Slashdot Mirror
Judge OKs Wiretap Lawsuit Over Google Wi-Fi Sniffing
An anonymous reader writes "Last year Google found itself in hot water after admitting to accidentally collecting payload data from unsecured Wi-Fi networks. Their admission led to a number of investigations and complaints around the globe, and a U.S. District Court Judge has now denied Google's motion to dismiss a class-action lawsuit which alleges the search giant violated federal wiretapping laws. 'Judge James Ware drew a distinction in yesterday's ruling between merely accessing an open WiFi network and actually sniffing the individual packets on that network. In the first case, one is only jumping onto a network to send and receives one own communications; in the second case, one is looking into someone else's communications, and doing so in a way that requires nontrivial technical ability or software.'"
Not even the government follows them. The hypocrisy here is ridiculous. I'd much rather have Google sniffing my SSID than the FBI making a phone call to $TELCO to get warrant-less access to phone records and wiretaps, in addition to the rest of their available tracking tech and methods. The fed should police up their own people and regulations before going after Google.
even if unencrypted, data traveling over Wi-Fi networks is not considered "readily accessible to the general public," he found.
So for the legal buffs out there-- if google can demonstrate compellingly that that reasoning is wrong (in a way that a judge accepts), would google then have any leverage to again file for dismissal, since the reason their motion was overturned would have been removed?
I ask because one might be able to demonstrate that many laptops these days DO intercept unencrypted traffic in order to reveal "non-broadcasting" SSIDs-- in order to reveal their existence, packets must be "intercepted", and their target SSID / MAC shown. Further, as Im sure google will argue, software like Kismet, GrimWEPa, WiFite, Aircrack, et al very trivially and automatically begin gathering traffic; it takes no special expertise these days (after 10 years of progressively better WEP crackers) to do what it seems Google did.
What did they do that's wrong? The dumbasses without encrypted networks were broadcasting their information out to a public road. The Google vehicles were in public when they received the plaintext information. If the people were outside screaming their online banking credentials out loud and Google happened to be driving a car with microphones recording ambient noise at the time, would that be illegal?
I'm using all of my mod points to mod ancient memes down. Please join me.
It's not WHAT they are doing, it's WHO is doing it that is at issue. Google is not law enforcement or government of any kind. And since they were not contracted by the government to do this and they have not collected data to offer to the government, it will not likely get a pass on this. On the other hand, if government thought for a moment that they could benefit from the information Google had collected, you can bet they would have gotten a pass on it just as Blackwater and other contractors got passes for the things they did/do.
If you run an open WAP, you have authorized people to listen to the data going by.
If you do not want that, the protocol provides an official blessed way to say you want your data private.
You get to pick which one you want. Don't pick one and then bitch about your own choice. Punishing google for this WILL set a dangerous precident that will be used against all of us by big corporations in the future. We MUST maintain a world where we are free to listen to unencrypted signals going through our own property.
It's critical. The bigger issue here has nothing to do with google: it's about preserving our OWN freedom.
Before the "people with unprotected networks are stupid and deserve what they get" meme develops, I wanted to get a few thoughts out there. First, there are many good and valid reasons for leaving a wifi network unpassworded. For example a coffee shop may have an open network which users join, then the users info gets sniffed. Second, the google sniffing is more intrusive than a reasonable person would expect. Lets say a guy was using a telescope to spy on you through your window to watch the email you're typing. You could say the user is stupid to not pull the shades on his window, but I would say the guy is being extraordinarily creepy even if what he's doing is legal.
-- Flame me and I will happily flame you back. Bring it!
If the people were outside screaming their online banking credentials out loud and Google happened to be driving a car with microphones recording ambient noise at the time, would that be illegal?
IMO, it would be illegal if you use a high gain microphone and uncommon, expensive equipment. A packet sniffer, for most people, comes straight from spy stories, and it's not much different to placing alligator clips on phone wires. After all, we "broadcast" our phone conversations on public wires that aren't much protected.
The reason is that we deal in perception of privacy. There are no absolutes. However when two persons talk in the street, they believe to have privacy if there is nobody around close enough to overhear their conversation. It's common sense.
There is yet another note. "Broadcasting" means transmission that is intended for everyone to receive. Radio and TV stations broadcast. However cell phones don't broadcast - we say that they establish communication channels, point to point (from the handset to the base station.) Clearly intercepting that communication (however difficult today) would be wiretapping. But what's the difference between the cell phone that carries your protected oral speech and the email that carries your protected written speech? The encryption can't define that, otherwise it would be legal to break into unlocked homes.
