FCC Investigating Google Street View Wi-Fi Data Collection

adeelarshad82 writes "The Federal Communications Commission is looking into whether Google's Street View Wi-Fi data collection violated the Communications Act. At issue is a May admission from Google that equipment attached to its Street View cars collected data that was traveling over unencrypted Wi-Fi networks, known as payload data. At first Google said it did not know if that data included personally identifiable information, but the company admitted last month that it did include entire e-mail addresses, URLs, and passwords. Google has pledged to work with the FCC."

Why? WHY???

[Pojut]

Why would they even REMOTELY think this was a good idea? What's the point of Google collecting this kind of information

Re:Why? WHY???

[chemicaldave]

I was under the impression that amassing and organizing as much information as possible was part of their goal. There's lots of information to be had from router data. Perhaps it really was unintentional that they collected the extra personal information and that they only were interested in SSID, MAC, encryption, etc.

"Google has pledged to work with the FCC."

[windcask]

If by "work with them" you mean "pay them off," sure.

Re:"Google has pledged to work with the FCC."

[orgelspieler]

I think in this case "work with them" means, "If you stop pestering us, we won't shut off your connection to youtube."

War-driving

[falldeaf]

Forget the information contained in the networks, even since street-view came out I thought it was a shame they didn't list wifi networks with gps coords, encryption type, signal strength and the detection date. It was neat seeing my house one google maps but I'd be more excited to see my network signal. :P

Re:War-driving

[windcask]

Yeah, I can see the use for that...as a veritable 'hit list' for people who want to use unencrypted domestic Wi-Fi in illegal acts.

Re:War-driving

[garyisabusyguy]

Hmmm, illegal acts like enabling people to find an available wireless connection without paying ATT or Verizon for it?

Yeah, shame on them how dare they enable people to connect to the internet without paying out the ass for it, just plain un-American!

Re:War-driving

[falldeaf]

I suppose that could facilitate some anonymity but that just seems a bit paranoid to me. Why not just use Tor if you want to do your dirty work, no need to even leave the house. And if you don't want your network being used by outsiders, don't allow access... I have a wireless access point from my home available to the public, just to be nice. I just cap it's data usage. :)

Re:War-driving

[windcask]

I was thinking something more along the lines of breaking into their home networks and lifting passwords, credit card numbers and social security numbers, as well as a way to obfuscate their location for an attack of some kind. But yeah...damn the man or whatever.

Re:War-driving

[causality]

Hmmm, illegal acts like enabling people to find an available wireless connection without paying ATT or Verizon for it?

Yeah, shame on them how dare they enable people to connect to the internet without paying out the ass for it, just plain un-American!

I'm all for utilizing bandwidth in a cost-effective way. If ATT or Verizon don't like that, too bad for them. Having said that, if someone wants to share your connection (that you pay for, that your name is on) then why can't they ask you first? Seems like common courtesy to me. Then you can give them a password or encryption key and allow them as an authorized user.

It's reasonable to assume that those who don't show that kind of common courtesy are more likely to cause trouble.

Re:War-driving

[windcask]

Yeah, and if someone does something nefarious with that connection, YOU are responsible for it. "Sometimes an open hand does more damage than a clenched fist..."

Re:War-driving

[windcask]

Oh yeah, and uh...FIRESHEEP.

Re:War-driving

[Andy+Dodd]

I don't think they'll show a list of all networks that are in an area - it would be too easy for a competitor to datamine them then.

What they effectively have is a lookup service:
MAC + SSID -> your location to within Wi-Fi range

You'll notice that a lot of Google products are now location enabled - Maps can, if you are using Wi-Fi, determine automatically where you are. Same for Android devices even when GPS and cellular signals are turned off. The data collection efforts in question are how Google provides those services.

Re:War-driving

Tor is not anonymous. The governments run thousands of exit nodes. And why not? Virtualizing a machine is trivial.

Re:War-driving

if someone wants to share your connection (that you pay for, that your name is on) then why can't they ask you first?

The obvious answer is that it isn't always apparent who the access point belongs to, and even if it is, there is no guarantee that they're around. If your car breaks down on the side of the road and there is no cell signal but there is an open WiFi in range, you can't tell me there is any kind of moral problem with using the WiFi to make a VOIP call for a tow truck. Unless you're doing something obnoxious like consuming copious amounts of bandwidth or using the connection to break the law, you're not hurting anybody.

And it's not like the person who owns the access point has no recourse. If they don't random people using their connection, why do they have an open connection? Even if they were using WEP with a password of "password" it would tell anyone who sees it that it isn't for public use. Leaving an access point open is an invitation to use it.

Re:War-driving

Yeah, and if someone does something nefarious with that connection, YOU are responsible for it.

They have to actually prove that it was you. If it came from your IP address then that is "evidence" but not very strong evidence -- after that they look at your computer to find more evidence so they can make a case. If it wasn't actually you who did it, your computer won't look like it was. It's like running a TOR exit node: You might get a visit from the cops, but provided they're honest (granted there is no guarantee of this), once they figure out what is going on, they go on their way.

Re:War-driving

[arkane1234]

Why the hell did this get labelled "troll"?
This is FACT... there are lots of cases of this!
Or being so financially hurt you can't afford net access, and all you do is view a few websites, and check your mail.
Before anyone spouts off about not being able to afford a computer, you can get them at goodwill for $25 sometimes, or off of craigslist for $25-$50.

Re:War-driving

[arkane1234]

There's a way to do that.. it's called secured networking with guest access.
WPA2-PSK with AES encryption, and a guest password... it's so freakin easy, a caveman can do it.

Re:Why? WHY???

[garyisabusyguy]

Why climb Everest? Because it's there!

Why not? If it is public data and it might offer some additional correlation for geographic/text search engine cross-over then I for one would be interested in using that information.

A better question is, why the hell do people feel comfortable putting PRIVATE data on an UNPROTECTED network?

Oh, and just to keep it fun, the GOP is turning this into a smear campaign against President Obama by saying that there was collusion between the Whitehouse, Google and the FCC to turn this into a cover=up. Just wait until the lying heads at Faux News start spouting their twisted stories

Re:Why? WHY???

[Pojut]

Even giving them the benefit of the doubt and agreeing that the collection of personally identifiable information was an accident, what do they need MAC adresses and SSIDs for? Some kind of searchable database for open WiFi no matter where you are? That's not a lawsuit waiting to happen, no sir...

Re:Why? WHY???

[The+Salamander]

Access point MACs, signal strength, and latitude / longitude coordinates gives you a geolocation database you can use to calculate your position via WiFi, ie: skyhook.

Re:Why? WHY???

[TheClarkster]

The software they used was had a log of the traffic data. They did not know about it, they didn't plan to collect it. And the moment they found out about it they told everyone. If they had just silently deleted it no one would have known. But Google felt it was best to be open about their mistake.

