Google Declines To Turn Over Harvested Wi-Fi Data

An anonymous reader writes "Google declined to submit data collected as part of the 'Spy-Fi' flap, and Connecticut Attorney General Richard Blumenthal is now promising further action: '"I certainly will be pressing for continued involvement at the federal level in coordination with the states," Blumenthal told Politico Monday, just days after promising to explore "additional enforcement actions" if Google does not share the data soon. Asked to describe what those federal efforts might include, the outgoing attorney general said, "There's a range of potential opportunities for oversight and scrutiny by a member of the US Congress – including letters, meetings, hearings, and potentially even legislation." For its part, Google has tried to defuse the issue by offering to delete the data. The company reaffirmed that position in a Friday statement, promising to work with Blumenthal in the coming weeks, but declined to comment further on Monday.'"

Should have deleted it from the start

[alvinrod]

Google should have deleted the data before they even publicly announced that they had accidentally collected it. Would have made the matter a whole lot simpler and would have left less room for political grandstanding.

Re:Should have deleted it from the start

[kanto]

Google should have deleted the data before they even publicly announced that they had accidentally collected it. Would have made the matter a whole lot simpler and would have left less room for political grandstanding.

It'll probably end up on wikileaks once a government body gets it's paws on it; safer to chuck those discs in the microwave.

Re:Should have deleted it from the start

[Kjella]

Meh, this is turning out to a textbook example of why companies don't do the right thing. Right now I bet Google wish they'd deleted the data, buried the case, burned the records and none of those involved were ever heard from ever again.... ok maybe not the last part, but seriously? When you know the result of admitting jaywalking is to be take out back and put before an execution squad, you're not going to find many turning themselves in.

Re:Should have deleted it from the start

[beakerMeep]

Destroying evidence while being investigated by the FCC/FTC is usually frowned upon. But I'm glad they are declining to hand it over for what you aptly called grandstanding. Honestly I think Google has handled it the best they can given the situation. Seeing politicians exploit the situation is beginning to irk me too though.

Re:Should have deleted it from the start

Don't Bogart that data, my Friends.. Pass it ooovir to me.

Re:Should have deleted it from the start

[Dan+East]

Google should have the right to do anything they want with this data. If it is unencrypted and transmitted over open airwaves (AKA no WPA or even WEP for that matter) then that's not Google's fault. If it were encrypted then that might be a different matter, but I am still of the opinion that anyone has the right to receive RF communication as long as they do not trespass, etc, to do so.

Re:Should have deleted it from the start

[hairyfeet]

Well the whole thing just seems like an ever climbing level of stupid. First Google collects data that while not illegal certainly wouldn't look good for the company: Dumb. Then they announce it to the world: Extra Dumb The governments demand to see the data...why? Just to see if there are any juicy bits? :Really Dumb, and now Google refuses to hand any of it over rather than just redact the names and let them have the boring bits: Extra Super dumb.

If there is any lesson here it is that Google should have kept its big mouth shut and just file 13'd the data. They didn't need it, hell they have enough data on everyone with search and email to make Hoover blush, so why keep it and blab about it to the world? The whole thing just makes no bloody sense.

Re:Should have deleted it from the start

[icebike]

It'll probably end up on wikileaks once a government body gets it's paws on it; safer to chuck those discs in the microwave.

Exactly.

I'm rooting for Google to stand fast. What possible use would the government have for these account names and passwords.

When the government can prove that they can hold onto their own secret data then maybe they can be entrusted with this. (NAH, what was I thinking!?)

If it is released to the government, (AND Government) it will be leaked.

Re:Should have deleted it from the start

[icebike]

Destroying evidence while being investigated by the FCC/FTC is usually frowned upon.

It wasn't evidence till they admitted having it and everybody started demanding it. The GP was right, they should have destroyed it first, then fessed up that they had un-permitted data (which still has not been proven in a court of law) and that they did the right thing by destroying it.

Re:Should have deleted it from the start

[MobileTatsu-NJG]

Google should have deleted the data before they even publicly announced that they had accidentally collected it.

Oh give them a break, they probably just hit 'archive' without even really thinking about it.

Re:Should have deleted it from the start

I don't think Google really minds an investigation about this incident, or the government even investigating the data. I think they just don't like the way the government is demanding to investigate the data.

Google did the right thing when they told the world about it. We deserve to know. And if they had not told us about this and we somehow found out, we'd be asking why they kept silent and what conspiracy this is related to.
The government wanting to investigate the incident and view the data as part of the investigation, I can understand. But a prosecutor who wants to thicken his resume demanding to be given the data, I have a problem with. It's obvious the guy just hopes he'll find juicy stuff and people to prosecute, which will look good for him. He normally would need a warrant (and thus, probably cause) to get people's e-mails but in this case he's using this incident as an excuse to bypass the warrant part. I'm willing to believe Google wants to protect our privacy considering that they admitted on their own good will that the incident happened in the first place.

Re:Should have deleted it from the start

[qubezz]

Oh noes! Google might have recorded an unencrypted packet or two of someone checking gmail while they were driving through a neighborhood! They are clearly guilty of receiving and recording electromagnetic signals IN A FREQUENCY THAT IS PUBLIC AND UNLICENSED, by devices that were advertising their SSID and transmitting unencrypted data. Guilty of doing something completely legal and completely trivial.

I trust Google with my personal contacts and emails, documents, schedule, voice mail, etc. I do not trust and never authorized the State of Connecticut to have access to any data of mine, and neither should you. Go away extortionist attorney general.

Re:Should have deleted it from the start

[whoever57]

They are clearly guilty of receiving and recording electromagnetic signals IN A FREQUENCY THAT IS PUBLIC AND UNLICENSED, by devices that were advertising their SSID and transmitting unencrypted data

I think that there is a good case that privacy concepts need to be re-thought in the light of what is possible now through data-mining. Today, private information can be derived from amassing and relating lots of disparate public information. This is an issue that is not simply dispatched by pointing out that the source information was public. I think that we need new concepts of privacy.

Re:Should have deleted it from the start

They wanted the data moron. That's why they collected it. Every wireless network in the US? Who wouldn't pay for that? Terrorists. Governments. The list is endless.

Re:Should have deleted it from the start

[drinkypoo]

Forget leaks, there is only one reason the Government could want a bunch of our passwords and it has nothing whatsoever to do with Google.

Re:Should have deleted it from the start

[Skater]

Destroying evidence while being investigated by the FCC/FTC is usually frowned upon.

It wasn't evidence till they admitted having it and everybody started demanding it. The GP was right, they should have destroyed it first, then fessed up that they had un-permitted data (which still has not been proven in a court of law) and that they did the right thing by destroying it.

Except then half of Slashdot would be going off about how Google is evil and their proof would be that Google deleted the data before anyone could look at it.

Re:Should have deleted it from the start

[bemenaker]

I agree with you, I don't see what the big deal is. If you are broadcasting your wifi unencrypted, then you have no right to bitch if something get recorded.

Re:Should have deleted it from the start

"Destroying evidence while being investigated by the FCC/FTC is usually frowned upon."

Unless it's torture tapes.

Re:Should have deleted it from the start

[kiwimate]

Oh come on. Put away the conspiracy theories.

“We’re not asking for names or addresses. We want to see the nature of the data they have,” he added. “Their claim is that none of it was obtained illegally anyway, so it kind of contradicts their underlying contention they’ve done nothing legally wrong.”

And, by the way, also from the story:

The company has since settled with many concerned regulators, sharing the data with Germany, France and Spain

I have not followed the story, so perhaps someone else can explain why Google would share the data with three other countries but not the U.S. (Not wild conspiracy theories, either - I mean Google's rationale or explanation.)

Re:Should have deleted it from the start

[AltairDusk]

Well the whole thing just seems like an ever climbing level of stupid. First Google collects data that while not illegal certainly wouldn't look good for the company: Dumb. Then they announce it to the world: Extra Dumb The governments demand to see the data...why? Just to see if there are any juicy bits? :Really Dumb, and now Google refuses to hand any of it over rather than just redact the names and let them have the boring bits: Extra Super dumb.

First Google accidentally collected the data, they didn't do it on purpose. Then after realizing they had collected it they decided to come forward and do the right thing rather than doing what most corporations would have done and covering it up. Then instead of governments realizing "hey they screwed up and they've admitted it, we want to encourage this kind of behavior rather than cover-ups" all of the governments involved have done a fine job making the cover-up look like the smart choice over doing what's right.

Re:Should have deleted it from the start

[GameboyRMH]

I agree, if they collected it by accident, they should have just wiped it, problem solved, done and done. Publicly admitting what they did doesn't help anyone. If they wanted to secretly gather wifi data they could do it, and there wouldn't be much we could do about it (beyond minding what plaintext traffic you run over unsecured wifi connections).

And what good could the government possibly want this information for?

Re:Should have deleted it from the start

[AltairDusk]

While I agree I also think there needs to be some clear indication that privacy is desired. Encrypted WiFi, however weak the encryption may be, clearly signals a desire for privacy and the argument can convincingly be made that anyone cracking the encryption is willfully violating privacy. Unencrypted WiFi should carry the same expectation of privacy as talking over a clear channel on a CB radio, the concept is actually quite similar.

What really should have happened here is that the government should have asked Google "Ok, you screwed up, now what are you going to do about it? How about you fund a campaign to educate the public on privacy matters and the importance of encrypting their WiFi?" That would have been a better solution for everyone involved. The government still gets to look like they stepped in and took care of the issue. Google still pays for the mistake, while helping people in the process. The public gets to use this incident and all of the publicity surrounding it as a lesson and many more people will encrypt their wireless networks or clamor to their ISPs to provide their wireless routers with encryption already set up. Very large missed opportunity here.

Re:Should have deleted it from the start

[Degrees]

Revision 9 of the Federal Rules of Civil Procedure state that if a party has reason to believe that evidence may be subpoenaed, the party must keep the data (or face sanction). It's a lose-lose situation either way, and this way Google doesn't look like a place that is trying to hide a crime.

I have also learned that there is something called "in camera" which means that during a trial, you can show your data to the judge in person (he can view it with his eyes) and then make a decision whether the data should become a part of the official record. So evidence can make a difference in a trial but still be kept private.

Re:Should have deleted it from the start

[tcr]

I wouldn't say they didn't need the data...
SSIDs are geopoints are required if you're going to put together your own aGPS service as an alternative to SkyHook.

Re:Should have deleted it from the start

[cayenne8]

"I have not followed the story, so perhaps someone else can explain why Google would share the data with three other countries but not the U.S. (Not wild conspiracy theories, either - I mean Google's rationale or explanation.)"

