list of ther things that are considered immoral:

• Segregation
• Integration
• Being of the wrong religion
• Having no religion
• Separation of church and state
• State religions
• Racial equality
• Female equality
• Male equality
• Gays in the military
• Gay marriage
• Being gay
• Being the wrong race
• Technology
• Porn

The thing about morality is that it all depends on who you talk to. Ethics, on the other hand, are about agreements and honoring those agreements.

Re:"Publicly Available"

[dissy]

That said, just because someone leaves their door open, doesn't mean Google should waltz right in.

Then it's good they never once did that.

This is more comparable to you leaving your front door open, and then beginning to hurl furniture at me as I walk past on the sidewalk, and then you get upset with me for seeing the fact you have furniture.

Re:"Publicly Available"

[dissy]

**Cough**Bullshit**Cough** There's plenty of wifi scanners available that only collect SSID and mac addresses.

**Cough**Bullshit**Cough** Such a program trying to view a MAC address from inside a wifi packet, while ignoring those very packets, would not function at all.

Every single last program that can give you a MAC address from a wifi packet (that the program didn't generate randomly) had to receive and parse that packet, which WILL contain other data in pretty much all cases, even if it's just the ARP request with IP addy in it.

Because of course, a MAC address is fine to collect, but an IP in the same packet frame makes you evil and belonging in prison, says the angry mob.

Re:"Publicly Available"

[dissy]

The people shouting *know* that other people can hear them.

Apparently not.

Taking the wifi analogy to this point, those people screaming in your ear really honestly do believe you can't hear them and they are not affecting you in any way shape and form.

Also after screaming directly in your ear from inches away, they seem to get pissed off when they do realize you heard what they screamed into your ear.

No, applying this to wifi clearly shows most people not only DON'T know that other people can hear their shouting, but that somehow people honestly actually believe that no one else but who they are mentally picturing can magically hear them.

By German logic here, I can walk up behind someone and scream into their ear, then sue them for invading my privacy when it becomes apparent they heard me.

The only real difference is the wavelength of the screaming

Re:"Publicly Available"

[HungryHobo]

so what you're saying is that the scenario I layed out is exactly what happened.

They used a tool that sounds a little similar to Cain but developed internally to grab data.
They then didn't alter it to stop it from recording the contents of the packets as well because it was working fine as it was.

seems pretty straightforward and not particularly sinister.

Re:"Publicly Available"

[Miros]

You may find this article interesting: Steven Pinker - The Moral Instinct. Also, the bright line distinction you setup between ethics and morality is far from universally held.

Re:"Publicly Available"

[Miros]

Yar

Re:"Publicly Available"

[Miros]

Yeah, it was just a simple engineering process failure that resulted in a breach of their privacy standards which went unnoticed for three years and only turned up under pressure from outside regulators. Obviously not a cause for alarm.

Re:"Publicly Available"

[TooMuchToDo]

It's a moral/ethical issue: was what they did wrong?

No.

Re:"Publicly Available"

[Miros]

It seems that there are a lot of people out there who would disagree with you

Re:"Publicly Available"

[HungryHobo]

symbolic security: a sealed and addressed envelope.

Re:"Publicly Available"

[zuperduperman]

I think it's a problem but it's not the problem of the people who innocently leave a Wifi recorder on as they drive down the street.

If anyone gets blamed it should be the wireless access point vendors that ship devices that automatically broadcast people's internet traffic unsecured into the whole surrounding neighborhood without sufficiently educating them about the dangers of it. Why don't we have class actions about that?

As for it being a moral issue: Google did not even realize they were collecting this data. How can they be morally responsible for a decision they did not make? Their crime is, if anything, lack of oversight - but that's a very different thing with a totally different moral context.

Re:"Publicly Available"

[zuperduperman]

brb. Reading the letters in your mailbox. It wasn't locked or anything, and it's right out there for the public to access, so it's cool.

Was the letter box right in the public street and not on their property? Were the letters all opened and visible without even opening any envelopes? Did you not actually read them but just accidentally saw them as you went past because you were trying to read the number on the letter box and as soon as you realized your mistake you tried your best to forget and notified the recipients that you accidentally saw some of their letters?

Then I would say you are a morally upstanding citizen and have gone beyond any normal reasonable expectation about privacy.

Re:"Publicly Available"

[zuperduperman]

People understand that if they leave their doors open and have an argument, that people outside the door can hear them having said argument. However, do the people outside the door have the right to record said argument? It's a grey area, it isn't clear cut at all in my opinion.

I think it's clear: from a privacy point of view you have the right to record anything that happens on your property. You have not widened it's availability by doing that - nobody knows it who didn't hear it from the original source anyway. Rebroadcasting it would be debatable (eg: take the recording and play it on the radio) because you are widening the audience. Now more people have heard it than before. Google did not rebroadcast or use this information in any way. *They did not even know they possessed it*.