Re:Why? WHY???

[chemicaldave]

I can't say what they wanted, that's just a guess. A MAC address would at least give away the manufacturer. But that's conjecture. It is possible that someone fudged some code and accidentally collected personal information instead of discarding it. It happens.

Re:Why? WHY???

[Kvasio]

so they could sell it to fed's?

Google should be fine

[Murdoch5]

If the wifi is open then google can't be in trouble for using the wifi. Whats stopping me from going on my neighbors wifi and using it if it's open. Open Wifi is an invitation to use. Now if google cracked the wifi then ya I can see the FCC being pissed, but they only used open wifi.

Re:Google should be fine

[bonch]

How many times?

How many times is this bogus argument going to get trotted out?

Having an open Wi-Fi is not any more an open invitation than having an unlocked door is an invitation for strangers to walk into your house.

Re:Google should be fine

[CraftyJack]

There's nothing stopping you from driving around town collecting all of your neighbors' discarded bank statements on garbage day - they really should be shredding them, after all. Still, it might raise a few eyebrows.

Re:Google should be fine

[bem]

But transmitting data on unregulated frequencies, IS an open invitation for people to receive that data.

Stay off the public airwaves if you don't want the public to receive your data.

Pay for your own frequencies if you wish to use the public airwaves and even then, encrypt your data if you don't want it seen.

Using unregulated frequencies that are listened to by any wifi device (turn on wifi on phone, "searching for networks"... THAT is receiving WiFi) and expecting not to be seen is just plain stupid.

Your open door analogy is BS.

Having an open WiFi is just as much an open invitation for packet capture as standing on your front porch and screaming so that anyone within a couple hundred feet can hear you.

Re:Google should be fine

[Anthony+Mouse]

Having an open Wi-Fi is not any more an open invitation than having an unlocked door is an invitation for strangers to walk into your house.

If you unlock the door to your house and there is a sign out from that says "Open House" you're going to have a damn sight of trouble trying to have anyone prosecuted for trespassing.

Re:Google should be fine

If the PHONE LINE is open then THE NSA can't be in trouble for using the wifi. Whats stopping me from going on my neighbors wifi and using it if it's open. Open Wifi is an invitation to use. Now if google cracked the wifi then ya I can see the FCC being pissed, but they only used open wifi.

FTFY.

Oh wait, doesn't seem so innocuous now, does it?

There's this little thing called the "right to privacy". You know, that pesky little 4th Amendment. And that right isn't only against the government.

Why the fuck does Google always get a pass? If word got out the during the Bush Administration was merely discussing what Google has been doing digging into private areas of people's lives, the same Googlebot fanbois who blithely blurt out "Google should be fine" would be frothing at the mouth about the "EEEEVIL BOOOSHITLER!!!"

Re:Google should be fine

[Murdoch5]

Your wrong, having open wifi means your inviting people to get your data, If the date was important you would have secured it and the first step is encrypting your wireless access point.

If you leave your door unlocked and open and you leave your credit information sitting out you shouldn't be allowed to sue the person who takes a look.

To put it in another way, if are naked in front of a big glass window and someone looks in you shouldn't be allowed to sue them of peaking.

People always try to agrue this and it doesn't make sense. If the information had any value to you, you'd lock it up or encrypt it. Other wise your really letting anyone read it. Because your a stupid computer uses doesn't mean others should have to pay.

Re:Google should be fine

[Murdoch5]

Exactly, and if you leave your wifi open it's the same as not shredding the documents.

Re:Google should be fine

[arose]

On the other hand having an open window means that people might look in without ever entering your house.

Re:Google should be fine

[arkane1234]

How many times?

How many times is this bogus argument going to get trotted out?

As many times as it takes to get it through your thick skull. In Windows, most of the time it falls to the most available wireless network, so you don't actually hack in... it just HAPPENS.
I do this all of the time, and I have to switch to the network I want.

If you don't understand it, re-read this until you do. It'll help you in life with lots of different scenarios, trust me.

Re:Google should be fine

[arkane1234]

addendum: and having those documents fall into every laptop with wifi turned on.

Re:Google should be fine

[Murdoch5]

which is why you secure the connection

Make it illegal to spew your broadcasts at me

[BitZtream]

Why is it illegal for Google to listen as it drives down the street to something you're broadcasting into the street?

Make it illegal to broadcast it into the street in such a way that a normal consumer device won't hear it, THEN you can go after Google if they used something to cheat and listen in on people.

Right now they're being investigated because they drove down the street with a microphone and recorded all the idiots shouting out their private info to anyone willing to listen ... without special listening equipment!

I understand making it illegal for someone to use a laser mic to listen to my private in home conversations. I expect anything that normally would not be heard outside my home to be private.

Wifi most certainly is expected to be heard outside the home. Its not something that someone can claim ignorance on, people understand that television broadcasts and radio broadcasts travel many miles, so anyone claiming ignorance just doesn't count as they are too stupid to matter.

I really can't see how you can call google wrong in these case, if you broadcast it over the airwaves, and someone hears it, too damn bad. Encrypt it, or hell at least use WEP, where it might not be actually secure, but at least you can say you made it clear it was not intended for unauthorized parties.

Re:Make it illegal to spew your broadcasts at me

[ZDRuX]

Can you explain to me how you can broadcast URL's, passwords, email addresses, etc.. over a broadcast beacon alert? I'd like to be enlightened.

Re:Make it illegal to spew your broadcasts at me

haha ur dum

Re:Make it illegal to spew your broadcasts at me

By sending packets that contain URLs, etc. over the public-access 2.4GHz spectrum unencrypted?

Re:Make it illegal to spew your broadcasts at me

RTFA dipshit.

Re:Make it illegal to spew your broadcasts at me

> Why is it illegal for Google to listen as it drives down the street to something you're broadcasting into the street?

It isn't. There must be a reasonable expectation of privacy before listen is a problem. Unencrypted radio transmissions have no such expectation. For example, no one would consider that listening to an FM radio broadcast would be a problem. ClearChannel can't come along later and say, "uh, you can't listen to that signal we're beaming through your house!" Of course I can. If you don't want me to, don't beam it through my house.

Same applies here. There is no reasonable expectation of privacy if you use a radio to send signals into public spaces. If you encrypt them, there IS an expectation of privacy, and then google would be liable if they decrypted them. But that is not what happened here. There is no expectation of privacy if you shout data loud enough for everyone within 100m radius to hear it.

I don't like google or use their services. I think they violate privacy in many ways. But what they did here was not wrong, and *this* is not the way to deal with privacy issues. First, punishing Google but not addressing the root of the problem does not stop the next guy from doing the same, and he may not be as honest as google was. Second, it only sets a bad precedent that will come back to haunt all of us eventually when it is used against us.