I believe this is likely due to Germany, and the other countries in the EU, having specific privacy laws that may have been breached during the Google drive thru.

The US, to the best of my knowledge has no such privacy laws on any state or federal level.

Therefore, I'm guessing that Google figures they've broken no existing laws, so, WTF should they honor any requests? If there is no law broken, and there is no ongoing investigation into a crime that this data might provide evidence for in some way, then what obligation is Google under to comply?

That's my best guess...

Re:Should have deleted it from the start

[BlackSnake112]

Why was Google collecting that data in the first place?

Google accidentally collected extra data?

Re:Should have deleted it from the start

[anexkahn]

Kind of like tuning into a radio station in your car when driving down the road.

Re:Should have deleted it from the start

[gknoy]

If I recall correctly, they were leveraging an existing open source tool for reading network information, and basically built the infrastructure of sampling, collecting, storing, and collating the information themself. Unfortunately, the tool they used collected more than they though it did. Or something like that. Hopefully someone else can give you a better explanation.

Re:Should have deleted it from the start

[Daengbo]

This isn't the USAG -- it's Connecticut's. That's why.

Re:Should have deleted it from the start

[hannson]

IIRC they were mapping broadcast SSID to GPS locations to get more accurate location system for Android phones.

Re:Should have deleted it from the start

[HiThere]

There are other good explanations (see other posts), but perhaps the other governments didn't want individual identifiers, and Connecticut does? Perhaps Connecticut just said "Give me all the data you colleced" and the others said "Give us the information you collected which you shouldn't have under our laws".

That sounds to me not only plausible, but reasonable. And Connecticut couldn't have said the same thing, because there weren't any laws to break. (But note that Germany, etc., would only have been given data about their own denizens, where if Connecticut was asking that way, it would be asking for everything.)

Re:Should have deleted it from the start

[theaceoffire]

It may be easier to do now, but building classified information out of non has always been an issue.

Re:Should have deleted it from the start

[anyGould]

Probably not much better, but I'll try...

As I understand it, they were intending to grab the beginning of each packet (the part that has the SSID, signal strength), which they would use to map where the hotspots are, so that when you're at the hotspot, Google can use the info to geolocate you.

The error was that their software was reading and storing too much of the packet, which meant they were getting some data that was being transmitted (instead of just the header). Most of the time it was just random chunks of data (kind of like getting words 532 - 538 out of a book), but sometimes it was user/password information, or an email address, or something else.

Important things to note here:

• Google (and most everyone else I've seen commenting, here or in the press, agree) didn't want this information - it was collected purely by accident. There's no nefarious plan.
• If your hotspot was encrypted in any way, you were absolutely safe.
• Unless you happened to be connected and transmitting while the GoogleMobile drove by, you're safe.

Of course, since they've mapped huge chunks of the world, statistically they end up with a lot of naughty details.

Personally, I take the greatest comfort in the fact that we first found out about this from Google itself. Not a third-party security researcher, not a hacker - Google came forward on it's own and said "crap, we didn't want this - sorry about that". That says a lot to me in terms of motive and corporate responsibility.

Re:Should have deleted it from the start

This is exactly what I don't understand. Google does the responsible things after realizing it has collected data which it never intended to (this wave) and brings it to the attention of the governments. Now all the governments want to access it. Where is the public outcry against the respective governments response in this matter? Why the hell would any citizen want their government accessing ANY data which belongs to them without a warrant? To be perfectly honest I have more faith that Google will dispose of this data appropriately and respectfully then I have that my government will keep this data confidential and dispose of it properly (or more likely wont dispose of it at all). Furthermore I think that my tax dollars are better spent improving the Canadian education system or going toward OPEN R&D innovation grants.

Re:Should have deleted it from the start

[tjhart85]

But, this is an issue that is "simply dispatched" by turning on the encryption options like it TELLS YOU TO in the manual of every single wireless router I have ever seen!

Re:Should have deleted it from the start

[shnull]

there you have a point, so , should the people whose data got collected take a stand and tell the govt they don't want their privates fondled ?

Re:Should have deleted it from the start

[ploxiln]

The funnier part is that someone checking gmail would actually be safe from this sort of wifi data collection, because gmail by default uses TLS. If all sites which exchange sensitive information with the user used TLS, this particular open-wifi-scanning thing wouldn't be an issue at all.

What could go wrong?

[Knave75]

Yes, the government is certainly a safe place to store sensitive data, what is google thinking?

Re:What could go wrong?

Really! The only thing worse than Google collecting data packets while doing an open network Wi-Fi survey, is the US government shifting through that data in search of thought crimes!

Re:What could go wrong?

[Johann+Lau]

boo-hoo, the evil government! yay google, champion of freedom!!

*pukes*

The government is the one institution that people can change. It's the one institution you can affect by participation without institutional change. That's exactly why all the anger and fear is directed at the government. The government has a defect: it's potentially democratic. Corporations have no defect, they're pure tyrannies. So therefore you wanna keep corporations invisible, and focus all anger at the government. So you don't like something, you know, your wages are going down: blame the government. Not blame the guys in the Fortune 500 because you don't read the Fortune 500, you just read what they tell you in the newspapers. So you don't read about the dazzling profits and the stupendous dizz, and the wages going down and so on, all you know is that the bad's government is doing something, so let's get mad at the government.

-- Noam Chomsky

Re:What could go wrong?

[Knave75]

I was not saying that google was a paragon of virtue, but duplicating the information and/or giving the only copies over to the government will certainly not enhance privacy.

Re:What could go wrong?

That's a pretty good quote you've got there. But it doesn't really apply here. There's something that Google did wrong, and admits that they did wrong. Nobody blames the government for Google having collected the data.

If you take issue with GP, you should first understand his point. As a for-profit institution, Google must depend on its data security for its livelihood. As an institution in no risk of being overthrown, particularly on this issue, the government has no necessity for data security unless it is for the purpose of covering up its own misdeeds. Even at that, they're pretty bad (see Wikileaks). Given that Google still has the data, do you really want another organization with known worse security standards to have a copy of that data? The concern isn't that the large organization is going to use the data. Honestly, anything large-scale enough to be worthy of Google or the US Government would be so obvious the institution would be swept out of existence. Wouldn't you notice if you and a bunch of other people had their email accounts hacked and replaced with Google ads? No, the concern is that somebody else, with smaller goals, will get a hold of enough of the information to act against specific people. Google might not need your password to read your Gmail, but your ex does.

Of course Google isn't denying to share because of an interest in our freedom. Ultimately, it's because they don't have to. But, it just so happens that by denying to share the data (and offering to delete it whenever desired) they are acting in the best interest of data security.

Johann, please stop being stupid. I agree with you that whatever evil the government is, is nothing compared to what corporations do. They need to be called on it. I would like to think that smart people share my opinion, not stupid people.

Re:What could go wrong?

[Johann+Lau]

Nobody blames the government for Google having collected the data.

No, but since this story came up, there's plenty of knee-jerk google praise and government bashing, just because it's Google and the government respectively. THAT I am addressing, that is what pisses me off. I just picked a random comment to, uhhh, have a knee-jerk reaction ^^

Johann, please stop being stupid. I agree with you that whatever evil the government is, is nothing compared to what corporations do. They need to be called on it. I would like to think that smart people share my opinion, not stupid people.

Hmm, but you'd have to be pretty stupid to feel moved by this personal appeal from anonymous ^^

I'm just tired of the endless tirade since this story surfaced on Slashdot. Maybe because Google can't get laid or design websites that look nice, either? While the government are a bunch of old farts who just don't get it.

I'm not saying they do, but this whole thing is a farce and theatre, nothing more. If you expect me to be that daft to value the passwords of morons WHO TRANSMITTED THEM UNENCRYPTED more than the cancer that is the culture of seeing "the government" as an external entity, you'll have to look for other people to share your oh so precious opinions with. To me this is simply peanuts... put them up as torrents for all I care. Seriously, that's not just not "non-stupid", this is idiotic.... and it kinds shows the lengths to which people go. If you're not astroturfing, I pity you. And if you want to give more "weight" to your fluff by including a personal appeal, make sure you're a person, too, and not an anonymous fucking coward. Just as a hint.

Holy Crap!

[tpstigers]

"letters, meetings, hearings" - If that doesn't scare the bejesus out of Google, I don't know what will.

Re:Holy Crap!

[ColdWetDog]

"letters, meetings, hearings" - If that doesn't scare the bejesus out of Google, I don't know what will.

The Spanish Inquisition. Nobody expects the Spanish Inquisition.

Re:Holy Crap!

[sconeu]

I don't think Google will fit into the Comfy Chair.

Re:Holy Crap!

[Neil+Boekend]

Now I do, so they won't turn up?

Re:Holy Crap!

[Captain+Hook]

Thats right, but that means that you no longer expect the Spanish Inquistion.....

Re:Holy Crap!

[Neil+Boekend]

Ah, but that results in a live lock, so nothing happens, so the Spanish Inquisition won't turn up. I am comfortable in knowing that. So I do not expect them. So they will turn up, which causes a live lock that prevents them from turning up which causes me not to expect them, resulting in them turning up GOTO begin
*gets shot by a decent programmer*

Analog thinking.

[Tubal-Cain]

I wonder if anyone involved in this is thinking of the digital data as if it were physical. i.e. if Google gives it to the Government, Google doesn't have it anymore. They certainly seem to be trying to think of data that way when copyright's involved.

Sounds about right

[sapphire+wyvern]

So let me see. The government is saying "Bad Google, shouldn't have collected all that data. That's private data that belongs to our citizens, not to you, even though it was broadcast in the clear. Now that we've established that only the originator should have that data.... let me have a peek! No, don't delete it - I really wanna see."

Very consistent. Not hypocritical at all.

Re:Sounds about right

[Trepidity]

Yeah, that's the part I'm missing as well. What reason are they giving for wanting this data, if they claim it should never have been collected? We can maybe guess at the real reason, but what's the official reason? Blumenthal doesn't seem to be explaining anything here.

Re:Sounds about right

You can't be serious. There's all kinds of things that data could show, leading to any number of possible charges against (and eventual fines collected from) Google.

They want to make the stakes higher than "don't get caught doing bad things, but if we catch you, just promise to delete it and promise not to do it again." They *need* to make the stakes higher than that, because with no disincentive to doing the same thing again, why *wouldn't* Google just start from scratch after the press blows over? You're naivety is astounding!