No - it is about reasonable expectations for privacy. To some extent we cannot expect absolute privacy with our neighbours, but we should expect that wholesale corporate intrusions to privacy are scorned upon. Could I, for example, point a higjhly sensitive microphone at someone's house, from a public street, and record their conversation? You could say that unencreypted data is public, but you could also argue that doing so violates the interlocutors expectations of privacy.
I wonder how this would go over in states with wire taping laws that require consent from both parties?
The process would be the same as for one-party consent because neither party here was aware of the wiretapping. Google is not a party to the conversation.
As a previous poster mentioned what is different between this and shouting your banking info in a public area and having Google record it?
You can shout your banking information in the middle of a desert and expect to be safe. However Google broke your expectation, however incorrect it was in the first place. Unbeknownst to you, Google buried microphones in the sand, for no reason other than to intercept whatever visitors to the desert might be saying.
We are supposed to be secure in our communication. Written laws don't cover all the ways of communication, and they don't cover all the ways of being secure. It's for a qualified human (known as judge) to decide. The judge have decided based on common sense, not on technicalities. But geeks like to ride on technicalities; if something was technically possible for an attacker to do, then it's OK. Obviously that's not so; almost every door lock can be picked, but it doesn't make it legal to go around and pick locks - even if you only look inside. House windows are transparent, but it doesn't make it legal or moral to go around and peek into windows.
http://www.eff.org/cases/att
Join the Slashcott! Feb 10 thru Feb 17!
Even more than this, if you use a wireless phone then someone with simple radio equipment could easily listen in. Guess what? Still illegal.
What Google did is wrong. I wonder if they were also logging SSIDs for networks with SSID broadcast off? It's trivial to still obtain that SSID, but wouldn't that be circumvention of protection?
IMO, it would be illegal if you use a high gain microphone and uncommon, expensive equipment. A packet sniffer, for most people, comes straight from spy stories, and it's not much different to placing alligator clips on phone wires. After all, we "broadcast" our phone conversations on public wires that aren't much protected.
Phone lines aren't public. They're owned by the ISP. So using alligator clips on phone wires would constitute both b&e as well as destruction of property. Landlines aren't "broadcasted" in any sense of the word. Landline signal only travel in private spaces, therefore there is a reasonable expectation of privacy, unlike open WiFi which is broadcasted to the public space.
The reason is that we deal in perception of privacy. There are no absolutes. However when two persons talk in the street, they believe to have privacy if there is nobody around close enough to overhear their conversation. It's common sense.
When two people shout loudly to each other in the streets, they should have no reasonable expectation of privacy. That's exactly what open WiFi is.
Talking on the street the equivalent of encrypted WiFi, which doesn't apply to this case.
However cell phones don't broadcast - we say that they establish communication channels, point to point (from the handset to the base station.) Clearly intercepting that communication (however difficult today) would be wiretapping.
This is false. Cell phones broadcast unidirectionally on account of their antennae design. You can receive cell phone signals with a $100 scanner from radio shack. I'd hardly call that "uncommon, expensive equipment".
Decrypting those signals on the other hand, is much more difficult.
But what's the difference between the cell phone that carries your protected oral speech and the email that carries your protected written speech? The encryption can't define that, otherwise it would be legal to break into unlocked homes.
The difference is the encryption. Breaking into homes is illegal because there are laws against it. Whether the home is locked or not is irrelevant. There's nothing illegal about receiving public broadcasts, otherwise I would be be jail for all those years of participating in ham radio.
It's not that they listened to the public broadcasts unwittingly, it's that they thought that if a router's owner elected to make their network available to the rest of the world, then it would be available to Google too. They unwittingly thought they were subject to the same reality as everyone else, regardless of their megalithic size which makes people fear and loath them.
People are apparently perfectly fine with showing their network traffic to their neighbors, and to any non-Google wardriver. There's something special about Google in this case, and it's not crazy for Google to have been "unwitting" about that.
Prior to the hunt, you don't always know when you're going to be the witch. Having the contestants be unwitting about what their roles are going to be, is part of what makes the game so fun.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
They saved the information they collected and refused requests for outside overview on how the saved data was handled after capture.