Congressman Steps Up Pressure On Google, Facebook

crimeandpunishment and other readers noted the US government's increasing pressure on Facebook and Google. On Friday the head of the House Judiciary Committee, John Conyers, sent the two companies a letter asking them to cooperate with any government inquiries. It's not clear exactly what purpose the letter served, other than to make Google's and Facebook's lawyers squirm a bit more than they already were, with Germany and courts and the FTC looking hard in their direction; Conyers did not say his committee will be holding hearings. The FTC just asked Google to hold onto the Wi-Fi data that it says it accidentally collected while snapping Street View photos. And in response to the growing outcry since its F8 conference last month, Facebook offered some simplified privacy controls — though opinions vary on how much the new controls simplify things for users.

A new privacy issue I saw today:

[Culture20]

After typing my password wrong a couple hours ago, I noticed the new facebook "wrong email/password pair" page does the GUI login interface: it changed my email address into my Full name and profile picture. So now random Joe can find out someone's profile picture without even having a Facebook account. Also, it ties your email address to your real name, even if you don't make your email address visible. All random Joe needs is an email address. It's not like spammers don't have millions of email addresses, and botnets to do the intentionally failed logins.

It's not as bad as some of the other crap, but this is an example of where they don't think their "ease of use" through.

Re:"It's not clear what purpose the letter served.

[Cornwallis]

More likely to steer attention away from his wife who was a Detroit City Council member and is due for some jail time over (SURPRISE!) bribery charges.

Re:Accidentally or Tactically Aquired data

[beakerMeep]

Or, you could have just answered his question in a sentence or two. From what I have read, Google was collecting publicly broadcast SSIDs on purpose to help with geo-location and their Maps service. However they (claim) the code they used to gather this data was accidentally cut an paste from a research project that demonstrated how much more than just SSIDs could be captured.

So while they were hoping for grabbing just this:

getSSID();

they got

getSSID();
getAllSnifableTraffic();

This is an oversimplification-guesstimate, but I think makes the claim more understandable. Are they telling the truth? Hard to say. Certainly we've all seen cut and paste errors in code like that. But you'd also think if someone was using code from a project designed to actually sniff traffic they would know to be careful what they cut and paste. So while it seems a bit fishy, it's absolutely plausible the whole thing was just an accident.