Is the data safe in the government's hands? Probably not. Is it safe in Google's hands? In the sense that Google would be less likely to leak it, sure, but Google wouldn't want to leak it because they want to have exclusive use of it - not sharing with competitors.

Why do you trust Google more than the government? The government might leak the data and cause bad things, Google's whole aim to begin with is probably bad things.

Re:Sounds about right

[Americano]

They want it as part of an investigation into the "accidental" collection of the data. This is standard procedure for a regulatory investigation - the data Google collected is evidence relevant to the investigation.

I'm not sure why you'd be interested in pretending that you don't get this... When's the last time you heard of an investigation in which the law enforcement and legal officials involved DID NOT want to see evidence relevant to their investigation?

Whether or not Atty General Blumenthal has jurisdiction and the right to request that data is something that may need to be decided in a court, but SOME investigative body is certainly going to want to review the data that was collected, since it is (perhaps) evidence of wrongdoing on Google's part, and entirely relevant to an investigation into whether or not Google broke laws in collecting and retaining that data.

Re:Sounds about right

[beakerMeep]

The fact that his answer was so evasive is actually very telling. If they had a good reason to be looking at the data they'd have a warrant in hand.

“There’s a range of potential opportunities for oversight and scrutiny by a member of the U.S. Congress – including letters, meetings hearings, and potentially even legislation.”

Translation: we got nothing, so we're gonna try and invent some reason to get the data.

Re:Sounds about right

When's the last time you heard of an investigation in which the law enforcement and legal officials involved DID NOT want to see evidence relevant to their investigation?

Yeah, I can't think of any examples... except when said evidence exonerates the defendant, of course.

Re:Sounds about right

[beakerMeep]

There's all kinds of things that data could show, leading to any number of possible charges against (and eventual fines collected from) Google.

Like what? Can you give some examples?

Re:Sounds about right

[Dexter+Herbivore]

Why do you trust Google more than the government? The government might leak the data and cause bad things, Google's whole aim to begin with is probably bad things.

What... you don't believe Google when they say "Do No Evil"?

Re:Sounds about right

[c0lo]

You can't be serious. There's all kinds of things that data could show, leading to any number of possible charges against (and eventual fines collected from) Google.

...

The government might leak the data and cause bad things, Google's whole aim to begin with is probably bad things.

Hell yeah... What if Google collected the traffic while (allegedly) Manning leaked the cables? I say.. now, think about it... what if Google collected them... wouldn't this be a conspiracy to hide the evidence and obstruct the military justice?
Of course this justifies even a Senate enquiry!

/tongue-in-cheek

My point: instead of escalating, wouldn't it be better the Attney to ask for the data that would be relevant to the investigation instead of asking all the data?

Re:Sounds about right

[beakerMeep]

It's "Don't be evil" and it's a tired tired joke at this point. Yes it's a silly corporate slogan and, yes, some of the stuff they do is considered evil by some people -- probably rightly so.

But I also don't believe that

-my world will be delivered by ATT
-Apple thinks differently
-UPS brown wants to know what they can do for me
-Diet Coke is just for the taste of it
-Verizon rules the air
-Mcdonalds will make me love it
-TBS is very funny
-Fox is fair and balanced
-Nike will make me just do it
-Or that Slashdot is only stuff that matters

We get it, time to move on.

Re:Sounds about right

[Americano]

Yes, because nobody's ever been exonerated by evidence in a court of law. Ever. In the entire the history of western jurisprudence.

It's just been one railroading after another of poor innocent guys who never hurt a fly in their whole life, because the corrupt government prosecutors habitually and willfully ignored ironclad evidence that would exonerate the suspect.

Re:Sounds about right

[beakerMeep]

Here's the difference: What are they investigating? They can't go trolling for wrong doing. They dont even imply what types of regulations or laws may have been broken.

Re:Sounds about right

[noidentity]

Duh, the government just wants the data to be sure that it gets destroyed. If the MAFIAA has taught me anything at all, it's that data is like a physical thing, and so by demanding it be handed over, there's no way that Google could have it anymore.

Re:Sounds about right

How'd you get from "I've heard of it" to "never in the history of jurisprudence"?

Sorry, but it has happened. One famous example is the Duke rape case from several years back, and there are many, many more as you go further back, but it's not my responsibility to look them up for you.

You asked, I replied. This "never" and "habitual" nonsense is you putting words in my mouth.

Re:Sounds about right

The point you miss is that Google _didn't_ "get caught doing bad things", Google reported themselves to have (allegedly inadvertently) collected the data. If Google wanted to "just start from scratch after the press blows over", wouldn't they have just kept doing it and not stirred the press to begin with?

Re:Sounds about right

[Americano]

So the best you can come up with is a 4-4.5 year old case as an example? Out of how many tens of thousands (hundreds of thousands? millions?) of cases that are tried each year?

Yeah, I can see where you might conclude that this happens so frequently that it's likely to be the case here.

Oh, and let's also not forget that Google has more money & lawyers than god, and the chance that they're going to be railroaded into some foregone conviction is so ridiculously fanciful that it might as well not even exist, and you're just... I don't even know what - trolling for good karma because you defended Google? Good on ya.

Re:Sounds about right

[Americano]

Two different federal groups were investigating: the Federal Trade Commission, on consumer privacy grounds (they concluded their investigation, and basically said that 'since Google has improved their collection and promised not to do it again, no action is necessary.'), and the Federal Communications Commission, which is actively (at least, active as of the latest I've heard) looking at whether or not Google's intercepting these transmissions is a violation of FCC regulations and relevant Communications Act provisions.

This has been fairly clearly reported. I'm not sure why people here insist on pretending it's just a fishing expedition by the feds hoping to catch Google doing something they can be spanked for. Google publicly admitted that they had captured this data, regulatory and law enforcement agencies want to look at the data that was captured to see if a crime was committed in the capture of that data. It's really pretty straightforward.

As a thought exercise, s/Google/Facebook/g in the coverage around this story, and think about whether or not you'd have a problem with Facebook doing the things Google has admitted they've done, and whether or not you'd want to see law enforcement get involved if they had? Google's "halo" doesn't make it impossible for them to do bad things, even illegal things. When they have publicly admitted to doing something that is of questionable legality, shouldn't an investigation be done? Or should we just shrug and say, "It's google, of course they're good folks. They'd never do anything wrong."

Re:Sounds about right

[TapeCutter]

"Whether or not Atty General Blumenthal has jurisdiction and the right to request that data is something that may need to be decided in a court, but SOME investigative body is certainly going to want to review the data that was collected, since it is (perhaps) evidence of wrongdoing on Google's part, and entirely relevant to an investigation into whether or not Google broke laws in collecting and retaining that data."

Evidence for what charge? What you are describing above is commonly known as a "fishing expedition". If Google has been accused of a crime then by all means go to court and get a search warrant to collect evidence, but demanding evidence so that you can go away and scour the books to see if you can find a crime is not how it's supposed to work.

Re:Sounds about right

[whoever57]

I'm not sure why you'd be interested in pretending that you don't get this... When's the last time you heard of an investigation in which the law enforcement and legal officials involved DID NOT want to see evidence relevant to their investigation?

I think that you are being obtuse if you can't see the difference between this data (which is claimed to be a privacy breach) and other types of evidence.

If the data really is private, then surely the government should obtain a warrant to get the data? Or is it public, in which case Google has done nothing wrong?

Re:Sounds about right

[Stuntmonkey]

the data Google collected is evidence relevant to the investigation.

So, the investigators should get a subpoena. That's how the system works. If you can't convince a judge to issue a subpoena, you don't have a leg to stand on. I don't think Google -- or any other company -- should just hand out potentially sensitive user information to anyone who asks for it. Maybe that's how it works in China, but that isn't how it works in the USA.

Re:Sounds about right

[TapeCutter]

"There's all kinds of things that data could show, leading to any number of possible charges against (and eventual fines collected from) Google."

Sure, just like a cop without a search warrant could find lots of things in your home to hang you with. It's not about trusting either google or the government it's about the rule of law which says the authorities must have probable cause. In this case they don't have probable cause, they don't even have an allegation, which is why they don't have a search warrant.

"You're naivety is astounding!"

Voulenteering ANY information to an investigation that is spending a pile of taxpayer's money looking for a reason to hang you, is not just naive, it's stupid.

Re:Sounds about right

Normally, investigators don't just immediately rush to grab a warrant, especially when investigating a large public entity. They usually start with simply asking politely. This is that phase.

Re:Sounds about right

[Americano]

Please explain how it's a fishing expedition when Google has admitted publicly that they intercepted wireless network traffic, and retained the data they intercepted?

Re:Sounds about right

[Americano]

And they will get a subpoena when they ask for one. Don't be dense.

Investigations proceed like this because it gives Google a chance to cooperate with the investigation without being clubbed into compliance with subpoenas. Tends to make the accused look a bit better in the eyes of the court that they both cooperated with the investigation, and understood their culpability and were interested in showing that they were interested in "making things right."

Apple was recently under preliminary investigation for antitrust violations, I'm sure you read about it here. The Justice Department and the FTC requested (and received) information from Apple's legal department during their "preliminary inquiry."

It's quite common for companies to cooperate with investigators because, even if they have run afoul of the law, cooperation can put you in a position to mitigate damages: "It was inadvertent, and we're very sorry, we want to make this right, and we're an open book!" Versus, "You'll never get us to admit we did something wrong, we'll fight you every step of the way, and we'll do everything in our power to make it look like we're trying to cover up the fact that this was done deliberately, and with intent, rather than by accident!"

Re:Sounds about right

[Americano]

Intercepting and warehousing network data can be illegal, even if the *data* that you've happened to intercept is public information, or at least not protected by special privacy regulations.

There IS a legal distinction between "the stuff you collected" and "the way you collected it."

Nothing stops me from having the biggest Beanie Baby collection east of the Mississippi - they're perfectly legal to own and collect. If I collect them by shoplifting them from stores, well... the law is going to have an interest in my collection.

In this particular case, the FTC was considering whether the data was "private" data that deserved special regulatory protection, and their finding was that it was not worth pursuing because Google convinced them that they had taken appropriate steps to prevent privacy breaches. That still leaves the FCC's inquiry, into whether Google ran afoul of the law by collecting the data from wireless networks in the first place.

