Slashdot Mirror

← Back to Stories (view on slashdot.org)

FTC Ends Probe of Google StreetView Privacy Breach

Posted by samzenpus on from the move-on-nothing-to-see-here dept.

GovTechGuy writes "The Federal Trade Commission (FTC) wrote to Google on Wednesday to end its probe into a major privacy breach in which the company collected and stored private user information, such as passwords and entire e-mails, without even realizing it after the search giant promised to improve its privacy practices."

15 of 99 comments (clear)

  1. I'm sure that... by Bill_the_Engineer · · Score: 4, Interesting

    I'm sure that Eric Schmidt being Barrack Obama's "informal" technology advisor had nothing to do with it.

    --
    These comments are my own and do not necessarily reflect the views or opinions of my employer or colleagues...
    1. Re:I'm sure that... by Microlith · · Score: 5, Insightful

      I know, it couldn't have anything to do that nothing transmitted in the clear over unregulated frequencies is considered secret in any way, and therefore Google arguably did nothing wrong whatsoever.

      It had to be political gaming by CEOs to protect them from Federal legal action for violating... what law again?

    2. Re:I'm sure that... by LordLucless · · Score: 5, Insightful

      This is how low Slashdot has sunk. Years ago, this site was very pro-privacy. We're now at the point where a company can archive your emails and passwords, claim it was an accident, and get off the hook by promising not to do it again next time--and that's "doing nothing wrong whatsoever" according to the posters here.

      No, we're just very pro personal responsibility. If you're broadcasting unencrypted data into the street, reading it shouldn't be a crime. If you don't know how to encrypt your wireless data - even with easily-cracked encryptions, that at least require some deliberate effort to crack - then you shouldn't it be broadcasting it into people's face. If Google were getting this data by cracking WEP, or performing MitM attacks, then I'm sure you'd see people up in arms.

      Complaining about this is like complaining that a vehicle equipped with an audio recorder picked up your shouted argument from the street. If you weren't screaming at the top of your damn lungs, nobody would have heard anything.

      --
      Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
    3. Re:I'm sure that... by wolrahnaes · · Score: 5, Informative

      Or that there's no reason for a probe to ever have been started. They gathered data from open radio transmitters. There is absolutely ZERO privacy expectation for anything transmitted on open protocols in the clear, so I say tough shit to anyone whose "private" data was captured.

      If I strap a tape deck to my radio scanner and drive around recording whatever comes across am I violating the privacy of people who I pick up? Hell no. So why is it such a big deal for Google to do exactly the same with digital data rather than analog voice?

      It's already been stated that the reason the data was captured is that Google chose to do things "The Unix Way" and basically strap together a few common apps in their cars, including a packet capture tool. This makes sense since Wireshark (and assumedly all other software that relies on libpcap) can record signal strength with every packet received. Run that constantly and have something logging your GPS position regularly enough, then you can just feed the data in to a processing tool after the fact to go through and create a rough map of what WiFi BSSIDs are where (which is exactly what the data was gathered for, iPhones and Android phones among others can use the WiFi devices they see to get their location).

      There's no logical reason they should even have to change what they're doing, but since the majority of the world seems to not understand that they may as well be yelling their personal data in to a CB mic if they send it over unencrypted WiFi, they're changing their toolset anyways to please the public. As such, since there wasn't a problem in the first place and the activity people bitch about is stopping, there's no reason the FTC needs to do a damn thing. There are plenty of other real problems out there for them to deal with.

      --
      I used to get high on life, but I developed a tolerance. Now I need something stronger.
    4. Re:I'm sure that... by LordLucless · · Score: 3, Insightful

      Uh-huh, and just because someone publishes a publicly accessible webpage available over http doesn't mean you have any right to access it, right? You should be getting written permission to "hack into" their computer by accessing it via publicly-accessible protocols they have explicitly installed and made available?

      There are well-documented methods for establishing whether you want somebody to be able to use your connection. Not using them, and then complaining that someone uses it is like bitching that Google indexes your site, because you didn't setup robot.txt.

      --
      Just because you're paranoid doesn't mean there isn't an invisible demon about to eat your face
    5. Re:I'm sure that... by slimjim8094 · · Score: 3, Insightful

      They were using Kismet, which by default captures all unencrypted packets it hears. They forgot to change the default - which, incidentally, is something the WiFi owners are guilty of as well.

      It would be different if they changed the configuration in order to capture packets, instead of simply forgot.

      --
      I have developed a truly marvelous proof of this comment, which this signature is too narrow to contain.
  2. Whoops! by Mikkeles · · Score: 3, Insightful

    Gee, we got caught; better do it differently next time. (After all, there's no penalty).