Re:Make it illegal to spew your broadcasts at me

[140Mandak262Jamuna]

IT is simple political vendetta. Some google VP hosted a fundraiser for the Democratic candidate and the newly elected Republicans are out to send a strong message. Whether or not you agree with Google or not, we need to send a strong message to ask the legislators from engaging in such witch hunts. Lesson learned, Google too will donate money anonymously in the next cycle.

Re:Make it illegal to spew your broadcasts at me

What about the old AMPS cell phones? They weren't encrypted, they blasted signals. They are just up in a band that starting in 1994 the rules/laws made so that consumers could no longer get a scanner in the US that could listen to them. (FCC ET Docket 93-1. Only references I can find to it are a complaint that scanner manufacturer filed in 1993-1994. Here (last page of file) is something that talks more about it as well (PDF file, seems to be related to what congress actually passed in Oct. 1992))
(IANAL and all that, you look and see what it says. Just ramblings of a random person here)

And don't forget that the law still appears to stand, even though there are very few (any?) providers offering AMPS service in the US today. (Feb 2008, Requirement to handle AMPS service dropped) I haven't even had a cell phone since 2005 that supported AMPS(2005 Phone: GSM, Cingular), and the phone before that one was a TDMA/AMPS phone on AT&T Wireless. (Only had 1 stretch of road for a few miles in the middle of nowhere where it would end up on AMPS mode(2002ish). That got fixed around 2002-3 IIRC.)

Expectations of privacy? People have them, even when they don't exist.

Re:Make it illegal to spew your broadcasts at me

[misexistentialist]

"Reasonable expectation of privacy" doesn't really apply because people don't understand the technology. Most of the people using no encryption do in fact expect their communications to be private. I don't think Google's collection was "wrong", especially since it was apparently largely accidental, but a narrow regulation of companies' collection of data might be reasonable. Similarly, people often forget how visible lighted windows make them at night, and while I don't think there should be a sweeping law about looking in, there is some line where peeping should become punishable--well before the point of a company setting up a web-page featuring one's basement sex-life seen from the street.

Re:Make it illegal to spew your broadcasts at me

[ZDRuX]

The OP is not using the correct analogy. When someone is standing on a corner of a street and "yelling" things, I do not have a choice but to hear what he's saying (unless I somehow block all his audio), the WiFi signals on the other hand have to be willfully intercepted and recorded, meaning there was INTENT to collect this data that by all standards was probably "assumed" private by those using their WiFi modems for internet. The law says a "reasonable expectation of privacy" - and I can bet 100% that most of those WiFi users probably thought their passwords are not being collected by the google car driving outside, and I think that'd be reasonable. That's like saying I can walk into your home and walk around because you left the door open, and I can already see the inside of your house and what's in it through a window, so what's the difference on what side of the window I'm on?... Even though your house has see-through windows, you still have a "reasonable" expectation of privacy in it, even if there is none.

Re:Make it illegal to spew your broadcasts at me

[khallow]

IT is simple political vendetta. Some google VP hosted a fundraiser for the Democratic candidate and the newly elected Republicans are out to send a strong message. Whether or not you agree with Google or not, we need to send a strong message to ask the legislators from engaging in such witch hunts. Lesson learned, Google too will donate money anonymously in the next cycle.

The FCC is executive branch. That didn't change hands in the last election and is still controlled by a Democrat president.

Re:Make it illegal to spew your broadcasts at me

[gorzek]

Duh, what? The FCC is part of the executive branch. You know, the part of the government that answers to the President. Apart from that, the people elected on November 2nd don't even take office until next year.

Re:Make it illegal to spew your broadcasts at me

> "Reasonable expectation of privacy" doesn't really apply because people don't understand the technology.

Disagree. I think "reasonable" should mean "reasonable to someone who has at least a layman's understanding", and anyone with that is going to understand that radio waves can be picked up at a distance. It shouldn't mean, "reasonable to the most clueless people it's possible to find".

If we let the most clueless among us dictate public policy, that will lead nowhere good. That's how you end up with all the irrational laws we have on the books today. The better way to cope with this is to educate people, not to dumb society down so that nobody ever has to know anything about anything. That leads to a society ripe for abuse by a tiny few. In the land of the blind, the one eyed man is king. I want to help more people see, not let them muddle along with blinders on.

Re:Make it illegal to spew your broadcasts at me

[bonch]

Actually, federal law prohibits the unauthorized publication or use of messages intercepted over radio networks. Contrary to popular opinion on Slashdot, "wardriving" is illegal for this reason (among others) in many areas. There is a reasonable expectation of privacy, just as you wouldn't consider having an unlocked door to be an invitation for people to stroll into your living room and take pictures of your stuff.

As for claiming that people can't claim ignorance about Wi-Fi technology...what planet are you living on? You seriously think people are aware of how Wi-Fi works and that they didn't simply go down and buy a cheap Linksys router from Wal-mart and hooked it up according to the little brochure of instructions given to them by their ISPs, unaware that they're broadcasting personal information into the streets? You think they equate the mysterious computer network in their homes to television and radio or that they expect it to have enough range to reach out past the walls of their house?

That's where your analogy to "shouting" falls apart. People shouting are intentionally broadcasting information. People with unencrypted networks are not intentionally broadcasting information and are most likely unaware that they are. Just because they don't know they're doing it doesn't make it okay to exploit that fact. That a major corporation is driving vans around doing just that, and that people are defending said company, is simply amazing. If this was Microsoft or Apple, the tone of the comments would be totally different. Microsoft collecting people's emails and passwords would be a huge scandal around here.

I get that this is Slashdot which means defending everything Google does, but they deserve to be punished as a deterrent and to remind them to be that much more careful handling personal information next time, regardless of how they acquire it. Sometimes, it feels as if people excuse Google's behavior simply because Google uses Linux or works on open source projects or puts out an image that it's an "open" company (okay, so where's the source code for the search engine then?) in order to attract the Slashdot-browsing technical crowd.

I mean, we're talking 600 gigabytes of data here, collected over the span of three years. For three years, they didn't notice they were collecting emails and passwords? If their engineers were so neglectful that they incorrectly configured their data scanners, and their database admins didn't notice they were collecting much more data than they were looking for, then Google should be punished for that incompetence alone. They're handling personal information here. How about a little incentive for them to pay attention?

You guys attack other companies for doing much less than what Google gets away with constantly. By "you guys," I mean the contingent of defenders that have begun to sprung up in every one of these articles, automatically getting +5 Insightful, drowning out criticism of Google. This is a company whose CEO said that only people who have something to hide care about privacy. When is the other shoe going to drop? Why is it okay to have Google browsers running Google searches and browsing Google email while chatting via Google Talk and taking calls on Google phones, archiving and indexing all your information for advertisers? But Microsoft and Apple, they're evil monopolies in their markets and must be stopped!