Re:Sounds about right

[Stuntmonkey]

A material factor here is that the data in question was collected from people not affiliated with Google, and may be potentially compromising. Especially so since it ties back to particular locations and MAC addresses. The worst case scenario for Google would be to willingly comply with a request like this, then some of the data leaks externally, and some sleuth figures out and publishes something compromising about a user at 345 Main Street in Canton Ohio. If this seems implausible, look at the AOL search data scandal. Let me guess, you aren't using AOL search any more, are you? Given the circumstances I can't blame Google for trying to limit the distribution of this data.

Re:Sounds about right

[HiThere]

What percentage of the cases would you expect to find out about? Why? I'm actually surprised that any were found. (Not that any happened, that any were found.) This seems, to me, to indicate that it happens an unsettlingly large percentage of the time.

And no, 4-4.5 years ago isn't a long time ago. You have to allow time for the incident to be proven, and court cases can run decades. (Not usually, but it's not uncommon either.)

I'll grant that Google is probably capable of providing itself with a decent defense, but it also has image and stockholders to think about. In this case, among at least some population segments, it doesn't lose face by not acquiescing to an intrusive governmental request. But corporations often do, and without any need for laws to be broken. (Except, of course, by disclosing information to the government that is forbidden by contractual agreement except under a court order, but without the formality and bother of there actually being a court order.)

That's ok though. They'll change the EULA on their web page so that it's technically legal...at least arguably so, and claim that since the agreement now reads that you agreed to these terms, that makes them the terms that you agree to.

I don't think very much of the morals of the people who run either corporations or the government. But Google, so far, is doing better than most. (But I still wouldn't trust them with my data in the cloud. Unless it was strongly encrypted.)

Re:Sounds about right

[HiThere]

On the part of the Connecticut AG it *is* a fishing expedition. And he has no probable cause to suspect that any law was broken. (Should he have? Possibly. But that would require different laws.)

Note that the request for data didn't come from either of the federal agencies that you identified. (And it should still be handled via the courts and judicial warrants.)

Re:Sounds about right

[Americano]

He has no probable cause to suspect that any law was broken? Are you that certain about Connecticut's state laws?

Presuming that some of this data was collected in Connecticut, it's entirely likely that the Connecticut AG would have every reason to suspect that the data collected may put Google on the wrong side of Connecticut law.

Re:Sounds about right

[HiThere]

OK, I have not heard it alleged that any specific laws were broken or infringed.

That *is* more precise. But it means about the same.

Re:Sounds about right

[Americano]

Investigations *are* usually conducted before charges for specific violations of specific laws are leveled against a defendant.

Google has publicly stated that they collected & retained data from people's wireless networks. If unauthorized use of someone else's networks, and intercepting network traffic on that network, is against the law, why wouldn't they have reason to investigate what google collected and how they collected it?

If I kill someone, I will be investigated long before I am formally charged with murder, or manslaughter, or reckless endangerment, or a host of other charges that could come along with someone's death. "It was an accident!" doesn't absolve me of liability for the death, though it may change the *charges* I eventually face in court - if it wasn't premeditated murder, and instead I was driving too fast and struck a pedestrian, perhaps I'll be charged with vehicular manslaughter rather than first-degree murder.

I'm not sure how you think the legal system works, but investigations pretty much always precede formal charges, where the specific laws you are suspected of having broken are stated.

Re:Sounds about right

[Americano]

Given that Google is the group that first collected it, I'm not sure that "trust Google to secure this (possibly) private data" is a rational conclusion that may be drawn from this scenario.

You have to actually *try* to join someone's network, and capture data - wi-fi networks aren't self-assembling naturally-occurring phenomena. You have to actually write the code to say "record any data that's being sent over the network."

The request is not for Google to publish the data on Wikileaks, the request is for Google to turn over the data they collected to the investigating authority who is looking at whether Google broke laws in collecting that data. AOL publicly released the data you're referring to, that wasn't an "accidental" leak. The situation is not even remotely the same.

Re:Sounds about right

[TapeCutter]

"Please explain how it's a fishing expedition."

They don't have a search warrant, they don't even have an allegation of what law was broken. They want google to give them something with the hope that they can find a crime. This is no different to a cop who wants to search your home without a warrant in the hope that he can find evidence of crime to charge you with.

"Google has admitted publicly that they intercepted wireless network traffic, and retained the data they intercepted?"

If that's illegal then why do they need to spend so much time and money trying to find what law has been broken. They have a confession from google, why do they need the data to figure out what crime is being confessed to? What's stopping them from going to a judge, pointing to the law that says you can't do that, and obtaining a warrant? - Could it be that there is no such law?

Just because some people think what google has done is morally/ethically abhorent, does not make their actions a crime. Asking to search google without probable cause in an attempt to identify criminal activity is by definition a fishing expedition, which to me is way more morally/ethically abhorent than anything google has done.

Re:Sounds about right

[HiThere]

Such investigations, however, *don't* commonly include a demand that someone "turn over all your records" without a court order.

Re:Sounds about right

[Americano]

First: The request was specifically for the data that was collected "accidentally" by Google. Not "all Google's records."

Second: It's not a demand, it's a request. And it's the type of request that is commonly made during a preliminary investigation, as it sets the stage for the person under investigation to be shown to be cooperating with the investigation. This amounts to investigators saying, "Hey, we'd like to actually see the data that you collected," and Google saying, "Nope, sorry, can't do that." The investigators won't have a problem getting a court order (Google's already turned this data over to other agencies), but why go through the trouble if Google is willing to cooperate?

If you know you've done something illegal, and you know that the people investigating you will find out you've done something illegal, it's actually a good way to mitigate an eventual sentence, and plays very well with the "all the collection we did was completely inadvertent, and we've taken steps to make sure it never happens again, and we're really sorry about it. Now who do we make this check out to to settle up our fine and legal fees?"

When such cooperation might mean the difference between getting sentenced to prison and getting sentenced to the corporate-penalty equivalent of a small fine plus community service, I think it's rather swell of them to make the offer before they make Google waste a ton of time and money on mounting a legal defense.

Save the trouble..

[markass530]

They said they would delete, just do so, effectively telling the gov't to f' off, which they need to hear from time to time.

Re:Save the trouble..

They can't. They have to have an OK by the government to do so as otherwise the government may turn around and slap them with "destroying evidence in a current investigation" and that is much worse than anything they could do now.

absolutely right,

a strongly worded letter will shake them up. BTW, I accidentally collected all the banking info on Google Corporate via man-in-the-middle drive by. But it was an accident.

What if an individual did what Google did here?

Wouldn't the state just extradite and prosecute? What is different in the process for a corporation?

Re:What if an individual did what Google did here?

If the guy had as good a cover story as Google does (geolocation, self-incrimination, Kismet configuration) then this would have blown over already, nothing to come of it. If he was shown to intentionally harvest data, then he'd probably be sitting in prison (despite the absurdity of 'collecting' public data).

Re:What if an individual did what Google did here?

[_Sprocket_]

Wouldn't the state just extradite and prosecute? What is different in the process for a corporation?

They would ignore it. Fun fact for you: Google was doing the same thing thousands of hobbiests are doing every day using the same tools. But it's different for Google since there's political hay to be made.

Re:What if an individual did what Google did here?

[c0lo]

Wouldn't the state just extradite and prosecute?

No!!! It is fashionable now to start an investigation on rape allegations first... as a foreplay. Jumping straight into extradition is totally bad-taste.

What is different in the process for a corporation?

You see... it is very hard to alllege an entire corporation raped 2 women... but I reckon they'll be working on it for the future.

Re:What if an individual did what Google did here?

Pointing at others, are you? I guess that works if a fanboy doesn't want to talk about the subject itself and what it did wrong. Of course the difference is the MASSIVE SCALE of google's sniffing operations. Fun fact for you: there's a difference between one guy sniffing around in his neighborhood, and one of the biggest companies in the world or a huge government sniffing out everybody, by design and system. Of course you are going to disagree, but you won't explain what political advantage there was to be gained anyway either, because there is none, and empirically the government is proven not to give a sh*t about your privacy or your perception about them giving a sh*t about your privacy.

Let me put it another way. Port scanning and scanning for security bugs is not illegal. What if google or the government scanned EVERY computer for such things, whether they are open, and read and store as much as they can off the harddrive such as passwords and private information? I guess if you're a fanboy, you'd find that just fine, because some hobbyist can scan a port as well. It would scare the hell out of a normal person.

Re:What if an individual did what Google did here?

Google was doing the same thing thousands of hobbiests are doing every day using the same tools. But it's different for Google since there's political hay to be made.

The scale is vastly different if you compare a hobbyist to Google, not to mention the fact that Google is a for-profit company with a significant interest in profiting from other's private data.

Re:What if an individual did what Google did here?

[_Sprocket_]

Pointing at others, are you?

No. Pointing at me. I'm one of those people.

Of course the difference is the MASSIVE SCALE of google's sniffing operations. Fun fact for you: there's a difference between one guy sniffing around in his neighborhood, and one of the biggest companies in the world or a huge government sniffing out everybody, by design and system.

Fair enough point. But scale alone does change things. What's legal for me is legal for Google.

Of course you are going to disagree, but you won't explain what political advantage there was to be gained anyway either, because there is none, and empirically the government is proven not to give a sh*t about your privacy or your perception about them giving a sh*t about your privacy.

You're entirely wrong. Public officials care very much about perception. They do a lot of things for perception alone. They may not care about a particular individual. But they will do things to make large groups of people feel good about them and their job (or future jobs).

Let me put it another way. Port scanning and scanning for security bugs is not illegal. What if google or the government scanned EVERY computer for such things, whether they are open, and read and store as much as they can off the harddrive such as passwords and private information? I guess if you're a fanboy, you'd find that just fine, because some hobbyist can scan a port as well. It would scare the hell out of a normal person.

You're probably going to be terrified at what you find at google.com then. They scan open systems every day. Put in the right search and you'll find passwords and other private information.

I get your concern. But it is misplaced.

Re:What if an individual did what Google did here?

You're just ploinking the arguments with wording like "You're entirely wrong" or "It is misplaced", without actually providing any sophisticated counter arguments. Is this your way of saying I am right, but you cannot cope with it? Your counter arguments are misplaced, entirely, does that terrify you?

Re:What if an individual did what Google did here?

[_Sprocket_]

You're using fear words like "terror" as if that should invoke something. I suspect you're confused. Let me re-hash my points so you don't overlook them.

Google is doing nothing overtly strange. The war-driving Google was doing is no different than the war-driving thousands of others are doing. I do it because I find it interesting to see what's out there. Google does it because it wants to map whats out there and use it as another source for geolocation. In both cases, the "personal data" that's being picked up is accidental.