    --
    Great minds think alike; fools seldom differ.
    1. Re:Whoops! by Anonymous+Psychopath · · Score: 5, Insightful

      No penalty because there's no outcry. People give Google a pass because Google gives them free email, a free search engine, and a free browser. It doesn't seem to occur to Google's fans that their search and advertising platforms are as closed source and proprietary as Windows, and that all the free services only exist to get people's personal data indexed.

      I'm pro-privacy, but this is silly. It's no secret that you pay for Google services by allowing them to target advertising at you. That's their business model and not only do they not make any attempt whatsoever to hide it, they point it out every time they have an earnings call.

      I fail to see why those shouting their secrets from a street corner have an expectation of privacy. We are responsible for our own privacy, not Google and not the government.

      --

      Eagles may soar, but weasels don't get sucked into jet engines.

  3. Re:Still being Sued by Canada by FooAtWFU · · Score: 4, Insightful

    If suing Google after they collected the passwords you transmitted unencrypted over wireless networks is *really* your idea of "privacy" . . . you're going to be in a big surprise when someone less friendly than Google does the same thing.

    --
    The World Wide Web is dying. Soon, we shall have only the Internet.
  4. They didn't *get caught* by DrYak · · Score: 5, Interesting

    Gee, we got caught; better do it differently next time.

    Well, the fact is, Google discovered the abnormal storage themselves. And reported it immediately.
    Storing that data was not their intention, only making a map of SSIDs.

    It's not like they where planning to keep this data and profit by re-selling it to marketeers (FaceBook, I'm looking at you !)

    I stay with my belief :
    - The clueless users who don't secure their network are the problem.
    - Even if Google did got punished, this won't suddenly make the clueless users less vulnerable to anyone with bad intentions.
    - And, if the next recording guy is a bad guy, it's very unlikely that he'll report himself. He'll just run away unnoticed with the data, and try to sell it.

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  5. Re:Still being Sued by Canada by WillAffleckUW · · Score: 3, Interesting

    See, in other countries - like say, Canada or the UK or the EU - corporations aren't People. And they have no rights.

    --
    -- Tigger warning: This post may contain tiggers! --
  6. Re:Microsoft and Google by ozzee · · Score: 3, Informative
    You are flaming, right? Let me give you the benefit of the doubt. Let's compare the two.
    • Google fesses up to it's mistake, Microsoft fights. If it was not for Google owning up to the error, no-one would have known, while Microsoft tried hard to keep quiet comments like "Knife the Baby".
    • Google made no financial advantage from this while Microsoft made a whole business by killing competitors using it's monopoly advantage.
    • Google did not intend to breach privacy laws, Microsoft knew and were warned on previous occasions that they were to stop the practice.
    • It's not really clear that Google really breached the law, the information they collected was in the clear, i.e. if you go yelling you account numbers and passwords from the rooftops and someone with taking a family video records inadvertently, I suggest that it's hard to prove that the cameraman is at fault. Microsoft was found guilty and convicted of its crime.

    ... just to point out a few, I can go on if you like.

    I think it's important to compare like cases if you don't want to be marked a troll.

  7. Re:Still being Sued by Canada by wolrahnaes · · Score: 3, Informative

    FUCK. It's not like entering someone's home, it's like turning to the same channel they're talking on on a CB. THEY ARE BROADCASTING IN THE CLEAR. THEY HAVE NO FUCKING PRIVACY!

    --
    I used to get high on life, but I developed a tolerance. Now I need something stronger.
  8. Re:Without realizing ? by Anonymous+Psychopath · · Score: 3, Insightful

    without even realizing it

    Google sniffing out all this stuff by accident? ! **sneeze** bullshit !

    Would it be an accident, it'd even be scarier. It'd mean that the search giant don't know what they're doing.

    I don't think you've ever used a sniffer. Google drove around with a wireless sniffer that recorded traffic to a log file. The guys in the van would upload all their logs to a central location where they were parsed to build a database of access point SSIDs and MAC addresses for geolocation. The problem is a sniffer dump contains a lot of raw packet data, more than just the information they needed, because that's what a sniffer is supposed to do; capture all the traffic it finds.

    --

    Eagles may soar, but weasels don't get sucked into jet engines.

  9. Thank god that's over by mgiuca · · Score: 3, Funny

    Well I for one am glad this is over and Google understands what it did is wrong and nobody will try something like this again.

    I'm glad this issue got some public attention, and everyone learned a valuable lesson (which should already have been obvious): reading other people's wi-fi is wrong.

    Now I can go back to setting my router to no encryption and be safe in the knowledge that nobody will read the passwords and bank details I will inevitably send in the clear.