Come on.

Re:Make it illegal to spew your broadcasts at me

The same reason it's illegal for Google or you or anyone else to listen in and record a phone conversation between me and another party. Let me explain. If I use an old unencrypted cordless phone which transmits signals inside and OUTSIDE my house and you drive up near to my house and start listening and recording that unencrypted signal you are guilty of both state and federal wiretap laws. The same applies here. It is a private conversation between me(my computer) and another person(a website). I have every expectation of privacy. Now whether or not you use the network with your computer and you go to a website is a different case altogether. In that cause you a guilty of stealing services. In both cases you are breaking the law. The first is a felony the second is a misdemeanor.

Re:Make it illegal to spew your broadcasts at me

> Why is it okay to have Google .... archiving and indexing all your information for advertisers?

To me, it isn't. That's why I don't give them that information to begin with. I block their servers and scripts and do not use their search engine.

However, that doesn't mean I want to live in a world where clear radio broadcasts in public spaces cannot be listened to. That way lies madness.

Re:Make it illegal to spew your broadcasts at me

[bem]

Even though your house has see-through windows, you still have a "reasonable" expectation of privacy in it, even if there is none.

Actually, you are wrong.

If you dangle your willy in the living room in front of a window, you CAN get prosecuted for indecent exposure -- you have no expectation of privacy while standing in front of a window.

Re:Make it illegal to spew your broadcasts at me

[blair1q]

Why is it illegal

Because you let corporations choose the congress and write the laws.

Re:Make it illegal to spew your broadcasts at me

[tofubeer]

Most (all?) WAps that I know of ship with a very large instruction sheet that tells you to set a password and select encryption. People need to take some responsibility for their (in)actions.

Re:Make it illegal to spew your broadcasts at me

[ortholattice]

Ah, yes, I remember those. Back in the 80s I bought a wide-band scanning receiver that happened to cover the band used by car phones. It came with a separate sheet of paper in the box loudly warning me that I should never tune to that band because it was illegal (citing the appropriate legal codes). Of course you can guess which band I tuned into first.

I was astounded. Most car phone users acted as if they had no clue their calls could be eavesdropped (only once or twice did I hear someone say, "you better be careful with what you say"), and you could even decode the phone numbers from the tone sequences setting up the call. Many of the calls were routine business calls, some of them were like a young guy trying to impress a girl that he was calling from his fancy new Porche (it would work - she'd say, "Really? Oh wow!", and they'd schedule a date), others were things like a guy telling his mistress they couldn't meet that night because something came up with his wife (right after talking to his wife). Since most of the users back then were wealthy or at least well-off, the blackmail opportunities would have been endless for someone so inclined, and I'm surprised it wasn't something that occurred more often.

Later, when early cell phones started using the band, something changed where you could hear only one side of the conversation, so it wasn't nearly as interesting.

Re:Make it illegal to spew your broadcasts at me

It is equivalent to walking into a home when the door is left open and taking stuff. That you can doesn't mean you should - it's not yours. Why is that so hard to understand?

Re:Make it illegal to spew your broadcasts at me

[arkane1234]

unless there are curtains. Oh... sorry, that's a synonym for encryption in this case....

Re:Make it illegal to spew your broadcasts at me

[arkane1234]

you don't use google?
wtf?
are you Dale from King Of The Hill or something?

Re:Make it illegal to spew your broadcasts at me

[houghi]

Right now they're being investigated because they drove down the street with a microphone and recorded all the idiots shouting out their private info to anyone willing to listen ... without special listening equipment!
I understand making it illegal for someone to use a laser mic to listen to my private in home conversations. I expect anything that normally would not be heard outside my home to be private.

So what is the line between special and non-special listening equipment?
You draw the line at special equipment. I draw the line at recording. e.g. you can sit at the table next to me and listen to what I have to say and then tell that later to the press.
Using a recording device (without my consent) would be something I would be against. Yes, also for video.

The recording itself is not the main issue. It is the maintaining of all that data for all times that bothers me.

To me privacy is not about the location. Privacy, for me, is about the person. I would like to be able to expect some form of privacy even in public places. Public places are unavoidable and you can't say that you must avoid them. And why should I give up rights for any company?

Re:Make it illegal to spew your broadcasts at me

[causality]

I get that this is Slashdot which means defending everything Google does, but they deserve to be punished as a deterrent and to remind them to be that much more careful handling personal information next time, regardless of how they acquire it. Sometimes, it feels as if people excuse Google's behavior simply because Google uses Linux or works on open source projects or puts out an image that it's an "open" company (okay, so where's the source code for the search engine then?) in order to attract the Slashdot-browsing technical crowd.

I mean, we're talking 600 gigabytes of data here, collected over the span of three years. For three years, they didn't notice they were collecting emails and passwords? If their engineers were so neglectful that they incorrectly configured their data scanners, and their database admins didn't notice they were collecting much more data than they were looking for, then Google should be punished for that incompetence alone. They're handling personal information here. How about a little incentive for them to pay attention?

I agree. Further, I'd sum this up into one simple principle: if you are incapable of collecting such data competently then you have no business collecting such data. But this works both ways:

As for claiming that people can't claim ignorance about Wi-Fi technology...what planet are you living on? You seriously think people are aware of how Wi-Fi works and that they didn't simply go down and buy a cheap Linksys router from Wal-mart and hooked it up according to the little brochure of instructions given to them by their ISPs, unaware that they're broadcasting personal information into the streets? You think they equate the mysterious computer network in their homes to television and radio or that they expect it to have enough range to reach out past the walls of their house?

That's where your analogy to "shouting" falls apart. People shouting are intentionally broadcasting information. People with unencrypted networks are not intentionally broadcasting information and are most likely unaware that they are. Just because they don't know they're doing it doesn't make it okay to exploit that fact. That a major corporation is driving vans around doing just that, and that people are defending said company, is simply amazing. If this was Microsoft or Apple, the tone of the comments would be totally different. Microsoft collecting people's emails and passwords would be a huge scandal around here.

If you're incapable of running a Wi-fi network competently, then you have no business running such a network. I don't expect anyone to understand how Wi-fi or broadcast radio works ... until they want to run one. At that point they have no excuse for their ignorance. This is particularly true when these are the very most basic facts about Wi-fi. They do not require expertise or specialized knowledge to understand. A few minutes reading a FAQ (freely accessible) would do the trick. If they can't be bothered with that, then they assume the risk. Using what you don't understand is risky behavior and it's reasonable to expect adults to understand that.

I defend neither Google nor the ignorant masses who run open Wi-fi networks without understanding what that means. Both are negligent. Neither is OK.