Why do I say your concerns are misplaced? Because, as far as I can tell, you're misguided in to thinking Google is running around logging personal information and feeding it in to their vast data trove. Of course - that's my assumption because, despite your snarky comments on me "ploinking" your points, you haven't made much of an effort yourself at explaining your point and are rather quick to dismiss anything that doesn't fall in line with your general fear-of-Google line.

I should point out to you that war-driving is an ineffective way to gather information. You will, by chance, pick up bits and pieces here and there; an email password, maybe a partial web page, etc. Most of the packet capture is going to be pretty useless. Part of that is due to moving around and altering signal strength. A lot of it is due to the need to hop channels to find access points. If you really wanted to gather data, you would war drive first to identify your target and then sit stationary at a target for an extended period of time to capture traffic. I have seen nothing that indicates that this is what Google was doing.

And so, with further clarification in mind, I repeat... I get your concern for privacy but I find it misplaced. You really should worry more about people like me. Or, worse yet, people with the same basic skillset as me but motivated to do something nefarious with that skillset.

Re:What if an individual did what Google did here?

[HiThere]

Exactly *what* private data is Google intending to profit from? It makes a big difference.

If what they're doing is collecting bank account passwords, then, yes it's nefarious, even though the data was unencrypted.

If what they're doing is associating IPs with geo-locations, as they claim, I don't really like it, but I don't see anything really wrong. And it's clear how they could profit from that information.

They claim to be doing the second, and I see no reason to disbelieve them. They claim to have collected some data of the first sort by accident. I wish they'd destroy it, though I understand why they can't at the moment.

There's a couple of federal agencies that are supposed to be investigating this. One has cleared Google of malice and basically said "Go and sin no more". The other is still considering. These agencies have proper grounds, and have been dealt with reasonably. The Connecticut AG is a grandstanding politico on the make. He doesn't have grounds. He doesn't have a case. He's making political speeches. Google correctly told him to come back with a warrant, and he's trying to figure out something that he can escalate into grounds for one. Given that he just needs to find one pliable judge, he will likely get a warrant for something eventually. It won't be just, but it's the kind of corruption of the justice system that politics encourages.

What Google should have done was heavily redacted the documents, and then destroyed the originals before announcing the problem. Hindsight is marvelous. And it's too late to do it now without massive consequences.

Do I trust Google? No. But in this particular case I trust Google more than I trust the Connecticut A.G.

Why not the US government?

[sapphire+wyvern]

Apparently Google has already given some or all of the sniffed data to authorities in Germany, Spain and France. I wonder why the US is causing so much more controversy?

Perhaps the US government is asking for more data (eg data from other countries) or has refused to meet conditions Google had set for the European governments, when handing over their shares of the data?

Re:Why not the US government?

[melted]

IANAL, but maybe it's because by law of _this_ country they _don't have to_ turn it over without a court order?

Re:Why not the US government?

[Lloyd_Bryant]

Apparently Google has already given some or all of the sniffed data to authorities in Germany, Spain and France. I wonder why the US is causing so much more controversy?

Perhaps the US government is asking for more data (eg data from other countries) or has refused to meet conditions Google had set for the European governments, when handing over their shares of the data?

The issue is that it is *not* the US Government asking to see the data, it's the Attorney General of the State of Connecticut. Who may or may not have any legal justification for even asking for it.

Google has already underwent an FTC investigation over this issue, and an FCC investigation is still pending.

So how many levels in our kludgeocracy should Google have to explain its actions to?

Re:Why not the US government?

[beakerMeep]

I'd hazard a guess that another reason might be that those countries actually have privacy laws that could compel Google to turn over the information.

Re:Why not the US government?

1 layer less then the number of different email address you have to contact to get a real live person at google to actually answer a question about their services with something other than an autogenerated form letter.

Re:Why not the US government?

[ContentCharacter]

Because in the US, The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated; and no Warrants shall issue but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

Re:Why not the US government?

[ArsonSmith]

those rich asshats at Google should explain them selves to every damn government agency the Obama administration can possibly dream up. It'll be good for the economy anyway to promote some good federal investigator jobs.

Re:Why not the US government?

[DRJlaw]

The issue is that it is *not* the US Government asking to see the data, it's the Attorney General of the State of Connecticut. Who may or may not have any legal justification for even asking for it.

Every state is a soverign entity with general police and lawmaking powers, whereas the federal government in theory has powers limited to those enumerated in the Constitution. The attorney general of a state is the elected head law enforcement officer of that state (presuming that you view law enforcement as including the state's legal staff, in addition to its police).

What on earth makes you think that the FTC but not the states, which have even greater powers over general business practices, should have the power to investigate what occured here?

So how many levels in our kludgeocracy should Google have to explain its actions to?

Federal and State. Each entity has its own laws, and its own ability to enforce them. If you assault a federal employee in Glastonbury, you can be prosecuted by both the "US Government" and the State of Connecticut, one after the other, because you have commited multiple crimes, some federal and some state.

Re:Why not the US government?

[w_dragon]

And apparently in Connecticut Google's lawyers believe that the Attorney General saying 'pretty please' is not enough to force them to hand over data. Charge them and get a warrant and I'm sure they'll comply. This data may be evidence in a federal court given the investigations going on, would it really look good on Google if they just started handing it out to anyone who asked without a legal obligation to do so?

7-year rule?

[beaverdownunder]

I think perhaps the headache for Google is that they may be required under US law to hold all records for 7 years -- since any data collected is a 'record', they simply can't delete it without the authorisation of the US Government, else they could find themselves in trouble, corporately-speaking. However, it seems this particular politician wants to engage in a little electronic-voyeurism -- which although unsurprising is still a bit unsettling -- and is standing in the way of Google obtaining the necessary exemptions to delete the data.

Re:7-year rule?

I think perhaps the headache for Google is that they may be required under US law to hold all records for 7 years -- since any data collected is a 'record', they simply can't delete it without the authorisation of the US Government, else they could find themselves in trouble, corporately-speaking.

However, it seems this particular politician wants to engage in a little electronic-voyeurism -- which although unsurprising is still a bit unsettling -- and is standing in the way of Google obtaining the necessary exemptions to delete the data.

You have no idea what you are talking about. There are varying laws pertaining to financial records, but Google doesn't need to keep any non-financial data around. Can you imagine having to store every document/page request/anything google does for 7 years?

Re:7-year rule?

[beakerMeep]

Are you talking about Sarbanes -Oxley? Doesnt that apply more towards accounting records? Say Google wanted to delete its maps of the US, they wouldn't need permission for that. But if they wanted to delete expense reports they would.

Blumenthal is a publicy whore

[schwit1]

He will do anything to keep his face in the media.

Re:Blumenthal is a publicy whore

He will do anything to keep his face in the media.

Which is stupid. With a face like that you'd think he'd be doing everything he could to avoid publicity. A face made for radio if I ever saw one.

Re:Blumenthal is a publicy whore

[coolmoose25]

"He will do anything to keep his face in the media."

You know, as I was reading this thread, I kept asking myself why he is still doing this kind of stuff. I'm from CT (and no, I didn't vote for this guy, I can't STAND him) but I kept thinking "Jeez, the election is OVER, and he won. Why is he doing this?"

Thanks for answering my question for me. It was so obvious it evaded me. Wish I had mod points!

Spilled milk

[oldhack]

Don't know which is worse, Google collecting it, or it being turned over to government.

Re:Spilled milk

[monkyyy]

goverment, google already know everything about 90% of people and then the rest it knows NEARLY everything

Re:Spilled milk

People expecting unsecured WiFi to be secure.

If it's so important, just gather it yourself

[kawabago]

This information is still available, you just have to drive around collecting it. The government could attach sniffers to all postal trucks and quickly map out the entire country, they don't need Google. Of course it would be highly unpopular if someone tries to do it.

Nothing keeps data secure....

[trawg]

....like letting more people have access to it

Let them have it.

unprotected Wi-Fi networks.

If I send text via post card versus a letter in an envelope, can I sue the postman if he accidentally glances at it while looking at the address?

This is a ridiculous waste of time and money - both ours (taxpayers) *and* Google's.

Re:Let them have it.

[91degrees]

No, but if he accidentally photocopies it and every other postcard he happens to see, you might reasonably ask questions.

thank goodness

[Charliemopps]

I'm just glad our government has found something else to focus on other than the economy, tax reform, the 2 wars we're involved in, net neutrality or any of the other pressing issues that are so difficult to tackle.

Re:thank goodness

[miffo.swe]

How about the war on terrorism, the war on drugs, the war on criminality, Haiti, the israel/palestine conflict, the israel/iran conflict, north and south korea, Puerto Rico, Venezuela and all the other cookie jars the US has its hands in?

I think the rest of the world would be honestly thrilled if the US got some other stuff at their hands other than this kinds of stuff:
http://en.wikipedia.org/wiki/CIA_sponsored_regime_change

Govt wants the map.

[miffo.swe]

Im pretty sure the real reason the govt want the data is because they want a map over every wifi but they cant get one themselves. As soon as Google hands it over it will slip onto every three letter agency in the US. Make a database out of it and you can pinpoint just about anyone with ease by help of your friendly ISP.

Re:Govt wants the map.

Uh, what?

Even assuming the commercial providers (Skyhook et al.) are unwilling to contract a reasonable price for such access to their databases as the agencies need... Why in hell would they not grab the relevant mappacks from http://wigle.net/ like everyone else (i.e. me) does?

Must be some good weed, chum.

No right.

[El_Muerte_TDS]

The government has no right to access this incorrectly and even illegally collected data. Google has confessed their mistake, now they should delete that data and receive the punishment for their actions. If Google doesn't agree with the verdict, then they can choose to use the data to help their case, and not the other way around (where the Government uses the data to make their case.)

Re:No right.

[sumdumass]

Well, no. It rarely works out that way.

You see, once the investigation is initiated, the government has a right to pursue any evidence that may pertain to the case- even if it implicates other crimes or aids the conviction of the crime. Normally, how this would work is the government would get a judge to issue a warrant to produce the item or information if asking for it doesn't work.

The problem here is that there is no clear evidence of a crime or that the government has jurisdiction to conduct an investigation into it. But why it's doing an investigation, then the government can try to get a warrant and google can try to get the court to stop the government from investigating.

But if the investigation is legal and the government entity does have the competent authority to do the investigation, then the government has a right to the data if it can be connected to the investigation.

Re:No right.