That's the thing here...there is absolutely no reason AT ALL in my opinion why google, or the company(ies) they used to do the street view should have done ANYTHING AT ALL with wifi networks, macs and data. What the hell does that have to do with mapping streets?

Nothing. Nothing at all.

You need to educate yourself a little bit about why Google is doing this, and why other companies are too. Your base assumption that they are just collecting for the sake of violating people's privacy is totally wrong. Wifi data is tremendously useful and you will appreciate enormously it at some point when you own a device and discover it can do geo-location and get GPS-like functionality for a tiny fraction of the cost, power and speed with which GPS does it.

Re:"Publicly Available"

[zuperduperman]

If Wifi access point owners do not know that they are publicly broadcasting then that is the fault of the access point vendor whose software / setup process should have had sufficient instructions to inform them about it. I do actually think that there should be some thought about a class action against vendors that set you up with a totally insecure configuration by default.

However the whole problem is nothing to do with Google. Perhaps Google should sue the access point vendors for any trouble they are put to over this - that would be fair, in my opinion.

Re:"Publicly Available"

[commodore64_love]

>>>However, do the people outside the door have the right to record said argument?

Yes they do. Words uttered loud enough that nearly people can hear it on a public street can be recorded, either via audio means or written on paper. Same applies to unprotected wireless leaking out of your house. It's how various politicians have had their cellphone communications caught over the years, and it's nobody's fault but their own.

Re:"Publicly Available"

[cbiltcliffe]

Do you have any clue what information is stored in the Windows registry regarding wireless networks in the area?

You've got all that data, but you've got no idea you have it, and probably wouldn't know how to look for it if you did.

Just because the information is in a file in Google's possession doesn't mean they're actively using it, or even aware of it.

If they automatically parse out SSID, MAC, and GPS coordinates, they'll never see that there are other things in that file.

There's a big difference between realizing an appendage of your body is in a particular physical location, and realizing you have data that is impossible for a human to comprehend without computer interpretation.

Re:"Publicly Available"

[cbiltcliffe]

Was there a database field specifically called "Collected traffic"?

Unless this traffic was separated out from the rest of the packet, and stored separately in their database, it could easily have been part of a large binary blob that was the entirety of what was collected from that network.
This collected data would include SSID, MAC, and would be just the raw data.
Anything that was separated out and stored like that was collected intentionally. The network identifiers undoubtedly were, but was the traffic?

So tell me.....what is the schema of Google's street view database? Since you know so much about it, it must be right there in your head.

Oh. You haven't seen it? You have no connection to anybody who has?

Then shut up.

Re:"Publicly Available"

[cbiltcliffe]

They collected SSID and MAC because they were mapping public WAPs. This was announced years ago as part of the Street View project.

There's nothing illegal about searching for open wireless networks. If there was, then every single person with a wireless laptop would be a criminal every time they turned it on.

I don't know exactly what software they were using for this. It sounds like it was custom written, and includes components that were written for different projects.
So, if you use a module from something written 2-3 years ago in a current program, how do you know it's not doing more than you need for this application? Unless you review all the source code, you don't, even if you wrote it yourself.

If you want to write a web app that logs IP addresses of visitors, and you know a few years back you wrote a module that gathered and stored IP addresses, browser identifiers, and HTTP result codes, you could use that module for what you needed. But unless you hacked it to not store the other bits you don't need, you'd be gathering more info than you intended.

Now, translate that into WiFi scanning.

Re:"Publicly Available"

[DerekLyons]

Unless this traffic was separated out from the rest of the packet, and stored separately in their database, it could easily have been part of a large binary blob that was the entirety of what was collected from that network.

The only way to harvest and store such data is by deliberately writing and executing the code to do so. There is no way to 'accidentally' do so. Period. End of story.

Re:"Publicly Available"

[cbiltcliffe]

Really? So every piece of software you've ever written was completely, 100% bug-free?

Let me guess: You've never written software.

Re:"Publicly Available"

[DerekLyons]

A bug captured and stored all that data? You are either on serious drugs or utterly fucking ignorant of how computers work.

Re:"Publicly Available"

[LordLimecat]

No, you can simply contribute to the multi-billion dollar hassle that spam is.

Re:"Publicly Available"

[cbiltcliffe]

Or how about: A bug didn't filter out that data before it was stored.

Think beyond the end of your nose, and you might have the slightest clue as to how the real world works - meaning - in many different ways than you think.

breeches

[bidule]

Google should wear pants that hides more than its show. Because when your show is public, there's no privacy.