Believe it or not the most compassionate thing you can do with this kind of ignorance is to throw them under the bus. Let them face the full consequences of their negligence. Particularly for the end-users who insist on owning and operating what they do not understand, do not coddle them with laws intended to protect them from the results of their decisions. That's the very worst thing you can do to adults, though it (falsely) looks so nice and kind-hearted. That kind of phony "compassion" only encourages people to be helpless and irresponsible. That doesn't serve them; it's a tremendous disservice.

Re:Make it illegal to spew your broadcasts at me

[shentino]

It's "illegal" because governments can abuse this to backdoor civil rights and scoop up information without getting a warrant against the person it was collected against.

And those governments are drooling over the prospect of getting their hands on the data.

Re:Make it illegal to spew your broadcasts at me

[BitZtream]

Actually, federal law prohibits t

The spirit of the law here is to protect peoples privacy, which is not the case when you broadcast the data into the street. Just saying 'but the law says so' doesn't mean shit to me honestly, how the law is interpreted in court is what actually matters, whats written is less important (for bad or good), and most certainly what some random slashdotter whos grumpy because Google exists means very little to anyone.

As for claiming that people can't claim ignorance about Wi-Fi technology

I really don't care that people are in general completely ignorant of the way the world works, I don't care that it hurts them when it does. I don't care when some idiot shoots himself with a loaded gun because he was screwing around and thought it was empty. I don't care that ignorant people get hurt for their own ignorance so you're going to have to try something else there.

People with unencrypted networks are not intentionally

And thats where your argument falls apart. People with wireless networks ARE broadcasting intentionally. Thats the way wireless works, you can't just say its not true and suddenly it becomes not true. WiFi requires broadcasting information, thats simply the way it works. Again, ignorance is no excuse, certainly not one thats acceptable in court. If it was Apple, Microsoft, or Redhat, my response would be the same.

You're spewing data into the public airwaves in every direction. Your ignorance does not make me wrong for listening it. If you had half a clue you'd know that every wifi card out there on the same channel that can get a signal from your wifi WAP is doing the same thing right now! It is in fact, just one of those 'how radios work' things. The only difference is google didn't throw it out as early as it normally would have. Its not like google used special evesdropping equipment here to listen to a signal that normally would only be useful INSIDE your home. There were using basically off the shelf equipment at normal settings DRIVING DOWN THE STREET AT 25-45 MPH meaning they were only near a home for a second or two in range. Thats a really shitty way to collect enough packets to reassembly the data into something meaningful.

I get that this is Slashdot which means defending everything Google does, but they deserve to be punished as a deterrent

You're an idiot, and I pray to god you don't have children.

You don't punish JUST because they did wrong. You punish to make a point, that its either unacceptable to do it or that there are consequences. They didn't ACTUALLY do anything WRONG here. There is no point to be made. You just want to hurt them because you're upset at Google for whatever reason.

I can collect 600GB of unencrypted data in probably 2 weeks in my own home, its not a lot anymore. Doing it over 3 years, across the nation ... if they were logging intentionally they must of had some pretty strict filters to limit what they logged ... or they weren't trying very hard ... OR THEY WERE ONLY IN RANGE FOR A SECOND OR TWO SO IT WAS WORTHLESS DATA.

Slashdot doesn't 'defend google'. Slashdot in general points out how retarded most Google attackers are since to date, Google really hasn't done anything to make me not trust them. Yes, they learn everything about me they can so they can target text based ads at me. The alternative is sites could be throwing flash based tampon ads at me instead, I'll take Google's alternative. I use specific email addresses for just about every company I deal with. Dell, MS, Yahoo, hell, even my fucking bank have sold these email addresses to others after which I've been spammed. None of the email addresses for Google have been spammed. That alone means I cut them some slack. Google isn't selling your information, th

Re:Make it illegal to spew your broadcasts at me

[BitZtream]

There is a legal definition for just this sort of thing, which stems from the constitution.

Privacy is about reasonable expectation. If you can (or the general public, not you specifically cause you may be a nutjob :) generally expect privacy and someone does something extra to break your privacy, then they did wrong.

If someone standing on the street just doing his own thing without any special equipment can get your information, it is not private.

Again, there are real legal definitions for this, so you don't have to take my word for it, and I'm pretty sure your line is a lot different than the legal one.

Re:Why? WHY???

[MozeeToby]

There has been speculation that the software that they were using collects this data by default or that it is an setting that is easy to turn on without realizing it. I really don't get it, this is like complaining that the guy with his finger on the nuclear launch button brought a butter knife to work. For what possible reason would Google collect this information on purpose? The payoff is zilch, and the risk of backlash is huge. Everything points to this just being a stupid accident.

Re:Why? WHY???

[causality]

Why would they even REMOTELY think this was a good idea? What's the point of Google collecting this kind of information

I think they proceed from the philosophy of "it's easier to ask for forgiveness than permission". They are, after all, a corporation and therefore unlikely to suffer any penalty worse than a slap on the wrist. Individuals who might face real jail time tend to think it's easier to ask for permission than for forgiveness.

Re:Why? WHY???

[Stuntmonkey]

The point of collecting information on wifi hotspots is to do more accurate geospatial targeting. Mapping IPs to lat/long is very coarse, since it maps to your ISP. With a database of wifi hotspot locations you can do much better. And given that they're driving around anyway to take street view photos, it doesn't cost Google anything to collect this data.

Now about recording the text information traversing unprotected hotspots -- which is the part of this that has people concerned -- that apparently was unintended. The explanation given by Google is that they were using some open source library that by default logged this information. Honestly I don't see that it would do them much good to do random packet sniffing like this, so I personally can't see a nefarious motive here although I do know we have some paranoid people in our midst.

Pick a different target

[sdo1]

There's *actual* crime happening every minute of every day online and this is the target the FCC is wasting its time and resources on?

Come on. Google effed up. They admitted they effed up. There's absolutely no evidence that Google did anything or was planning to do anything with this data and all available evidence points to a mistake rather than anything "evil". And besides, if you don't want your data sniffed, THEN ENCRYPT YOUR STUPID WI-FI CONNECTION!

Please FCC... we pay your salaries. Go after some actual fraud attempts rather than wasting your time (and my tax dollars) on this.

-S

Re:Pick a different target

They're investigating google because the O-man told them too. If you remember a few days ago a bunch loud mouth right wingers were shouting about how they bought a bunch of congress critters ( as way to draw the light from their dirty dealings). There for something must be done, to make the dems look impartial. Throw another investigation google's way, and maybe squeeze them for a agreed upon "small" fine, as it would be in both their interest to make it look like they're not really buy off the current administration.

Re:Why? WHY???

[Hatta]

They didn't think about it at all. They just wanted SSIDs and MACs and the payload data came along for the ride. They obviously didn't think it would be a problem, and why would they? Everything they collected was transmitted in the clear on unregulated spectrum.