Which tells me that the best course of action for Google would be to destroy all the data before anyone else gets their hands on it. Then the case can only focus on whether the government had jurisdiction and authority to investigate at all, and though Google may or may not take a hit on this in court, they'll at least be more popular among their consumers for their effort to keep Pandora's Box closed.

Re:No right.

[sumdumass]

Well, no. Sometimes destroying evidence can be bigger evidence in convincing a jury that you are guilty. But it's a crime to destroy evidence in the least to begin with.

If they were going to destroy it, the time to do so would be before any mention of a case or investigation at all. Once there is a reasonable belief that there is potential litigation and the item might be evidence, you have to preserve it to the best of your ability. If they didn't, they could be busted with destroying evidence. And this destruction of evidence problem isn't really limited to just government actions. If I tell you I am going to sue you, it's possible that you can be charged and convicted of destroying evidence even though I haven't filed court papers yet.

Of course the laws vary from state to state and me suing you would likely be a state law. But the problem is even compounded by SOX, HIPPA, and other regulations if you are covered by them. In those situation, the law specifically sets out to name things you have to preserve and take steps to preserve else you might lose the case by default or be punished for not preserving the evidence even if a crime wasn't shown to have happened.

It's like one of those lying to investigators things when no crime was shown to have been committed. Scooter Libby and Martha Stewart both got busted for giving false statements where no crime happened and no one was actually charged in connection to the original investigation matters.

Government headed by an alien

Not an extra-terrestrial, of course ;) Just an Indonesian!

Double standards??

[schizz69]

Isn't the problem in question the fact that they gained private data? They got in trouble because of privacy converns And now the govenment want that data, isn't that effectively doubling the problem. Govt "you shouldn't gather personal data with out authorisation" Google "sorry, we will delete it" Govt "No that's not good enough" Google "well what is" Govt "Give it to us. We need to make sure we gather as much information as possible from your crime so as we can 'claim to be doing something'" Google "Uh... Wait!... What??? Piss off" Govt "LAWSUIT!!!" Yea, I stand by google on this one. The govt has the biggest store of ill gotten personal information in the planet. Who would you trust?

Re:Double standards??

Isn't the problem in question the fact that they gained private data?

How is it private data if it was transmitted unencrypted? In most states you are allowed to legally receive any transmission. Keep in mind that prosecuting data for this will change the way public WAPs are used and radar detectors are used.

they didn't "accidentally" collect it

[SuperBanana]

1)You don't "accidentally" retain sniffed traffic logs of that size, across your entire international operations, for months if not years, "accidentally." See http://gizmodo.com/5671049/google-street-view-cars-collected-emails-and-passwords I mean come on...someone would have noticed the drives filling up, wondered why, etc. These people are supposedly geniuses, right?

2)There's no political grandstanding here. This is a major privacy invasion. The "grandstanding" has been international, because people are PISSED. Google collected and correlated with location data...MAC addresses and IPs of base stations and client devices. Email addresses. Passwords. URLs. I'm going to be VERY generous and assume that they only captured the sniffed traffic, and not that they intentionally extracted all that from traffic and only stored the extracted data, because that would have been even more obviously-intentional.

3)It's slightly creepy when you go around wardriving. When an international corporation which has a always demonstrated an intense interest in profiling its users and mining its users data for advertising purposes, does it, across the planet? That's just slightly different.

Re:they didn't "accidentally" collect it

[Neil+Boekend]

I mean come on...someone would have noticed the drives filling up, wondered why, etc. These people are supposedly geniuses, right?

You apparently have no idea how much harddrive space Google has.

Re:they didn't "accidentally" collect it

I mean come on...someone would have noticed the drives filling up, wondered why, etc. These people are supposedly geniuses, right?

Because, sure, given the choice between incompetence and malice, it's always malice, right?

You make it sound like there was an army of Google's top engineers working on this one single component. If these engineers are geniuses, how many engineers do you really think they'd need? I'd guess one, maybe two. Yeah, it's got to be malice. There's no way one person would make a mistake, or fail to notice something that someone else's code was doing.

2)There's no political grandstanding here. This is a major privacy invasion. The "grandstanding" has been international, because people are PISSED. Google collected and correlated with location data...MAC addresses

Right. Google (and several other companies, and black hats whose names you will never know) collect MAC addresses and correlate these with locations. I don't think this is what people are up in arms about.

and IPs of base stations and client devices. Email addresses. Passwords. URLs.

[citation needed]. These things were collected in the raw dump of unencrypted WiFi traffic, but no correlation of these things with location was done, unless you know something the rest of us don't. This isn't about what Google "coulda" done, it's about what they did.

I'm going to be VERY generous and assume that they only captured the sniffed traffic, and not that they intentionally extracted all that from traffic and only stored the extracted data,

I don't know why that's being "VERY generous". The various governments that have been granted access to the data have come out and agreed that this is in fact what happened and the form that the collected data was in. Are you actually following what's going on with this, or are you just too stuck in your anti-Google world view that you aren't willing to accept facts that make this seem a little less evil than you want to believe?

Re:they didn't "accidentally" collect it

[whoever57]

This is a major privacy invasion.

I'm a little confused on how giving more people access to the data helps to ameliorate the supposed privacy invasion?

Re:they didn't "accidentally" collect it

[Kashgarinn]

"people are PISSED"

- because when it's your fault that someone else can locate, monitor and collect wireless data from your router, it's best to blame someone else, right?

People are STUPID.

Re:they didn't "accidentally" collect it

[adamofgreyskull]

1)You don't "accidentally" retain sniffed traffic logs of that size, across your entire international operations, for months if not years, "accidentally." See http://gizmodo.com/5671049/google-street-view-cars-collected-emails-and-passwords [gizmodo.com] I mean come on...someone would have noticed the drives filling up, wondered why, etc. These people are supposedly geniuses, right?

Eric: Hey Larry, this D drive is filling up pretty quick.
Larry: Huh?
Eric: I said the D drive is filling up pretty quick.
Larry: It's probably nothing, what are you doing?
Eric: Oh, nothing..I was just going to create a new logo for the anniversary of the invention of the potato peeler and I got this message.
Larry: What did it say?
Eric: I don't remember exactly, I just clicked ok, but it said something about disk-space, and wouldn't let me create my jpeg.
Larry: Well did you check the Control Panel?
Eric: Yeah, it's saying it's all full...
Larry: What? Seriously? I thought we put a 100Gb in there a few months ago? It shouldn't be full.
Eric: Well...it is. See? All blue!
Larry: Should we delete some of it?
Eric: I did, last week, and the week before...maybe it's a virus?
Larry: What are all these? Hmmm. They look important...probably Sergey's.
Eric:Shit...Sergey. Do you think...shall we tell him? Shall we tell Sergey?
Larry: Do you want to tell him? He's going to be super pissed when he finds out you filled the new hard-drive with porn or whatever you did..
Eric: I...Good point. I'll go down to best-buy and get one of those external disk things. What should I get? 200Gb or 300Gb?
Larry:I don't know? Just get the biggest one you can, and hurry! It's his turn to use the computer next!!
Sergey: Hey guys, what's up?
Eric & Larry (together): Nothing!

End Scene.

Re:they didn't "accidentally" collect it

[guruevi]

1) Yes you can accidentally retain sniffed traffic logs. Run Kismet for instance. I have once accidentally left it on, sniffing all encrypted and non-encrypted traffic in my neighborhood (~15 networks) for about 48 hours: ~10GB. Google did not sniff all traffic, it only sniffed (or sampled) a few packets from every hotspot (maybe 10-20kb). With standard disk sizes being 250GB it takes a really, really long time to fill up your disk with random samples.

2) People are pissed for what? Not securing their own wireless? Transmitting their passwords in clear text over an insecure medium? They only correlated what any WLAN tracker/sniffer can provide. If you own a wireless network you might know that your MAC addresses and SSID's get transferred and being able to correlate them against GPS locations has been done not just by Google. Even so, it's still legal in most places to receive radio transmissions (since it's physically impossible not to) and you can do whatever you want with them those transmitting those radio transmissions should know that there can be eavesdroppers anywhere.

3) It's not slightly creepy. I have done it as have probably many others here. Ever been at a location where you need internet? Maybe at your local coffee shop or at a hotel? You open your laptop and scan for networks hoping to find an unsecured one - you're now wardriving. Doing it for profit has been done before, there are companies that sell these databases successfully since at least the last '90's, not just Google.

Re:they didn't "accidentally" collect it

[gmor]

1)You don't "accidentally" retain sniffed traffic logs of that size...

Yes, a person can accidentally store data that he should have discarded. Google isn't a magical omniscient being; it's a collection of teams with their own disk quotas.

2)There's no political grandstanding here. This is a major privacy invasion. The "grandstanding" has been international, because people are PISSED...

Not sure what your point is. Clearly, the purpose of the data collection was to associate router MAC addresses with physical location so that Chrome and Android can locate themselves more accurately (after the user grants permission). This is something that many companies such as Skyhook Wireless already do. Nobody that I have seen has intelligibly argued that the a map of MAC addresses is a privacy violation, although I suppose that conceivably a stalker can capture your router's MAC address and then query the database whenever you move.

As for emails, passwords and URLs, what motive would Google have for intentionally collecting a few unencrypted packets in passing? It was just an honest mistake, and the sooner governments allow them to delete the payloads, the sooner they will do so.

3)It's slightly creepy when you go around wardriving. When an international corporation which has a always demonstrated an intense interest in profiling its users and mining its users data for advertising purposes, does it, across the planet? That's just slightly different.

Yes, data mining can be scary, but there's no point in turning a company's attempt to come clean into a witch hunt. Google is honest about what they use your data for--to automatically determine which ads to show you. They don't sell your identity to anyone else. They don't limit your choices based on your identity (although search results are personalized, which you can disable). When it comes to specific privacy concerns and security risks, I'd say that Google is pretty benign.

Disclaimer: I used to work at Google.

Re:they didn't "accidentally" collect it

[gmor]

I mean come on...someone would have noticed the drives filling up, wondered why, etc.

By the way, the accidentally collected data fit in only four hard drives (according to Ireland update here). Hardly anything, by Google's standards.

Re:they didn't "accidentally" collect it

[iserlohn]

Accidentially != intentionally

They could have retained packet data to do statistical analysis on the type of communications occurring for example, but did not delete the data afterwards (which is the most likely explanation). There is nothing against any law that allows you to collect unencrypted transmissions in the clear on unlicensed public spectrum. It is given that in such cases, there is no presumption of privacy. In fact, the AG of Connecticut is probably on a fishing expedition to see if the can find any additional cause of action to build up a case. Grandstanding is the best description of this activity. Maybe some sort of strict statutory violation hidden away somewhere.