IMHO

[Securityemo]

They could have gotten away with this scot-free without doing a full internal audit, not to mention temporarily halting data processing. Given the assumption that there's no hidden underlying cause pushing them towards this, it's slightly above-and-beyond in my opinion.

Re:IMHO

[Miros]

Usually when these kinds of things happen (companies apparently acting against the public interest for their own gain and then getting caught in the process) there is a big backlash and a call for government investigations and regulations. Internal audits are just a classic tactic to try and squelch that knee-jerk reaction. Banks, manufacturing companies, heck, pretty much any kind of company caught in the government/public cross-hairs will do that. It's just a defensive play, it doesn't mean that they didn't screw up, and it doesn't mean that the government should not still look into it. Would you be satisfied if the government accepted BP's post spill "internal audit" as sufficient investigation and then just left it at that?

Re:IMHO

[LordLimecat]

there is a big backlash and a call for government investigations and regulations. Internal audits are just a classic tactic to try and squelch that knee-jerk reaction.

Didnt they CAUSE that backlash when they chose to disclose the issue in the first place? Are you saying they decided, "Lets cause a massive public PR disaster, and then lets attempt to appease the masses with a phony internal audit"?

Re:IMHO

[Miros]

The PR disaster could have very well been inevitable. Even if we take the story that they provided as true, that it was an accident, it is still likely that the truth would come out eventually in which case it would look far far worse than it does now. It's always better to come clean in those cases, particularly if discovery appears inevitable (believe me, lots of large corporations sweep all kinds of things under the rug, as long as they know for a fact that they stand little to no chance of being discovered). So, accepting that disclosure would be necessary at some point, given the magnitude of the apparent violation, the likely hood of public backlash, and the increasing pressure for government oversight/regulation of data collection/retention by private companies: yeah, do an internal audit ASAP.

BREAKING NEWS !! FOX GUARDS HENHOUSE !!

You heard it First on Four !!

I wasn't aware Google was causing

[wiredog]

Tens of billions of dollars in environmental damages that were going to have to be cleaned up by the taxpayers.

Re:I wasn't aware Google was causing

I'm still not even convinced that they did anything wrong. Are we really okay with the precedent that you aren't allowed to even look at data that's being broadcast right into the damn street?

WTF

[ladylardbottom]

Dude, learn to spell "breach" seriously WTF asshole

Re:WTF

[ladylardbottom]

aww crap gonna get banned by /. -- meh.

Re:WTF

[ladylardbottom]

Okay, so I correct the spelling of "breach" and I'm a troll. To expand, I think this whole attack on Google in Australia is B, given Stephen Conroy's attack on them recently. Fair dinkum?

Re:WTF

[spartacus_prime]

Don't you know that talking to yourself is one of the first signs of madness?

Publicly available payload data.

"not only publicly available SSIDs and MAC addresses, but also samples of **publicly available** payload data transmitted over these networks"

There, fixed it for ya. At least half of the responsibility lies with those owning unsecured networks. If you don't want your data public, learn to secure it. Google is still at fault for breaking a public promise, mind you. However, the news stories seem to miss the crucial piece of information: _anybody_ can listen to these packets (and chances are many people do). However, it's digital data, and that means it's evil to listen to it. Hmm.

Re:Publicly available payload data.

[LordLimecat]

No, its google, so its cool to jump on their case for everything they do, legitimate or otherwise.

Stumble This!

This entire wireless thing is total BS. From what I have read, they were using kismet for their wireless collection program. and if they were channel hopping like any good war-driver I assure you they were not around long enough to get anything useful. (DNS,netbios,MDNS packets etc) All of it was open to begin with and all ready up for grabs. most people know what they are buying now when they get an AP that is not setup properly (Big warning stickers printed on box for setup).

complete non-issue!

[Bielenberg]

Of course we can trust good American corporations like google, there's never been unethical behavior in the corporate sector! ... it's not as if governments like China will have access to any of the information they're collecting!

HD?

[HockeyPuck]

With the promise of HD street view, what's the legal ramifications of Google taking a picture that allows someone to see into your house through a window? What about license plates? Could someone write an application that "walks" down the streets and OCRs all the visible license plates?

Are we expected that if we want privacy we have to keep our blinds/shades closed at all times?

Re:HD?

[dward90]

Your level of privacy doesn't change. A human being walking down the street can see into your window. Keeping the blinds shut maintains the same level of privacy against people walking their dogs as it does against Google's photos.

Re:HD?

[stoanhart]

Street view is already HD in that the photos are at least 720p (though the concept of vertical resolution loses its meaning in spherical panoramas). Also, at least in Canada, Street View automatically detects faces and license plates and censors them.

Re:HD?