Who is keeping this story going??

[Trufagus]

In the spring Google said that they had collected a vast number of random 200ms snippets of encrypted data. Obviously this will include passwords, e-mail addresses, band account numbers, and anything else you can think of. Google tried not to talk about that aspect of it, but they didn't deny it - how could they. So how is it a revelation that, last month, they were forced to make an official statement of the obvious?

I feel like I've been reading stories about this incident every week since it was first revealed last spring. Most of the ones in the mainstream press are confused (Wi-Fi data collecting versus StreetView) and totally paranoid (in the Google is reading your thoughts vein), and very repetitive.

So who is keeping this going? Is it Google's competitor's? Or is the law firms that are pursuing the extortion lawsuits? There are legitimate issues here, and legitimate law suits, but these endless ridiculous stories are not helping. They are just part of some P.R. battle.

Re:Who is keeping this story going??

[Nerdfest]

If I were conspiracy minded, which I'm not, but that's what _they_ want you to think, I would consider that the FCC seems to be a little too close to the cell phone companies, whose territory Google are encroaching on.

Re:Who is keeping this story going??

[Gadget_Guy]

What I want to know is why the regulatory bodies of so many countries want to launch their own investigations into this. When has anything been discovered by these investigations that wasn't originally disclosed by Google? It was Google itself that announced to the world that this was going on, although only after Germany asked them about what they recorded. But it seems the only way to safeguard the privacy of the general public is for these government agencies to pick through the data, rather than just deleting it without looking.

Every time I hear of another country investigating Google about this, I am reminded of The Simpsons:

Lionel Hutz: How could you have seen all this, Bart? Weren't you supposed to be in school?
Bart: I sort of skipped school.
Principal Skinner: I knew it! I knew you'd slip up sooner or later, Simpson!
Apu: What slip up? What are you talking about? He confessed it!
Principal Skinner: Quiet, I need this.

Source: Episode 1F19, The Boy Who Knew Too Much

Re:Who is keeping this story going??

In the spring Google said that they had collected a vast number of random 200ms snippets of encrypted data. Obviously this will include passwords, e-mail addresses, band account numbers, and anything else you can think of.

If the data was encrypted, then it would not contain that information. By definition, the payload data would not be decipherable. The "problem" was that many people don't enable encryption and now they are up in arms "WTF? WTF?" because they were too retarded to read the manual for their WiFi router.

Re:Why? WHY???

[chris234]

Having played around with various wardriving tools, it seems to me it would be really hard to accidentally capture packet payloads.

Re:Why? WHY???

The software they used was had a log of the traffic data. They did not know about it, they didn't plan to collect it. And the moment they found out about it they told everyone. If they had just silently deleted it no one would have known. But Google felt it was best to be open about their mistake.

Your last point is highly debatable. Google only went public with this after the German government demanded to audit the data even though Google assured them that no private information was being collected.

From http://lastwatchdog.com/googles-wifi-data-harvest-draws-widening-probes/ (this was covered many places in European press)

In April, Google admitted to German privacy regulators that vehicles specially-equipped to systematically shoot photos of street scenes for Google Maps also carried gear to collect data moving across unencrypted wireless networks situated inside homes and businesses. The company insisted at the time that only basic Wi-Fi location data was being collected. But after Germany requested an audit, Google subsequently disclosed that it had mistakenly collected personal data, as well.

Re:Why? WHY???

[Andy+Dodd]

I wish I had mod points right now... If you've used a Google product that told you your location without GPS or a cellular signal, you have benefited from their Wi-Fi data collection.

However, I can't condone collecting "payload" data - only MAC and SSID.

Re:Why? WHY???

[jav1231]

Duh! It's Street View! You'd think they'd KNOW where they are! :) In all seriousness, they should have used GPS and this would have been a non-issue. Sad thing is, this kind of thing gets people in criminal court but will likely get Google a mere fine.

Google has pledged to work with the FCC...

[digitaldc]

And look, now we have GoogleTV!

This is an attempted smear on Obama by righties

[garyisabusyguy]

Read their justification here:
http://www.nlpc.org/stories/2010/11/10/congress-must-investigate-google-obama-ties ...urging a thorough investigation of both Google Street View and the FTC’s recent conduct during its investigation of the program. Click here for a 6-page pdf of the letter that includes additional background on Google’s extensive and close lobbying connections with the Obama Administration.

Who is the National Legal and Policy Center?
http://en.wikipedia.org/wiki/National_Legal_and_Policy_Center
The National Legal and Policy Center (NLPC) is a right-leaning 501(c)(3) non-profit group that monitors and reports on the ethics of public officials, supporters of liberal causes, and labor unions in the United States.

Just wait until Rush and Faux start spinning this, this will take on a life of its own

Re:Why? WHY???

[dzfoo]

Except that Skyhook does not send a vehicle through your neighborhood to collect the information, unrequired; they calculate it and store it as part of the location-detection service that the user initiated.

So, if I access Google and request location information, then it's fine for them to catalog my MAC address and Wi-Fi network information in order to properly and accurately provide the service. However, if I don't use Google, I do not want them cataloging my network information, uninvited.

        -dZ.

Re:Why? WHY???

[Fractal+Dice]

Total information awareness?

Re:Why? WHY???

[cdrguru]

Just MAC and SSID? Well, you might be interested in the fact that the MAC is pretty much a vendor-specific ID, meaning that in most cases you can correlate the MAC to a vendor and model. What this means is that by collecting MAC addresses you can build a database of router vendors and models.

Manufacturers and retailers will then beat a path to your door to buy that database for marketing purposes. That is the true value of collecting that information.

Absolutely Google sells data like this and makes plenty from it.

Re:Why? WHY???

You need to examine Skyhook's web-site more closely...

http://www.skyhookwireless.com/howitworks/coverage.php/

"To develop this database, Skyhook has deployed drivers to survey every single street, highway, and alley in tens of thousands of cities and towns worldwide, scanning for Wi-Fi access points and cell towers plotting their precise geographic locations."

Re:Why? WHY???

Hey, you have something to hide?

But it's funny how governments are all up in arms over this. Maybe they don't want people to know that clear, unencrypted WiFi connection is easily recorded? I can't even remotely think they are for privacy - the naked x-ray body scanners, intimidation and downright sexual assaults happening at the airports clearly show that government doesn't give a shit about privacy.

Re:Why? WHY???

[dzfoo]

I stand corrected. They both are eh-veel!

      -dZ.

Google responce to governmental inquiries:

[VortexCortex]

Mission Complete, Sirs!

Here's the data you requested. [Publicly hands over captured WiFi data.]

It's been a pleasure doing business with you.
We're looking forward to completing many successful missions for you in the future.

Re:Why? WHY???