Re:they didn't "accidentally" collect it

[scdeimos]

I'm a little confused on how giving more people access to the data helps to ameliorate the supposed privacy invasion?

Hear! Hear! This from TFA:

"We’re not asking for names or addresses. We want to see the nature of the data they have," he added.

Um, excuse me? What business is it of yours? They've already told you what types of data have been sniffed. Why do you need to see it?

Re:they didn't "accidentally" collect it

[Errol+backfiring]

Indeed. What's the difference between one burglar breaking into your house or having your house officially opened as a public space for everyone?

Re:they didn't "accidentally" collect it

[AltairDusk]

1)You don't "accidentally" retain sniffed traffic logs of that size, across your entire international operations, for months if not years, "accidentally." See http://gizmodo.com/5671049/google-street-view-cars-collected-emails-and-passwords I mean come on...someone would have noticed the drives filling up, wondered why, etc. These people are supposedly geniuses, right?

First off, they wanted to capture some basic data about WiFi networks, SSID and possibly a few other things, not traffic. If you have a smartphone running iOS or Android (not sure about the others) both of those use WiFi to assist with location services. The way it does so is based on a database lookup of SSID + a few other factors which have been previously gathered by whatever company is running the location database.

Secondly, considering they were capturing that WiFi data along with the massive amount of photos necessary to make StreetView work you actually think the extra sniffed traffic amounted to any noticeable difference in the overall size of the collected data such that someone would express alarm at the size?

Re:they didn't "accidentally" collect it

[he-sk]

Maybe at your local coffee shop or at a hotel? You open your laptop and scan for networks hoping to find an unsecured one - you're now wardriving.

Don't you mean warsitting? Or maybe warstarbucking?

Re:they didn't "accidentally" collect it

[GameboyRMH]

He's also not a programmer, or he'd know how easy it is to accidentally release an app with testing code in it and have it go unnoticed for a long time.

What probably happened is the app was rushed out with the testing code in place, put on Google's internal file servers, where it was then either automatically installed to the Street View Cars, or manually installed by toner change monkeys and interns around the world. Then their hard drives with hundreds of gigabytes or maybe many terabytes of capacity, which store a shit-ton of photographs, also had a relatively tiny database of coordinates etc growing at maybe 3-5 times the rate it should be - you wouldn't notice it for the same reason a you wouldn't notice a spider web growing to 3-5 times its normal size in your attic.

Re:they didn't "accidentally" collect it

[GameboyRMH]

Yeah I can't feel bad for the "victims" here. They send sensitive information, in plaintext, over an unsecured wireless connection, and they're upset that somebody picked up the information they were transmitting out into the world? ZOMG poor babies!!!

Re:they didn't "accidentally" collect it

[slaingod]

Accidentally, probably not. But did the programmer follow good development practices? Yes. In general, programmers are taught to store all inputs. Imagine the following scenario: The programmer DIDN'T log anything (even the wifi data with personal info stripped), and a problem was found with the processing algorithm. Do you think the programmer would have kept his job if the only solution was to send out the trucks again and redrive the routes? The natural response by a programmer is to log the incoming data to avoid that scenario.

It doesn't have to be a conspiracy. It is probably just something that didn't come up in review/planning and the programmer didn't realize it was sensitive since it was just radio data.

Re:they didn't "accidentally" collect it

[GameboyRMH]

Four hard drives is nothing to a huge tech megacorp regardless, but are we talking four 1GB hard drives or four 3TB hard drives here?

Re:they didn't "accidentally" collect it

[amRadioHed]

Why would Google have come out and said they accidentally collected this data if it was actually on purpose? Do you think the company is so stupid that they would intentionally do something illegal, retain the evidence, then tell the world about it?

Re:they didn't "accidentally" collect it

It wasn't accidental. You need to review the official comments of Google in which they admitted they did it intentionally, then later said it was an accident. It's not possible to accidentlly install software in ALL vehicles around the globe that tracks and records MACs and SSIDs encrypted or not.

Just because people are not securing their network doesn't make it public. Many cordless phones aren't encrypted. It is a felony to intercept and listen to private communications. It is felony conspiracy to plan on selling illegally obtained data. Just because it's a computer network instead of a phone network doesn't make the conversation(accessing the web or any other number of things such as Skype) public.

Just because other companies got away with it before doesn't make it less of a crime.

Re:they didn't "accidentally" collect it

[1800maxim]

48 hours != years.

Re:they didn't "accidentally" collect it

You aren’t wardriving unless you put your wireless NIC into promiscuous or monitor mode.

Re:they didn't "accidentally" collect it

[ion.simon.c]

Warsquatting, perhaps?

Re:they didn't "accidentally" collect it

Because people judge themselves by a different standard from other people. Hence populist newspapers know that "We took telephoto pictures of this 17 year old actress in her swimsuit" is a dodgy story that will get some readers angry and cause complaints to advertisers. But phrase it as "Someone took photographs of a 17 year old actress in her swimsuit. See the photographs that she wants banned" and the same readers are anxious to buy a copy.

Irregular verbs again: I am naturally inquisitive, you are nosy, they are invading our privacy.

Re:they didn't "accidentally" collect it

[rdubs]

I mean come on...someone would have noticed the drives filling up, wondered why, etc. These people are supposedly geniuses, right?

they're driving around storing pictures of everything... a few sniffed packets is not going to bloat the data by a noticeable amount.

Re:they didn't "accidentally" collect it

[tjhart85]

1)You don't "accidentally" retain sniffed traffic logs of that size, across your entire international operations, for months if not years, "accidentally." See http://gizmodo.com/5671049/google-street-view-cars-collected-emails-and-passwords I mean come on...someone would have noticed the drives filling up, wondered why, etc. These people are supposedly geniuses, right?

2)There's no political grandstanding here. This is a major privacy invasion. The "grandstanding" has been international, because people are PISSED. Google collected and correlated with location data...MAC addresses and IPs of base stations and client devices. Email addresses. Passwords. URLs. I'm going to be VERY generous and assume that they only captured the sniffed traffic, and not that they intentionally extracted all that from traffic and only stored the extracted data, because that would have been even more obviously-intentional.

3)It's slightly creepy when you go around wardriving. When an international corporation which has a always demonstrated an intense interest in profiling its users and mining its users data for advertising purposes, does it, across the planet? That's just slightly different.

1. Why not? If everything that touched that data from then on was all automated systems that are told to read the first 15 bytes (or whatever), then a red flag might never have gotten raised over the data being too big.

Hell, on MY hard drives, I have data that I intended to delete 4 years ago still floating around. I'm not a giant corporation, I'm just a person who happened to find a bunch of music videos that I was interested in years ago that were supposed to have long since been deleted (they are now), so why is it beyond the realm of possibility that a large corporation wouldn't be able to overlook the exact same data? I mean, I'm sure this data is insignificant in size when compared to the images they were storing at the same time.

2. They are "grandstanding' because (in the US at least), NO LAWS WERE BROKEN! The government wants to confiscate data that was unencrypted in public space from a private company when no laws were broken! If they want this damn data so bad, they can go collect it themselves from the source!

3. Many routers give the option to lower the strength of the signal. You can lower it (trial and error) if you wanted to the point that the signal doesn't leave your house, OR just realize that when you are sending unencrypted data OTA, you have to realize that it's NOT private! Its not hard to fix the issue, all you have to do is encrypt the data on the router. If you do that, it's a crime to decrypt and the entire issue becomes relevant.

so it got lost in a fire

[chronoss2010]

ooops sue us

GoogleGate/GoogleLeaks

[chronoss2010]

ya know i bet they know there is stuff on other politicians hand it now over to the hollywood lawyers at eh justice dept now please....after all its a recession and why pay a politician thats bad when you can bribe him. AND ill ask again what on earth does hte usa govt need DNA samples of world leaders , a lil clone program a happening ?

Anonymous Coward

Most people don't seem to get any point.
Really there are at least 2 points in this althought there could easily be more.
For the 2 simple points.
Very large business trying as hard as it can to lobby for everything it can get.
Many companies spend more on lobbying than RND.
Then you have government.
The very entity that is supposed to reject the lobbyists and govern as directed by the the body they serve.
Basically both are fighting for power because big business has infiltrated government.
The only thing that can stop such nonsence is the one thing that they both have to have in order to even exist.
That one thing is the people.
Getting all the peopelk to not see the issues and start arguing about them among themselves is a very easy diversion for the third contolling party (the people) and allows for the ones who need to fight for power to continue uninterupted.

Re:Do the Right Thing

[TaoPhoenix]

Maybe, but Google is one of the 5 companies I think is smart enough to play the Long-Script game.

Of course they could have played Corporation Games and squashed it, but instead maybe they're using a carefully chosen test-case to get certain predictable events "over with".

Right after the early Dot-Com crash I (among many to be sure) I noticed the Gaping Abyss concept: once the original "This Time Will Be Different" sales-mood of Dot Com 1.0 crashed, I felt that medium-soon we'll just be staring at a bunch of years of "small-village boredom" ahead of us. When small villages become bored, the members get into each other's business with a hyper-sensitive event amplifier. "Oh my gawd, Catcher in the Rye has Bad Words in it!"

Okay, if Web 1.0 was Sales, 2.0 was Sharing, one candidate for 3.0 is Walled Garden & Censorship, and I speculate that 4.0 will be a Privacy Revolt.

Re:Google = NSA

[Stuntmonkey]

What makes you naive people believe that Google wasn't collecting this data at the behest of the NSA ?

The same thing that makes me believe (a) our government is not guarding extraterrestrial technology in Area 51, and (b) the Apollo landings on the moon could not have been fabricated. Conspiracies with more than 20 people never work. Although I admit life would be more interesting if they did.

Re:Do the Right Thing

[Linker3000]

I believe that someone's always playing Corporation Games.

Re:Do the Right Thing

If you're going to put that as your signature from this point forth, you might want to correct your misspelling of "theory."

Re:Do the Right Thing

[dangitman]

Okay, if Web 1.0 was Sales, 2.0 was Sharing, one candidate for 3.0 is Walled Garden & Censorship, and I speculate that 4.0 will be a Privacy Revolt.

How about a revolt against the inane idea that the web has version numbers? Or that the web as a whole even has some sort of overarching narrative?

Re:sig

[TaoPhoenix]

Thanks AC.
I didn't take "Computer Science" .. er... Typing in high school.