[HockeyPuck]

A human being walking their dog isn't taking photographs with a zoom enabled camera and then providing an API to access those pictures.

Re:HD?

[TooMuchToDo]

But if I wanted to, I legally could. No whining just because someone's actually done it.

THIS is the highest rated comment??

[Gorimek]

I can see how some angry kid would equate these two incidents, but I'm shocked that something this idiotic would get voted the top comment of 110!!

Re:THIS is the highest rated comment??

[Tom]

It appears that the equation is only in your head. The incidents are very distinct. The corporate reaction isn't, and it's the reaction that is the point here, not the incident.

And yes, one can look at the one without looking at the other. Sure a murder is a lot worse than hitting someone, but they both fall into the physical violence category, and the question of how society deals with physical violence can be asked without going into the details of either case. And yes, the generalization is a valid discussion.

The point is not if an oil spill and a privacy invasion can in any way be compared. I don't think they can, to the point where even statements like "the oil spill was much worse" are not false, but meaningless. However, the question of whether we accept that a corporation that messed something up is the proper entity to be in charge of fixing it should be asked. There was a time in our society when the answer was a clear "no" and the general public expected the government to take over, hang the culprits from the nearest tree (figuratively speaking), clean up the mess and hand them the bill.

The question is what interests are served by letting the offender clean up the crime scene and have a go at undoing the damage.

But why?

[Gorimek]

I've yet to see anyone accusing Google of lying about this explain why they would want to get this data?

It's hard for me to think of anything more useless than tiny random snippets of unidentifiable wifi traffic from German roads. What do the conspiracy theorists think Google is using it for? What would be a possible business plan to monetize it?

Google hasn't done anything wrong or illegal

[FreeUser]

No, its google, so its cool to jump on their case for everything they do, legitimate or otherwise.

Hardly. When google pandered to China, although far less so than Microsoft and Yahoo, there was scathing criticism (and rightly so).

This, however, is a clear cut case of there being nothing to this at all, except a chance for governments with an interest in suppressing the free flow of information looking for a big club with which to threaten Google whenever Google helps disseminate information they don't want disseminated, or competes against a company that has lined the ruling politicians' pockets.

I wouldn't be at all surprised to see this as a prelude to the media cartels attacking google for allowing torrents to show up in search results, or some other anti-competative attack from some other quarter (Apple, Facebook ... could be any of a growing number of enemies Google is making as it gives away what so many others want to force us to buy), though it could well just be a typical government powergrab on an international scale.

Paradigm Shift

[Requiem18th]

I was wondering when someone was going to come up with this moronic analogy again.

In real life, everything you say out loud is public, yet you don't expect your conversation with your friends in a restaurant to be recorded by a search engine listening behind the walls. If some one with a TV camera walked into the restaurant and started filming you up close you and your friends would stop talking or at least change the subject while the camera is over you.

While the conversation is carried on public there is still an expectation of privacy because you know no one is spying on you and that is exactly what changed here. Now we --and I mean people, not just slashdoters-- need to be aware that there is a company with the resources to send cars around recording personal-yet-public communications.

But, for the time being, I wouldn't blame people for not knowing they were being spied upon, for almost everybody outside of the WW2 generation in Nazi Germany and the Cold War generation in the USSR, being randomly spied upon is a new thing.

And yes this a spying of sort, just recording audio off the air isn't really spying, but separating the voices, tagging them to specific names, along with geolocation, and other traceable information, then logging it forever is just spying waiting to happen.

Technical details of street view

Here are some technical details of precisely what sorts of packets Google captured:
http://erratasec.blogspot.com/2010/05/technical-details-of-street-view-wifi.html

It's the back-end that will kill you.

[mzungu]

The problem comes from the aggregation of the data by Google and what info can be gleaned from it.

I have an android phone - wanna bet that it uses the name of my access point (via google) to better identify my location?

And that's just the SSID. Why did Google never say they were collecting SSID info to start with?

I don't think this was an accidental add-on, if they are collecting the data, they are going to use it.

When a corporation does it...

If I logged my neighbors web usage, I'd be putting myself at risk of prison time, encrypted or not. What Google did was a crime no matter how you look at it.

What part of "public" wasn't clear?

[kmoser]

publicly available SSIDs and MAC addresses

If it's public then what's wrong with capturing it?

but also samples of payload data transmitted over these networks

If it was unencrypted data, then it's fair game. After all, if you choose to set up an unencrypted network, you are actively broadcasting your data to the world. That's your problem.

Its so obvious people!!!

[tru3ntropy]

Don't you see what google is doing people?!! Google cars AKA Google-bots are indexing the entire physical world!!! The only way to stay safe is to put a robot.txt on everything!!!! And tin foil hats cant hurt either.