[Altus]

But what harm is there in that really. So manufacturers can better target their advertising to places where they think they can gain market share. That's really not a problem where I sit.

Re:Why? WHY???

[bonch]

I have a real problem with a technically-minded company like Google "accidentally" logging that kind of information. Even if it was an accident, they need to be punished for that through fines or something (as other companies have been punished for their privacy breaches), and the FTC's ending of its inquiry solely based on Google's promise to do better next time was bullshit.

You have to hold companies with this much power and information accountable. Basically, you have to keep them in line and remind them to be on their toes at all times.

Re:Why? WHY???

[bonch]

They didn't think about it at all.

That's a big problem for Google, then. They need to start thinking about this shit.

Everything they collected was transmitted in the clear on unregulated spectrum.

Actually, the Communications Act prohibits the use of public radio waves in that way.

More a fig leaf

[ThatsNotPudding]

than a real investigation, given the most-favored-fundraiser status of the Google upper echelon wrt Democrats. Don't get me wrong; other than pitching a fit about the party opposite getting more cash, the GOP obviously doesn't give a care about corporations spying on US citizens either.

Re:Why? WHY???

[TheEyes]

They didn't do it on purpose.

"Quite simply, it was a mistake. In 2006 an engineer working on an experimental WiFi project wrote a piece of code that sampled all categories of publicly broadcast WiFi data. A year later, when our mobile team started a project to collect basic WiFi network data like SSID information and MAC addresses using Google’s Street View cars, they included that code in their software—although the project leaders did not want, and had no intention of using, payload data. "

In other words, they did what every other software engineer does: they reused old code to get a job done. This time the code happened to have a bug in it, or rather an unintended consequence, that collected snippets of people's personal information as the vans drove by people's unencrypted wifi connections, which they've since publicly admitted and gone on to delete, or at least they would have deleted it except now they can't because all the lawyers have gotten involved and want to extract money/publicity to themselves by suing Google.

The whole thing is a giant tempest in a teapot. Even worse, it's a major distraction from real, more important, privacy issues.

Re:Why? WHY???

[russotto]

Actually, the Communications Act prohibits the use of public radio waves in that way.

Got a cite for that?

Re:Why? WHY???

[kalirion]

Who wants to bet that when you use Google Checkout, all your payment information gets accidentally logged as plaintext somewhere as well?

Re:Why? WHY???

There's no reason to think they thought it was a good idea. The explanation they've given, which also happens to be the most plausible explanation, is that it happened due to being the sniffer's default setting.

If you're going to ask that question, you might as well also ask why did the broadcasters think that broadcasting this was a good idea? What's the point in giving your IMAP login name and password to your neighbors and anyone who happens to drive by? If that's your plan, why have a password at all?

My question sounds like a really stupid question (and it is! I'll admit that!), but it's no stupider than asking why some guy driving a van had kismet on its default settings. It all boils down to people not thinking about all the possible consequences of everything they do.

Re:Why? WHY???

[_Sprocket_]

In all seriousness, they should have used GPS and this would have been a non-issue.

They're not trying to figure out where THEY are. They're collecting data so when I (since I do have an Android device) walk along that same street, my device has another data source to figure out where I am. Google's Streetview vans are zipping along making snapshots. They're also wardriving; recording what WAPs they find and where (via GPS and triangulation). With that data, my device can do some triangulation on several WAP signals and get a pretty decent idea where I am as well.

Re:Why? WHY???

[_Sprocket_]

So... wardriving is evil?

Re:Why? WHY???

[SleazyRidr]

I'd wager a guess that the Communications Act is his cite.

Re:Why? WHY???

[russotto]

The Communications Act is a rather large body of law; a more specific citation is necessary.

Re:Why? WHY???

[_Sprocket_]

Having played with Kismet (which is what Google is using), it seems to me that it's really easy to accidentally capture packet payloads. Kismet will dump payloads in to handy pcaps by default.

Wardriving generally sucks for data capture. It's good for surveying (its interesting to see the proliferation of WAPs and secured APs at that... and some people choose really amusing SSIDs). But driving around alters signal strength which means losing packets. You're also channel hopping which means losing packets. If you really want to log people's data, you wardrive first to identify targets then come back and listen to just that (or a very small subset) of targets.

Re:Why? WHY???

[icebike]

Why would they even REMOTELY think this was a good idea? What's the point of Google collecting this kind of information

Have you been asleep for the last 6 months?

It was an error, they didn't even know they were collecting it and never used it for anything. They simply filtered out the beacon data to locate wifi hot-spots. None of these wifi hot-spots were encrypted

Google themselves reported this when they discovered they were collecting way more data than they wanted. But even Google didn't look into the data and see what was there.

Governments demanded the data, and THEY began sifting it and gathering email addresses. Now WHO violate the laws? Seems to me the government busybodies sifting thru the data that google never even looked at are the guilty ones.

How in gods name can you be so unaware of the details of this incident after all this time?

Re:Why? WHY???

[icebike]

Why is that eh-veel?

Did you somehow thing your unencrypted wifi signal was private?

You DO understand its a radio don't you?

 

Re:Why? WHY???

[icebike]

Yes that is exactly what they are telling you.

They used common off the shelf linux utilities to collect this information. The collected beacon information, wrote it to disk with the current location information.

Rather than a "database" it was a simple flat file of location plus beacon data.

Someone forgot to filter it so that only beacon packets were written.

So in the 5-10 seconds the car was within range of an unencrypted wifi some other data might have been geo-tagged and written.

Don't try to make more of it that it was. It was not a relational database. Its no where near that sophisticated. And google was unaware that they were even collecting the information till they noticed their disk were filling faster than they should. Since all they wanted was Beacon packets they never even looked at the rest.

And guess who reported this to government: Thats right, Google.

No one goes to jail for a harmless mistake.

The only way this data gets sold is when the governments that demanded it for their witch-hunt release it under freedom of information requests.

Now run along and go turn your wireless encryption on and put your tinfoil hat back in the closet.

Re:Why? WHY???

[Hatta]

Actually, the Communications Act prohibits the use of public radio waves in that way.

Which section? It's a long bit of legislation, which I'm not inclined to pore over at the moment. Since you already know, could you quote the relevant bit for us? Thanks.

Re:Why? WHY???

[icebike]

No that is wrong. The time line in that story is completely backward (something you would expect from that site).

Google didn't even know what was in the data because they didn't make use of it. Further, they reported that they were collecting beacon data well in advance. The germans only demanded it once google put out its notification to governments that they had accidentally collected other data.

Re:

WiFi sniffing may be legal where you live but Google definitely sniffed WiFi in places where it is strictly illegal. For example, running open WiFi is strictly illegal in Finland. In the UK, use of WiFi is strictly illegal unless you are the "intended recipient" of the data under the Regulation Of Investigatory Powers Act 2000, Section 1(3): http://www.legislation.gov.uk/ukpga/2000/23/section/1

Section 1(6)(b) would allow a WiFi router to be used as a navigational beacon by end-users if the owner of the WiFi router has given "express or implied consent". However, you cannot consent to something if you don't know it exists.