Re:Do the Right Thing

[TaoPhoenix]

I'm having fun with the version numbers based on Buzzword Bingo, but I do think there's the overarching narrative effect. Since I'm not that original, I'm pretty sure someone out there has a Citation.

go, collect your own data

[allo]

first let google collect data, then let them give it to you ... least efford data collection.

Re:Google = NSA

You probably could do this with fewer than 20 people. You just need an inside man, and the NSA have plenty of people with the skill level required by Google. He could have just seen the opportunity to insert the logging code. Google wouldn't even need to know.

Of course if this were the case, the NSA already has this information and there's no need for the government to be involved since they already have the information but then it's not like the NSA shares everything with the government.

Re:Do the Right Thing

What is the "Long-Script game" ?

What data would they be collecting that is illegal

What data would they be collecting that is illegal? If they aren't allowed to keep user names AND addresses of actual houses associated, then they can ask google "are you keeping user names and addresses of the house in your logs?" and Google can go "no" or "yes" as necessary.

If they don't believe Google when they say "no", then they can sue based on that and google will turn over TO THE COURT the information to show they are not breaking that law.

This case is rather like hearing that someone got blood on their shirt and then the cops asking for a complete log of all the places they've been to see if there's been a serious assault or murder in any of the places this person has been.

No. You can't do it that way.

Wait -

[Geminii]

The US government is FOR data-sharing now? Igor! Release the Assange clones!

Re:Do the Right Thing

[GameboyRMH]

I assume 2.0 refers to the early-2000s "golden age" of file sharing (in terms of the number of file sharers), and the current social media fits into 3.0 (which I truly hope is a fad and not a new way of doing things...if it's a fad, I think we're approaching the bust point).

Can't wait for 4.0, social media needs to die as a business. Human relationships should not be commercialized.

Storm in a teacup blown out of all proportion

[dbIII]

Most of this is Rupert Murdoch's media sources pointing out that his main competitor for the advertising dollar could be almost as evil as one of his British newspapers. Didn't you all notice the Murdoch media raving for a while about how google was evil even before this mistake landed in their journalists laps?

Bad analogies, all of you!

[GameboyRMH]

First of all this isn't like sending secret info on a postcard. It's like shouting it over a megaphone. Anyone listening can hear it, no special action required.

And like all human brains remember everything they hear whether they like to or not, the flawed software on the Street View cars recorded everything, regardless of what it was.

Re:Bad analogies, all of you!

[91degrees]

No it's not. You need specialised equipment to listen. It may be readily available inexpensively but you actually need to buy it and set it up, and configure it specifically to record this information. It's hard to "accidentally" record this in the same was as you can accidentally overhear someone yelling on a megaphone. It's quite possible to not listen to Wi-fi data.

And while you may well have a fantastic photographic memory, this sort of thing is atypical. Whether I remember everything I hear I certainly can't recall it.

Re:Bad analogies, all of you!

[GameboyRMH]

Specialized equipment? Most regular off-the-shelf wifi adapters can do the job, and there is plenty of free software that can reconfigure the card to do it with one click.

Re:Bad analogies, all of you!

[amRadioHed]

It's not possible to not listen to Wi-fi data when you are trying to collected Wi-fi data, as these trucks were. The just happened to collect extra data that they didn't need.

Re:Bad analogies, all of you!

[91degrees]

Yes. That is specialised equipment. It is equipment that is specifically designed and configured to do this specific job. It's not a side effect of it's general function.

Re:Bad analogies, all of you!

[91degrees]

True.

Why did they need to collect the wi-fi data? I'm a little confused about what service they could use this for.

Re:Bad analogies, all of you!

[GameboyRMH]

Specially configured, maybe, but it is an officially supported function, not a firmware hack or anything, no different from putting your wifi adapter into ad-hoc host mode or searching for APs from a technical standpoint.

And a regular off-the-shelf wifi adapter as found in most off-the-shelf PCs is about as far from specialized as you can get.

Re:Bad analogies, all of you!

[91degrees]

It is equipment that is specialised use to receive wi-fi signals. Yes, a Wi-fi router is a specialised piece of equipment. It specialises in receiving wi-fi signals. Being cheap and reasonably common does not make it any less specialised. Being configured in this way makes it more specialised.

Now, whether you agree with me that this is specialised or not is somewhat beside the point. You don't need any equipment of any sort at all to hear a megaphone. You do need this sort of equipment that has the sole use of receiving wi-fi signals to receive wi-fi signals. It's not like the accidentally installed a wi-fi receiver in the first place or accidentally configured it to record anything.

Re:Bad analogies, all of you!

[amRadioHed]

It was for their own implementation of the SkyHook location service. It uses the Wi-Fi access points within range of your device to determine your location. Apple and Google both used SkyHook in the past before implementing their own databases.

Re:Google = NSA

[GameboyRMH]

The fact that they admitted to it?

Why do they want it?

[HalAtWork]

If the data was gathered illegally, then legally it shouldn't be used for anything. It should be deleted. How is replicating the data going to fix the situation? They shouldn't be looking at it or combing through it, they shouldn't be spreading it around, so why aren't they ordering it deleted? Why do they want the data?

My Location

[jimmetry]

Has anyone else noticed that "My Location" -- the service which allows Google Maps to find your location without GPS by analysing the MAC addresses of the wifi routers around you -- suddenly appeared at around the same time this "accidental" data collection ended up in the news? If the data wasn't harvested for My Location, then where the hell did they get a billion WiFi MAC-address-to-lat-long translations from?

Re:My Location

[amRadioHed]

Umm, the MAC addresses weren't collected accidentally. Google readily admits that they were collecting MAC addresses and location data to build their own version of the SkyHook location database. That's not the issue.

Re:My Location

[jimmetry]

So then what did they collect that's causing such controversy?

Re:My Location

Apparently the WiFi sniffing software they used also recorded payload data from unsecured networks.

"I am the Lord of the Wasteland"... apk

"Whatever exists here is mine..." -> http://it.slashdot.org/comments.pl?sid=1916240&cid=34612834

APK

P.S.=> Including ITT Tech Man, Professor hairyfeet (who got owned by not only proof from myself, but also others here on /., with more by request no less (but, I think what's there does the job - my std. "Kung Fu" has been HUGELY administered, & it was, as-per-my-usual? Man - Just too, Too, TOO EASY... 2 EZ!)). RofFlMaO... apk

accidentally? you're so naive

[1800maxim]

You really think that data collection was purely accidental? And it didn't strike you that they haven't turned the "feature" off between the start of street view mapping and the end of it, which took a lengthy amount of time?

I'm sure the data collected reached its intended destination.

Re:What data would they be collecting that is ille

[Americano]

What data would they be collecting that is illegal? If they aren't allowed to keep user names AND addresses of actual houses associated, then they can ask google "are you keeping user names and addresses of the house in your logs?" and Google can go "no" or "yes" as necessary.

Yes, let's imagine a world where that is the standard of evidence required:

"Mr. Simpson, did you murder your wife?"
"No Your Honor, I did not."
"Okay then, I think we're done here! Have a great day everybody."

Or maybe,

"Mr. Gates, did you use your company's monopoly position to gain an unfair advantage over competitors and unfairly stifle competition?"
"No Your Honor, I certainly did not."
"Well then, since you're wearing glasses and look smart, I have to conclude you're telling the truth. Case dismissed!"

If collecting the data involves intercepting network traffic and recording it, then the collection and warehousing of that data is certainly a legal issue.

To further refine your example, this case is rather like somebody publicly admitting, "I have blood on my shirt, and I recently killed someone," and then sitting back and expecting the police NOT to investigate that public admission of wrongdoing.

says the government to google...

Hey Google! We don't want you to spy on all those people! Says Google to the government: Ok, we understand. This could be used to spy on people, thats bad. We will delete the data and get rid of any possibility of spying. Says the government to Google: NO! No. To ensure that we have all the information, give the information to us. Don't you dare delete it, not one tiny bit. We will take care of the spying part, oh, and of course, make sure that no inappropriate spying goes on... Just give the information to us, give it to us, yes, thats the way, and we will take care of all the whole bad bad spy stuff for you. Oh, and don't you ever do any of this again!

Re:Do the Right Thing

[halltk1983]

You're right. Let's get rid of the bars, clubs, and strip joints.

Hand it over

[ezwip]

I'm curious to see what they collected and they should hand it over. I normally don't agree with statements such as, "If you have nothing to hide it shouldn't matter." However, I keep hearing people say that to me and I'd like to see it apply to companies. Wouldn't that be funny? What you have something to hide how come I can't have access to all of your files? Dur...

Re:Do the Right Thing

[GameboyRMH]

Those don't log your personal info and sell it to advertisers, show your information when you're not physically present, lock you in, or demand that you use your real name, so I'll let them slide.

Re:Long Script Game

[TaoPhoenix]

Where you don't "actually" believe something, but instead you say it because you correctly predicted the next 5 responses. Very very hard to do properly, but if you get it right you get a major victory of some kind.

My best example so far is Apple vs. RIAA and DRM. Apple played it darn near perfectly to shut down random WMA-type DRM.

Re:Do the Right Thing

[TaoPhoenix]

Actually, I had it as one series back -
both Pets.com and "golden age files" is 1.0
I see "info sharing" a la forums and Facebook as the 2.0 that's cresting now.
We're just starting to see ominous abuses of privacy and rights, which makes for a long, dark, 3.0.

So somehow, probably like Digital-Sixties, we'll get really really tired of living Brave New World, 1984, Animal Farm, and Fahrenheit 451, and we'll mashup distibuted stuff, anonymous credit cards, and some new legislation in 2014 as a rebellion.

data security

I feel a lot safer with that data in Google's hands than I do with a copy of it being handed to the US government... I think we all know how good they are at keeping their secrets...

Idiots

[cdrguru]

There probably is no real privacy issue with the data collected. However, what Google did was collect a huge amount of data that makes them the vendor of choice for marketing data on WiFi routers and other wireless devices.

You see, they know all about what people have in their homes and what manufacturers have what penetration in specific geographic areas. So you can see that perhaps D-Link is used more affluent neighborhoods where NetGear is preferred in lower priced apartments. This information is worth millions and you can be sure that Google is selling it.

Collecting this wasn't a mistake no matter how much protesting might be done about it. Collecting packets was absolutely necessary for their mission. It also informed them (and their data customers) how much encryption is being used on these routers. All of this is extremely valuable information and (was) utterly unavailable any other way.

So now we have all participated in Google having something else to sell. I for one thing they should be subjected to 100% taxation on these ill-gotten gains.