Re:Why? WHY???

[KingMotley]

It was probably easier to record the WiFi and store it as it is than try and outfit all 50,000 vehicles with enough computing power to be able to actually analyze the signal and pull out the MACs and SSIDs. More like it was just recorded on a tape and brought back to a computer center where the tape was then analyzed in a central location.

Re:Why? WHY???

No that is wrong. The time line in that story is completely backward (something you would expect from that site).

Google didn't even know what was in the data because they didn't make use of it. Further, they reported that they were collecting beacon data well in advance. The germans only demanded it once google put out its notification to governments that they had accidentally collected other data.

Citation needed.

Here BBC News is confirming timeline from quote above:

"Google has been the subject of scrutiny from data protection agencies around the world, following news that software in its Street View cars collected personal information.

This was revealed following a request from the German data commissioner to audit all the data being collected by Street View cars "

http://www.bbc.co.uk/news/technology-11684952

Re:Why? WHY???

[Stuntmonkey]

Even if it was an accident, they need to be punished for that through fines or something (as other companies have been punished for their privacy breaches)

That's fair enough, although in practice the PR impact of this has hurt Google far more than any fine the government could possibly impose. I'll wager the folks there are taking this very seriously, and that potential fines from regulators have nothing to do with it.

Re:Why? WHY???

[QuantumLeaper]

All evil is fun.

Re:Why? WHY???

No, we don't.

Re:Why? WHY???

[jav1231]

GPS would give them the same data, though. It's just a matter of being able to use WiFi instead of or to augment GPS data. In short, they had a solution, thought it'd be cool to use another, now are in hot water. It's a moot point. The worse that can happen is that they be forced to dump the data and not use it and be fined. The second worse is to just be fined and somehow sanitize the data and convince the government it's kosher, the least is that they are scolded for doing it and nothing happens. Ultimately, nothing will happen to them of any real consequence anyway.

Try eavesdropping on some cordless phones

from in front of their driveway and see how fast you get thrown in jail.

Wifi is no different.

wardriving is illegal?

[YouWantFriesWithThat]

every use of the term wardriving that i have ever heard was focused on logging the location and type of wireless networks that are being broadcast. what google did involved capture of packets, which is more than just logging the location of a wireless network and calling it wardriving is too over-broad.

Re:Why? WHY???

[_Sprocket_]

GPS would give them the same data, though. It's just a matter of being able to use WiFi instead of or to augment GPS data. In short, they had a solution, thought it'd be cool to use another, now are in hot water.

Ya know - now that I look at what you wrote, I noticed the emoticon. Humor; ar ar. And so here I am being all serious and unintentionally trolled. Unfortunately, it seems that all kidding aside, there are way too many people who are fearful due to a lack of understanding of the topic(s).

I think you're right; for Google all this is a moot point. But for the rest of us, I think there's a good opportunity to educate the public (and ourselves) on the issues involved. We do that with the full understanding that education always has limited effect and not everyone will benefit.

Re:Why? WHY???

[wkcole]

GPS would give them the same data, though. It's just a matter of being able to use WiFi instead of or to augment GPS data. In short, they had a solution, thought it'd be cool to use another, now are in hot water.

You are misunderstanding the point of collecting the MAC/SSID info. It isn't for their StreetView vehicles to get a location instead of using GPS, it is to build a database that can be used as the basis of a geolocation service that will work for devices without GPS but with Wifi. They've discussed that as the reason for the data collection and they have that service working. It is a highly useful standard part of Android, referred to as "coarse location" and it works with an Android phone's GPS radio off or in a building where it can't get a GPS fix. They also have a demo site that is usable by a desktop machine with one of the right browsers. Google is the second operator of such a service; the first was SkyHook, which was used by the early iPhones that lacked GPS. I can see 3-6 Wifi signals (all secured) other than my own from my desk in my home, and both Google and SkyHook map my desktop as being about 50' east of where it actually is, as the center of a 30 meter circle of uncertainty.

Google is very unlikely to be in "hot water" in any significant way for this, at least in the US. The FTC has already completed an investigation and cleared them of violating our virtually non-existent privacy laws. Why anyone at the FCC thinks they might have something actionable here is mystifying, since there is settled law protecting even intentional receiving of unencrypted radio transmissions. Google was slurping up everything they could recognize as Wifi signal, and a fair chunk of that turned out to be unencrypted.

Re:Why? WHY???

[wkcole]

It was probably easier to record the WiFi and store it as it is than try and outfit all 50,000 vehicles with enough computing power to be able to actually analyze the signal and pull out the MACs and SSIDs. More like it was just recorded on a tape and brought back to a computer center where the tape was then analyzed in a central location.

Tape is quaint.

But, Yes. Anyone with a scientific mindset knows that when you are in a position to collect data is NOT the time to refrain from collecting data. Even if you are 99% certain that you will never want 99% of what you can collect: when you are able to collect the data, collect everything you can. If you are Google, you buy disks by the truckload and you have hired a bunch of people who recently spent what should have been the best years of their lives in labs. They know that you store all the data when you can, and analyze it later. They know that a year after the wifi geolocation project is done, someone will wish they had some other information that can be teased out of a couple of seconds of raw wifi capture from a bazillion locations.

Re:Why? WHY???

[wkcole]

I have a real problem with a technically-minded company like Google "accidentally" logging that kind of information. Even if it was an accident, they need to be punished for that through fines or something

Based on what? Your feelings?

There is very little codified legal privacy protection in the US. The FTC can't invent new law out of thin air and your "problem" with Google. In this specific case, it is hard to argue rationally that Google did anything wrong. They captured unencrypted radio signals using an open standard encoding. The idiot "victims" might as well have been posting all of the captured secrets to a foot-high scrolling LED ticker on the front of their homes. The only meaningful difference is the wavelength of the EM radiation...

(as other companies have been punished for their privacy breaches)

Cite, please. What company has been punished by the FTC for a privacy issue? A finger-wagging and agreement to sin no more doesn't count. That's what Google got.

You have to hold companies with this much power and information accountable. Basically, you have to keep them in line and remind them to be on their toes at all times.

I don't disagree, but that's a call for the passage of laws that currently DO NOT EXIST in the US. A corporation can't keep "in line" without a definition of a line. Capturing unencrypted radio signals in inside the line as it stands.

-- You risk your karma if you criticize Google, piracy, or liberalism on Slashdot.

The irony is hilarious.

Re:Why? WHY???

[jav1231]

"Google was slurping up everything they could ."

Heh..they suck.